CLSA-2021:1635430087 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737-*.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/http/client.py, Lib/test/test_httplib.py. - CVE-2021-3737 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3733.patch: fix a ReDoS in urllib AbstractBasicAuthHandler in Lib/urllib/request.py. - CVE-2021-3733 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737-*.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/http/client.py, Lib/test/test_httplib.py. - CVE-2021-3737 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3733.patch: fix a ReDoS in urllib AbstractBasicAuthHandler in Lib/urllib/request.py. - CVE-2021-3733

0 cloudlinux-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.14_all.deb 090cce488f110ca03b473454cfe449dd9554721d libpython3.5_3.5.2-2ubuntu0~16.04.14_amd64.deb 04ff96bd97f4b8e2e406c02681db2210d567909f libpython3.5-dev_3.5.2-2ubuntu0~16.04.14_amd64.deb 3f22bf67dd04478ee57b4d91671e7314d645f53e libpython3.5-minimal_3.5.2-2ubuntu0~16.04.14_amd64.deb 0d6753cc7a84830dc28563da33104d5b25d48402 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.14_amd64.deb 35d4712fab3cad00b55ed1309564c9d4d1bf33f8 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.14_all.deb bde3f1d4ae921c656a9726a2cc0b3c22d9bcf88f python3.5_3.5.2-2ubuntu0~16.04.14_amd64.deb 1f1679cea32c000827397b19c1366274f2f12203 python3.5-dev_3.5.2-2ubuntu0~16.04.14_amd64.deb ae5a1e9478f5d00fe11a37a4895919d82485203d python3.5-doc_3.5.2-2ubuntu0~16.04.14_all.deb 3acc326ebdd4f929b13a8fa2ece9dfde2d3eac39 python3.5-examples_3.5.2-2ubuntu0~16.04.14_all.deb 973de11b9c322296c763c9554c9c2eabc8c35c49 python3.5-minimal_3.5.2-2ubuntu0~16.04.14_amd64.deb 09d0f350d8601d00388ca79bec4205bda5fb2208 python3.5-venv_3.5.2-2ubuntu0~16.04.14_amd64.deb 9fe8c9c763f77bb45ea561851c1f5ba1d8246702 CLSA-2021:1635430310 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Fix buffer overflow for years that exceed four digits. - debian/patches/CVE-2017-20005.patch - CVE-2017-20005 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix buffer overflow for years that exceed four digits. - debian/patches/CVE-2017-20005.patch - CVE-2017-20005

0 cloudlinux-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.8_all.deb ccec28ef88fe6746fb6de1a04fc07c6d63c2316a nginx-common_1.10.3-0ubuntu0.16.04.8_all.deb a1be375302593b00b2ba9cf7a7a6ae5086ffb2ea nginx-core_1.10.3-0ubuntu0.16.04.8_amd64.deb 59e0a555c3fb62bd3bca0f3619d13e51063a2346 nginx-doc_1.10.3-0ubuntu0.16.04.8_all.deb 84270239aa4b790e2b5b44c260aa7bb909f86f36 nginx-extras_1.10.3-0ubuntu0.16.04.8_amd64.deb d27a3bded8979ba8637aee52b19654198bbade41 nginx-full_1.10.3-0ubuntu0.16.04.8_amd64.deb aede28284604679f3fb654e58bb4c79a8ecc6d98 nginx-light_1.10.3-0ubuntu0.16.04.8_amd64.deb 2b2f941e84ac77bc0bd01464225d5747716232dd CLSA-2021:1635458969 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Buffer overflow with crafted input - debian/patches/CVE-2021-39275.patch:ap_escape_quotes() may write beyond the end of a buffer when given malicious input - CVE-2021-39275 * SECURITY UPDATE: Malformed requests may cause the server to dereference a NULL pointer - debian/patches/CVE-2021-34798.patch: prevent ap_increment_counts() from pointer dereference without check - CVE-2021-34798 * SECURITY UPDATE: A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. - debian/patches/CVE-2021-40438.patch: add checks for the configured UDS path - CVE-2021-40438 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overflow with crafted input - debian/patches/CVE-2021-39275.patch:ap_escape_quotes() may write beyond the end of a buffer when given malicious input - CVE-2021-39275 * SECURITY UPDATE: Malformed requests may cause the server to dereference a NULL pointer - debian/patches/CVE-2021-34798.patch: prevent ap_increment_counts() from pointer dereference without check - CVE-2021-34798 * SECURITY UPDATE: A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. - debian/patches/CVE-2021-40438.patch: add checks for the configured UDS path - CVE-2021-40438

0 cloudlinux-ubuntu16.04-els apache2_2.4.18-2ubuntu3.19_amd64.deb bf76316e78bca8582c3af182fc31fea31d6bd6fd apache2-bin_2.4.18-2ubuntu3.19_amd64.deb cb086b697dbcb6e31e0483db7bf91b5dfc02cb26 apache2-data_2.4.18-2ubuntu3.19_all.deb 8d2b5b6007ffadc7e1148ffcd9b79b5b91273451 apache2-dev_2.4.18-2ubuntu3.19_amd64.deb e676046bea3de49a935c1d48f8738680232757f7 apache2-doc_2.4.18-2ubuntu3.19_all.deb 8e7e0a38b5465261e7fda6dc7df5fc13d2005964 apache2-suexec-custom_2.4.18-2ubuntu3.19_amd64.deb efefa7357b2247f0ad5a34084cd78b053c756497 apache2-suexec-pristine_2.4.18-2ubuntu3.19_amd64.deb 05344c9bd4a9502c08e8e22fbcc737e8b04e3a32 apache2-utils_2.4.18-2ubuntu3.19_amd64.deb 121d511fd5a2eb4e3fc71cb255761320d9452310 CLSA-2021:1635459129 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Unexpected URL matching with 'MergeSlashes OFF' - debian/patches/CVE-2021-30641.patch: legacy default slash-matching behavior with 'MergeSlashes OFF'. - CVE-2021-30641 * SECURITY UPDATE: heap overflow in mod_session - debian/patches/CVE-2021-26691.patch: A specially crafted SessionHeader sent by an origin server could cause a heap overflow. - CVE-2021-26691 * SECURITY UPDATE: NULL pointer dereference in mod_session - debian/patches/CVE-2021-26690.patch: A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service. - CVE-2021-26690 * SECURITY UPDATE: mod_auth_digest possible stack overflow by one nul byte - debian/patches/CVE-2020-35452.patch: A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. - CVE-2020-35452 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Unexpected URL matching with 'MergeSlashes OFF' - debian/patches/CVE-2021-30641.patch: legacy default slash-matching behavior with 'MergeSlashes OFF'. - CVE-2021-30641 * SECURITY UPDATE: heap overflow in mod_session - debian/patches/CVE-2021-26691.patch: A specially crafted SessionHeader sent by an origin server could cause a heap overflow. - CVE-2021-26691 * SECURITY UPDATE: NULL pointer dereference in mod_session - debian/patches/CVE-2021-26690.patch: A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service. - CVE-2021-26690 * SECURITY UPDATE: mod_auth_digest possible stack overflow by one nul byte - debian/patches/CVE-2020-35452.patch: A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. - CVE-2020-35452

0 cloudlinux-ubuntu16.04-els apache2_2.4.18-2ubuntu3.18_amd64.deb ef707cb2e05ef8adb86eeb38f2f9b76a450450a1 apache2-bin_2.4.18-2ubuntu3.18_amd64.deb cd57a6cf566f9aa896ad270d11ea1f52de2adf0d apache2-data_2.4.18-2ubuntu3.18_all.deb 94b399f56bfa487dd0c1ecfc1bc8824b88c82438 apache2-dev_2.4.18-2ubuntu3.18_amd64.deb 1f803b60bbc372f1cefa0c4d98994070c34c1c96 apache2-doc_2.4.18-2ubuntu3.18_all.deb 6fd20099ea020d6b6879aab57722425a1d0d8796 apache2-suexec-custom_2.4.18-2ubuntu3.18_amd64.deb 37ad085e5a51df70c846cc6bb5203b8af02fcdfa apache2-suexec-pristine_2.4.18-2ubuntu3.18_amd64.deb 5f060e04db6b26f13717d5f8789b4119c7a00651 apache2-utils_2.4.18-2ubuntu3.18_amd64.deb 333cbc9a9b08eb8155d6f903d848497e694b20d3 CLSA-2021:1635459139 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: - CVE-*.patch: backported many upstream patches to fix security issues. - CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131, CVE-2016-4491, CVE-2017-6965, CVE-2017-6966, CVE-2017-6969, CVE-2017-7209, CVE-2017-7210, CVE-2017-7223, CVE-2017-7224, CVE-2017-7225, CVE-2017-7226, CVE-2017-7227, CVE-2017-7299, CVE-2017-7300, CVE-2017-7301, CVE-2017-7302, CVE-2017-7614, CVE-2017-8393, CVE-2017-8394, CVE-2017-8395, CVE-2017-8397, CVE-2017-8396, CVE-2017-8398, CVE-2017-8421, CVE-2017-9038, CVE-2017-9039, CVE-2017-9040, CVE-2017-9042, CVE-2017-9041, CVE-2017-9044, CVE-2017-9742, CVE-2017-9744, CVE-2017-9752, CVE-2017-9745, CVE-2017-9746, CVE-2017-9747, CVE-2017-9748, CVE-2017-9749, CVE-2017-9750, CVE-2017-9751, CVE-2017-9753, CVE-2017-9754, CVE-2017-9755, CVE-2017-9756, CVE-2017-9954, CVE-2017-12448, CVE-2017-12449, CVE-2017-12455, CVE-2017-12457, CVE-2017-12458, CVE-2017-12459, CVE-2017-12450, CVE-2017-12452, CVE-2017-12453, CVE-2017-12454, CVE-2017-12456, CVE-2017-14333, CVE-2017-12451, CVE-2017-12799, CVE-2017-12967, CVE-2017-13710, CVE-2017-14128, CVE-2017-14129, CVE-2017-14130, CVE-2017-14529, CVE-2017-14930, CVE-2017-14932, CVE-2017-14938, CVE-2017-14939, CVE-2017-14940, CVE-2017-15020, CVE-2017-15021, CVE-2017-15022, CVE-2017-15024, CVE-2017-15025, CVE-2017-15225, CVE-2017-15938, CVE-2017-15939, CVE-2017-15996, CVE-2017-16826, CVE-2017-16827, CVE-2017-16828, CVE-2017-16831, CVE-2017-16832, CVE-2017-17080, CVE-2017-17121, CVE-2017-17123, CVE-2017-17124, CVE-2018-6323, CVE-2018-6543, CVE-2018-6759, CVE-2018-7208, CVE-2018-7568, CVE-2018-7569, CVE-2018-7642, CVE-2018-7643, CVE-2018-8945, CVE-2018-13033, CVE-2018-9138, CVE-2018-12641, CVE-2018-12697, CVE-2018-12698, CVE-2018-12699, CVE-2018-12700, CVE-2018-17794, CVE-2018-17985, CVE-2018-18484, CVE-2018-18700, CVE-2018-18701, CVE-2018-10372, CVE-2018-10373, CVE-2018-10534, CVE-2018-10535, CVE-2018-12934, CVE-2018-18483, CVE-2018-17358, CVE-2018-17359, CVE-2018-17360, CVE-2018-18309, CVE-2018-18605, CVE-2018-18606, CVE-2018-18607, CVE-2018-19931, CVE-2018-19932, CVE-2018-20002, CVE-2018-20623, CVE-2018-20671, CVE-2018-1000876, CVE-2017-17125, CVE-2019-9073, CVE-2019-9074, CVE-2019-9075, CVE-2019-9077, CVE-2019-9070, CVE-2019-9071, CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-17450, CVE-2019-17451 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: - CVE-*.patch: backported many upstream patches to fix security issues. - CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131, CVE-2016-4491, CVE-2017-6965, CVE-2017-6966, CVE-2017-6969, CVE-2017-7209, CVE-2017-7210, CVE-2017-7223, CVE-2017-7224, CVE-2017-7225, CVE-2017-7226, CVE-2017-7227, CVE-2017-7299, CVE-2017-7300, CVE-2017-7301, CVE-2017-7302, CVE-2017-7614, CVE-2017-8393, CVE-2017-8394, CVE-2017-8395, CVE-2017-8397, CVE-2017-8396, CVE-2017-8398, CVE-2017-8421, CVE-2017-9038, CVE-2017-9039, CVE-2017-9040, CVE-2017-9042, CVE-2017-9041, CVE-2017-9044, CVE-2017-9742, CVE-2017-9744, CVE-2017-9752, CVE-2017-9745, CVE-2017-9746, CVE-2017-9747, CVE-2017-9748, CVE-2017-9749, CVE-2017-9750, CVE-2017-9751, CVE-2017-9753, CVE-2017-9754, CVE-2017-9755, CVE-2017-9756, CVE-2017-9954, CVE-2017-12448, CVE-2017-12449, CVE-2017-12455, CVE-2017-12457, CVE-2017-12458, CVE-2017-12459, CVE-2017-12450, CVE-2017-12452, CVE-2017-12453, CVE-2017-12454, CVE-2017-12456, CVE-2017-14333, CVE-2017-12451, CVE-2017-12799, CVE-2017-12967, CVE-2017-13710, CVE-2017-14128, CVE-2017-14129, CVE-2017-14130, CVE-2017-14529, CVE-2017-14930, CVE-2017-14932, CVE-2017-14938, CVE-2017-14939, CVE-2017-14940, CVE-2017-15020, CVE-2017-15021, CVE-2017-15022, CVE-2017-15024, CVE-2017-15025, CVE-2017-15225, CVE-2017-15938, CVE-2017-15939, CVE-2017-15996, CVE-2017-16826, CVE-2017-16827, CVE-2017-16828, CVE-2017-16831, CVE-2017-16832, CVE-2017-17080, CVE-2017-17121, CVE-2017-17123, CVE-2017-17124, CVE-2018-6323, CVE-2018-6543, CVE-2018-6759, CVE-2018-7208, CVE-2018-7568, CVE-2018-7569, CVE-2018-7642, CVE-2018-7643, CVE-2018-8945, CVE-2018-13033, CVE-2018-9138, CVE-2018-12641, CVE-2018-12697, CVE-2018-12698, CVE-2018-12699, CVE-2018-12700, CVE-2018-17794, CVE-2018-17985, CVE-2018-18484, CVE-2018-18700, CVE-2018-18701, CVE-2018-10372, CVE-2018-10373, CVE-2018-10534, CVE-2018-10535, CVE-2018-12934, CVE-2018-18483, CVE-2018-17358, CVE-2018-17359, CVE-2018-17360, CVE-2018-18309, CVE-2018-18605, CVE-2018-18606, CVE-2018-18607, CVE-2018-19931, CVE-2018-19932, CVE-2018-20002, CVE-2018-20623, CVE-2018-20671, CVE-2018-1000876, CVE-2017-17125, CVE-2019-9073, CVE-2019-9074, CVE-2019-9075, CVE-2019-9077, CVE-2019-9070, CVE-2019-9071, CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-17450, CVE-2019-17451

0 cloudlinux-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10_amd64.deb f401d1a123dd5805c31b7cc1ff1cbe897adc2cf9 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 2de683597fe74b1985d93caf80cfbd6c74d86fce binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb a02a6bbb7555713f262b582def3dd46d3852bf8e binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10_amd64.deb 0c0fe1a4d70deea5ab2d3a90c769cb0bf0e5f4f4 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10_amd64.deb de81968a6b0808d940150ffe7d851c25f98fe404 binutils-dev_2.26.1-1ubuntu1~16.04.10_amd64.deb cb7442e1b003ca9911ebc793dc45cab184049c6a binutils-doc_2.26.1-1ubuntu1~16.04.10_all.deb 173fd8d38990319d376af35388b5ee5664767a03 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 18d3df68f95af1d43f054d606b1bbd035c8fe460 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 338555108821c75c79796e30a19148c8e98cb3ac binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb e028ef514d092e909d2258a7307f2ce141d3ff7e binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 13a1878ea41d66a0d16d93ef7380872a4cfee01d binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10_amd64.deb a2bb3e4d63bcc3865b3971243b3518e270417678 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10_amd64.deb 0d38420c847234e99534349285477036de66bb36 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 249037d6d01e6e2f901308fc6e33c7ccdea1d224 binutils-multiarch_2.26.1-1ubuntu1~16.04.10_amd64.deb f7fc05c19cd72d40df3c6c9030421aadde74fa23 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10_amd64.deb 99e841dda44718f337b46626afeca01a7ce58c03 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 1fb6dffe005601890d690396249f90ff6ec05aa9 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10_amd64.deb e39f90525d48bc9d7245ede1c132abf8ed29ef76 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 4068fbdf58c06170c3e1542ce72ea11e4038652b binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 516bcdbfc2bde6ce8da7a0af73db6cbbef076925 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb e2bbdffd5da73a89c17110cd4b006ef2501eb901 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 2e3bb5064042c7d46c2111ec2390504e04cc6540 binutils-source_2.26.1-1ubuntu1~16.04.10_all.deb 5882205b2eccc55a1e6bece9227d504b8ed53506 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10_amd64.deb 3d9e3b70bb7ab827b2d25efdad1d0cbe8907bfbf CLSA-2021:1635459149 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: - CVE-2021-3487.patch: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section(). - CVE-2021-3487 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: - CVE-2021-3487.patch: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section(). - CVE-2021-3487

0 cloudlinux-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.9_amd64.deb 3524981591760959f1b07d5744d7c4605046ba83 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb a0d22031b1446a0978134833acf56feb88511f18 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 79e156d32606133b03effa69057476433dd5c8d2 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.9_amd64.deb 37330807957e23b37934455cb8961fc5ecfd020c binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.9_amd64.deb 88c7ece4890554bd97ce0a210f9392fc2ac287f6 binutils-dev_2.26.1-1ubuntu1~16.04.9_amd64.deb 289ef2acc49866de3f7e665bdc287fdcc8cbd32b binutils-doc_2.26.1-1ubuntu1~16.04.9_all.deb 13e08c5522b44281651adc8789b2f280bb116abe binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb ccff8ee6bae7a2de59e9326736df648ecda7f882 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb c053f4c5f3e2251f766bd057bc8abf958ddb893b binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 7fe7596ed32ca876d49a605ab42d55c467995c67 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb e81de81213ec5b1c7a724dd173f9d6ee2c3ed9d0 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.9_amd64.deb 2465c16f56b82df029c8e09b3454c8dd7f3ebcf0 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.9_amd64.deb 93c52156268e46a4c2c400693ce2554d27dbce1d binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 976a3eec8d904763b678700f85fc4c9049c72cf2 binutils-multiarch_2.26.1-1ubuntu1~16.04.9_amd64.deb e05112fa0670cd9be2728b86eac0606f050d3405 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.9_amd64.deb 8d8e525bbe71a0be9d72281a3165b28314733abd binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 6d85125ff843ca1a2534f1e9f2e0cd84e9bb430a binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.9_amd64.deb 368b2e36a34a6155e2dedd37a69f4602d60eafb5 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 40043d21c2234738ec79389e0ad6286acf4b47ee binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 6daa2e4b1b8ab76d19db96e4d3265359252e6a66 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 0614d3226e2bdff37b45e7b529ae2243a92f9530 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb 94937c29c00e3baeee93124c0fd278b5d30bc39b binutils-source_2.26.1-1ubuntu1~16.04.9_all.deb f81835ca3c6dcfe558d670b520e824e39d39c866 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.9_amd64.deb f9c76d1dffda2253839d783233e91d3475cee126 CLSA-2021:1635459154 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: operation on invalid pointer - debian/patches/CVE-2021-28831.patch: decompress_gunzip.c mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. - CVE-2021-28831 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: operation on invalid pointer - debian/patches/CVE-2021-28831.patch: decompress_gunzip.c mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. - CVE-2021-28831

0 cloudlinux-ubuntu16.04-els busybox_1.22.0-15ubuntu1.5_amd64.deb 312c139c5bc48f424ef0096254747f97d0c425db busybox-initramfs_1.22.0-15ubuntu1.5_amd64.deb c384bec1e6e4a1df65aa8f45b9caa0f6e93fa38e busybox-static_1.22.0-15ubuntu1.5_amd64.deb 207a34df43d84d34763302bde72fd1f5e527c65a busybox-syslogd_1.22.0-15ubuntu1.5_all.deb f7e959ce136ca26e1ec40c65c3949439bba9a54b udhcpc_1.22.0-15ubuntu1.5_amd64.deb 0d96af26673c541a55eca80e32e2d69605c5c52c udhcpd_1.22.0-15ubuntu1.5_amd64.deb 0708409797237ea4177320ad1dad4b9a9dd41741 CLSA-2021:1635459163 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Protocol downgrade required TLS bypassed - debian/patches/CVE-2021-22946-pre1.patch: separate FTPS from FTP over HTTPS proxy in lib/ftp.c, lib/urldata.h. - debian/patches/CVE-2021-22946-pre2.patch: support PREAUTH response code in lib/imap.c, lib/imap.h, tests/data/Makefile.inc, tests/data/test846. - debian/patches/CVE-2021-22946.patch: do not ignore --ssl-reqd in lib/ftp.c, lib/imap.c, lib/pop3.c, tests/data/Makefile.inc, tests/data/test984, tests/data/test985, tests/data/test986. - CVE-2021-22946 * SECURITY UPDATE: STARTTLS protocol injection via MITM - debian/patches/CVE-2021-22947.patch: reject STARTTLS server response pipelining in lib/ftp.c, lib/imap.c, lib/pop3.c, lib/smtp.c, tests/data/Makefile.inc, tests/data/test980, tests/data/test981, tests/data/test982, tests/data/test983. - CVE-2021-22947 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Protocol downgrade required TLS bypassed - debian/patches/CVE-2021-22946-pre1.patch: separate FTPS from FTP over HTTPS proxy in lib/ftp.c, lib/urldata.h. - debian/patches/CVE-2021-22946-pre2.patch: support PREAUTH response code in lib/imap.c, lib/imap.h, tests/data/Makefile.inc, tests/data/test846. - debian/patches/CVE-2021-22946.patch: do not ignore --ssl-reqd in lib/ftp.c, lib/imap.c, lib/pop3.c, tests/data/Makefile.inc, tests/data/test984, tests/data/test985, tests/data/test986. - CVE-2021-22946 * SECURITY UPDATE: STARTTLS protocol injection via MITM - debian/patches/CVE-2021-22947.patch: reject STARTTLS server response pipelining in lib/ftp.c, lib/imap.c, lib/pop3.c, lib/smtp.c, tests/data/Makefile.inc, tests/data/test980, tests/data/test981, tests/data/test982, tests/data/test983. - CVE-2021-22947

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.23_amd64.deb b287909a4d56dafba477fec4b4a1ae539c8dfc8a libcurl3_7.47.0-1ubuntu2.23_amd64.deb ed177f897c1ff728bcff965e96aaf73992cd0635 libcurl3-gnutls_7.47.0-1ubuntu2.23_amd64.deb 9b9b995a15f04185aa6ac5543414cc52e6adf254 libcurl3-nss_7.47.0-1ubuntu2.23_amd64.deb fda985fda9e47c05bd2c5a4ad5ae6c85b1b73a63 libcurl4-doc_7.47.0-1ubuntu2.23_all.deb 6ff6632f497ede127d988d0295742ff8783f2f90 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23_amd64.deb d8a0d1f7debd236ffcc60fd6ac10d8fb59fbf730 libcurl4-nss-dev_7.47.0-1ubuntu2.23_amd64.deb aef3126ad072bb671931c80adf6a9ce04bd224d9 libcurl4-openssl-dev_7.47.0-1ubuntu2.23_amd64.deb b0db9bed1cfd2e7d9da9d90cc9121fecf39e29ee CLSA-2021:1635459168 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: fix connection reuse checks - debian/patches/CVE-2021-22924.patch: fix connection reuse checks - for issuer cert and case sensitivity in lib/vtls/vtls.c - CVE-2021-22924 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix connection reuse checks - debian/patches/CVE-2021-22924.patch: fix connection reuse checks - for issuer cert and case sensitivity in lib/vtls/vtls.c - CVE-2021-22924

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.22_amd64.deb eca2cc1ef752c96032791ddffbc88ca9f742256d libcurl3_7.47.0-1ubuntu2.22_amd64.deb 69955c1f58d091623de5c1605fe7269c4b4db009 libcurl3-gnutls_7.47.0-1ubuntu2.22_amd64.deb b9e7c3362af745bb6d4bbb3f43816abfcd7ec718 libcurl3-nss_7.47.0-1ubuntu2.22_amd64.deb 01ec9be0a0a253ef697fd4e7ca8cfb2047265234 libcurl4-doc_7.47.0-1ubuntu2.22_all.deb 096bd304f720103565ece75925d1098d64a143ef libcurl4-gnutls-dev_7.47.0-1ubuntu2.22_amd64.deb c4c41cde2e822e99e76a5d9d0895021109d1266b libcurl4-nss-dev_7.47.0-1ubuntu2.22_amd64.deb 7b43abf2e8b60c6217f37ac9700da2e64d75c0f2 libcurl4-openssl-dev_7.47.0-1ubuntu2.22_amd64.deb 93f43aa271af2fddfa85fbf7c3aa734b02b68b80 CLSA-2021:1635459174 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: TELNET stack contents disclosure again - debian/patches/CVE-2021-22925.patch: check sscanf() for correct number - of matches in lib/telnet.c - CVE-2021-22925 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: TELNET stack contents disclosure again - debian/patches/CVE-2021-22925.patch: check sscanf() for correct number - of matches in lib/telnet.c - CVE-2021-22925

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.21_amd64.deb b2a4c302b99f4fa757b349497438d8f270276ef7 libcurl3_7.47.0-1ubuntu2.21_amd64.deb bca6a2115ea4022f66a01b8c1b468ca6dfb17f77 libcurl3-gnutls_7.47.0-1ubuntu2.21_amd64.deb bcaaa5d3767b7fd43673a47e0bb3ed6bc9531d20 libcurl3-nss_7.47.0-1ubuntu2.21_amd64.deb 807df0dc761dac4aff8198880ed8b4d48ad79f2b libcurl4-doc_7.47.0-1ubuntu2.21_all.deb 4bcbbf4982b67f2fbb6ce4234fa7d510e4a33b15 libcurl4-gnutls-dev_7.47.0-1ubuntu2.21_amd64.deb 2b0140bb6ef06429d51e6362f02664be6e0e72e8 libcurl4-nss-dev_7.47.0-1ubuntu2.21_amd64.deb 2197c268c602c70f5d7ab84bd411edb122221d8f libcurl4-openssl-dev_7.47.0-1ubuntu2.21_amd64.deb 4f907778e298911cd69dae457639a0adff3aad4d CLSA-2021:1635459182 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: TELNET stack contents disclosure - debian/patches/CVE-2021-22898.patch: check sscanf() for correct number of matches in lib/telnet.c - CVE-2021-22898 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: TELNET stack contents disclosure - debian/patches/CVE-2021-22898.patch: check sscanf() for correct number of matches in lib/telnet.c - CVE-2021-22898

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.20_amd64.deb 3572c731cbc356341e972c8849900b925cee400f libcurl3_7.47.0-1ubuntu2.20_amd64.deb 391f7a52cad05fbf59824ab677dca3c415af4dfb libcurl3-gnutls_7.47.0-1ubuntu2.20_amd64.deb df5ecb6754ec95898046c50f475184dfaaf1fed0 libcurl3-nss_7.47.0-1ubuntu2.20_amd64.deb e12e51ddd581c08d188ed6109d0f1cd8caa8698d libcurl4-doc_7.47.0-1ubuntu2.20_all.deb 9a3ee5114ccc36aeb5ecf5f0fc2780ee83cca23e libcurl4-gnutls-dev_7.47.0-1ubuntu2.20_amd64.deb 0313dc4041f6eb05ee2b6ceef5598eb065df2ab3 libcurl4-nss-dev_7.47.0-1ubuntu2.20_amd64.deb abfd3fb398198cac5beced209a1ed69407ea8cf6 libcurl4-openssl-dev_7.47.0-1ubuntu2.20_amd64.deb 4c61209813637c435859a3d14102c74a47cdb753 CLSA-2021:1635459187 Copyright 2021 Cloud Linux Inc 0 * debian/patches/any/add-pthread-attr-copy.patch: adopt pthread_attr_copy functionality. * debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it. * SECURITY UPDATE: Use-after-free in mq_notify - debian/patches/any/CVE-2021-33574.patch: use __pthread_attr_copy to completely duplicate thread attribute, avoid NULL pointer dereference in helper_thread as per CVE-2021-38604. - CVE-2021-33574 - CVE-2021-38604 * SECURITY UPDATE: Out-of-bounds read in wordexp - debian/patches/any/CVE-2021-35942.patch: use strtoul and 'unsigned long' to prevent signed integer overflow in array index. - CVE-2021-35942 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* debian/patches/any/add-pthread-attr-copy.patch: adopt pthread_attr_copy functionality. * debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it. * SECURITY UPDATE: Use-after-free in mq_notify - debian/patches/any/CVE-2021-33574.patch: use __pthread_attr_copy to completely duplicate thread attribute, avoid NULL pointer dereference in helper_thread as per CVE-2021-38604. - CVE-2021-33574 - CVE-2021-38604 * SECURITY UPDATE: Out-of-bounds read in wordexp - debian/patches/any/CVE-2021-35942.patch: use strtoul and 'unsigned long' to prevent signed integer overflow in array index. - CVE-2021-35942

0 cloudlinux-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.4_all.deb 89de692b52a66efc7d644373920183295da25eb1 glibc-source_2.23-0ubuntu11.4_all.deb 4de74f03cbcf93e723f349ad80151802d637a627 libc-bin_2.23-0ubuntu11.4_amd64.deb b754ef1684aa26047a7ad24eb2c9a789aa061ab1 libc-dev-bin_2.23-0ubuntu11.4_amd64.deb ea6357a5531fd3cd0e887c9576488240ab049280 libc6_2.23-0ubuntu11.4_amd64.deb 86ab2dbd783b31e62809d5a5601b23a7c64b7841 libc6-dev_2.23-0ubuntu11.4_amd64.deb 2548aed113ec07727e359bcfa181ad29c9f87db9 libc6-dev-i386_2.23-0ubuntu11.4_amd64.deb 03bda68556a856ac9b099974146d17d80cff7a6f libc6-dev-x32_2.23-0ubuntu11.4_amd64.deb 5a14849d4ca37342d55f8014bf99990bfada90f1 libc6-i386_2.23-0ubuntu11.4_amd64.deb 67bc42a77d1109ca5b31aa24edcca80a22b3778f libc6-pic_2.23-0ubuntu11.4_amd64.deb 5178ba2d038477d2ad019166fdba221c535b7a1a libc6-x32_2.23-0ubuntu11.4_amd64.deb eed5fc89ac7e92d85738aec21ac458970bc4a936 locales_2.23-0ubuntu11.4_all.deb 693f332d6b1677b19ee7f9cb205dc9c13e0abb95 locales-all_2.23-0ubuntu11.4_amd64.deb dbebce860fac60a344d07873fced9d7e60331b8d multiarch-support_2.23-0ubuntu11.4_amd64.deb 2a9a623ddd8660956ef7617fee60171b4861d7fa nscd_2.23-0ubuntu11.4_amd64.deb c51fd31a0cc35636510faf56dd512c30547d9e8e CLSA-2021:1635459194 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: undefined behavior - debian/patches/CVE-2020-27766.patch: fix undefined behavior in the form of values outside the range of 'unsigned long' type. - CVE-2020-27766 * SECURITY UPDATE: division by zero - debian/patches/CVE-2021-*.patch: fix potential division by zero in many places. - CVE-2021-20176, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244, CVE-2021-20246, CVE-2021-20309, CVE-2021-20311 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2021-20312.patch: fix potential integer overflow in coders/thumbnail.c which can affect system availability. - CVE-2021-20312 * SECURITY UPDATE: data leak - debian/patches/CVE-2021-20313.patch: ensure memory is always zeroed in magick/memory.c. - CVE-2021-20313 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: undefined behavior - debian/patches/CVE-2020-27766.patch: fix undefined behavior in the form of values outside the range of 'unsigned long' type. - CVE-2020-27766 * SECURITY UPDATE: division by zero - debian/patches/CVE-2021-*.patch: fix potential division by zero in many places. - CVE-2021-20176, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244, CVE-2021-20246, CVE-2021-20309, CVE-2021-20311 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2021-20312.patch: fix potential integer overflow in coders/thumbnail.c which can affect system availability. - CVE-2021-20312 * SECURITY UPDATE: data leak - debian/patches/CVE-2021-20313.patch: ensure memory is always zeroed in magick/memory.c. - CVE-2021-20313

0 cloudlinux-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17_amd64.deb 99aac7fb00a593c94d7b5c9ed3ef905f09346bd2 imagemagick-6.q16_6.8.9.9-7ubuntu5.17_amd64.deb ead42a4da1f92629716fdc11176fa363f6e5040d imagemagick-common_6.8.9.9-7ubuntu5.17_all.deb 39a6ed3e339e9366f4f15faf26cd73ac5d12747f imagemagick-doc_6.8.9.9-7ubuntu5.17_all.deb 34f65501494d619b998b1589b14b5d80fac48b7e libimage-magick-perl_6.8.9.9-7ubuntu5.17_all.deb f4638da307ade13034fae29be74bf0d6e0c902c3 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17_amd64.deb e6c5fd1748b13e13df1a4a54f1be34d345136a61 libmagick++-6-headers_6.8.9.9-7ubuntu5.17_all.deb 7b08752acd3800534c76c1345681d2bbc7119c65 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17_amd64.deb 9b67f6e147b3a8d6d9daecd4bad51d89e7eebeff libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17_amd64.deb b62201a966a8a9156a07b0b79501905e7ee21b23 libmagick++-dev_6.8.9.9-7ubuntu5.17_all.deb 61a7b743780f52bcf1f1e9b323fe2757921e3d63 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17_amd64.deb b93c25cdb966fc6f4f43f967c6ba35daadd62f4d libmagickcore-6-headers_6.8.9.9-7ubuntu5.17_all.deb f92494915012dfaa47a695836a32c2d7a17861d5 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17_amd64.deb b875c2055bf7102956d83fb94d9e5e0b0e5dc523 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17_amd64.deb 8a282c1fac4bcc55f84c6237b9cff54c44e042bc libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17_amd64.deb b833dbcc78625bdd24bcb38f17fd49a8d9b3251f libmagickcore-dev_6.8.9.9-7ubuntu5.17_all.deb 6554df1d6fd69b8216e5bf4bba16db35f18fe70d libmagickwand-6-headers_6.8.9.9-7ubuntu5.17_all.deb f2c063db12971c875ed3b42d67194eaff756fd4a libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17_amd64.deb ae15ae5574fe1eaa6ba88d001500abd26a388bca libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17_amd64.deb 1722c851e5e400be187a5c849b4d274fa6678bec libmagickwand-dev_6.8.9.9-7ubuntu5.17_all.deb f49d07675f907baf721fbcded266c7843d7f9cb0 perlmagick_6.8.9.9-7ubuntu5.17_all.deb a6ddb00319277478c3a513704e40892b35b912c4 CLSA-2021:1635459202 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: New microcode data file 2021-06-08 + New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 + Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 - CVE-2021-24489, INTEL-TA-00442 - CVE-2020-24511, INTEL-TA-00464 - CVE-2020-24512, INTEL-TA-00464 - CVE-2020-24513, INTEL-TA-00465 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2021-06-08 + New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 + Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 - CVE-2021-24489, INTEL-TA-00442 - CVE-2020-24511, INTEL-TA-00464 - CVE-2020-24512, INTEL-TA-00464 - CVE-2020-24513, INTEL-TA-00465

0 cloudlinux-ubuntu16.04-els intel-microcode_3.20210608.0ubuntu0.16.04.1+cloudlinux.els1_amd64.deb 50ae32b86052f9bfebe42b0a6fa4a61cd22fbadf CLSA-2021:1635459208 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: buffer overrun in common code (parse_X) - debian/patches/CVE-2021-25217.patch: fix incorrect order of operations in common/parse.c. - CVE-2021-25217 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overrun in common code (parse_X) - debian/patches/CVE-2021-25217.patch: fix incorrect order of operations in common/parse.c. - CVE-2021-25217

0 cloudlinux-ubuntu16.04-els isc-dhcp-client_4.3.3-5ubuntu12.11_amd64.deb 2e7e5de735313ea9c44791073aae3c93df9a41b9 isc-dhcp-client-ddns_4.3.3-5ubuntu12.11_amd64.deb d2e4a7b3e0c3e94522491d4257327156dede5589 isc-dhcp-common_4.3.3-5ubuntu12.11_amd64.deb 15173c009ba3310c301e885a228f8557f9630aba isc-dhcp-dev_4.3.3-5ubuntu12.11_amd64.deb dd7a0c1540cef672d73d3192f8747147e48fd2e3 isc-dhcp-relay_4.3.3-5ubuntu12.11_amd64.deb a22fc9fa7869caec26676b607b292bcab1f0b461 isc-dhcp-server_4.3.3-5ubuntu12.11_amd64.deb e30cdbd2ebe6ef1bdfcc91a3684a23dd7b4fde4d isc-dhcp-server-ldap_4.3.3-5ubuntu12.11_amd64.deb 28dacc0f87c0f4f6890acffb12f4188275302261 CLSA-2021:1635459213 Copyright 2021 Cloud Linux Inc 0 * debian/patches/any/add-pthread-attr-copy.patch: adopt pthread_attr_copy functionality. * debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it. * SECURITY UPDATE: Use-after-free in mq_notify - debian/patches/any/CVE-2021-33574.patch: use __pthread_attr_copy to completely duplicate thread attribute, avoid NULL pointer dereference in helper_thread as per CVE-2021-38604. - CVE-2021-33574 - CVE-2021-38604 * SECURITY UPDATE: Out-of-bounds read in wordexp - debian/patches/any/CVE-2021-35942.patch: use strtoul and 'unsigned long' to prevent signed integer overflow in array index. - CVE-2021-35942 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* debian/patches/any/add-pthread-attr-copy.patch: adopt pthread_attr_copy functionality. * debian/patches/any/add-test-for-pthread-attr-copy.patch: add test case for it. * SECURITY UPDATE: Use-after-free in mq_notify - debian/patches/any/CVE-2021-33574.patch: use __pthread_attr_copy to completely duplicate thread attribute, avoid NULL pointer dereference in helper_thread as per CVE-2021-38604. - CVE-2021-33574 - CVE-2021-38604 * SECURITY UPDATE: Out-of-bounds read in wordexp - debian/patches/any/CVE-2021-35942.patch: use strtoul and 'unsigned long' to prevent signed integer overflow in array index. - CVE-2021-35942

0 cloudlinux-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.4_all.deb 89de692b52a66efc7d644373920183295da25eb1 glibc-source_2.23-0ubuntu11.4_all.deb 4de74f03cbcf93e723f349ad80151802d637a627 libc-bin_2.23-0ubuntu11.4_amd64.deb b754ef1684aa26047a7ad24eb2c9a789aa061ab1 libc-dev-bin_2.23-0ubuntu11.4_amd64.deb ea6357a5531fd3cd0e887c9576488240ab049280 libc6_2.23-0ubuntu11.4_amd64.deb 86ab2dbd783b31e62809d5a5601b23a7c64b7841 libc6-dev_2.23-0ubuntu11.4_amd64.deb 2548aed113ec07727e359bcfa181ad29c9f87db9 libc6-dev-i386_2.23-0ubuntu11.4_amd64.deb 03bda68556a856ac9b099974146d17d80cff7a6f libc6-dev-x32_2.23-0ubuntu11.4_amd64.deb 5a14849d4ca37342d55f8014bf99990bfada90f1 libc6-i386_2.23-0ubuntu11.4_amd64.deb 67bc42a77d1109ca5b31aa24edcca80a22b3778f libc6-pic_2.23-0ubuntu11.4_amd64.deb 5178ba2d038477d2ad019166fdba221c535b7a1a libc6-x32_2.23-0ubuntu11.4_amd64.deb eed5fc89ac7e92d85738aec21ac458970bc4a936 locales_2.23-0ubuntu11.4_all.deb 693f332d6b1677b19ee7f9cb205dc9c13e0abb95 locales-all_2.23-0ubuntu11.4_amd64.deb dbebce860fac60a344d07873fced9d7e60331b8d multiarch-support_2.23-0ubuntu11.4_amd64.deb 2a9a623ddd8660956ef7617fee60171b4861d7fa nscd_2.23-0ubuntu11.4_amd64.deb c51fd31a0cc35636510faf56dd512c30547d9e8e CLSA-2021:1635459219 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: unhandled memory allocation error in gdImageGd2Ptr - debian/patches/CVE-2021-40145.patch: check for non-zero return code from _gdImageGd2 - CVE-2021-40145 * SECURITY UPDATE: unhandled value returned from gdPutBuf - debian/patches/CVE-2021-40812.patch: handle possible gdPutBuf error in _gdImageBmpCtx and _gdImageWebpCtx CVE-2021-40812 * SECURITY UPDATE: unhandled value returned from gdGetBuf - debian/patches/CVE-2021-38115.patch: handle possible gdGetBuf error in read_header_tga CVE-2021-38115 * SECURITY UPDATE: handle possible heap buffer overread - debian/patches/CVE-2017-6363.patch: make sure transparent index is within bounds of the palette CVE-2017-6363 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: unhandled memory allocation error in gdImageGd2Ptr - debian/patches/CVE-2021-40145.patch: check for non-zero return code from _gdImageGd2 - CVE-2021-40145 * SECURITY UPDATE: unhandled value returned from gdPutBuf - debian/patches/CVE-2021-40812.patch: handle possible gdPutBuf error in _gdImageBmpCtx and _gdImageWebpCtx CVE-2021-40812 * SECURITY UPDATE: unhandled value returned from gdGetBuf - debian/patches/CVE-2021-38115.patch: handle possible gdGetBuf error in read_header_tga CVE-2021-38115 * SECURITY UPDATE: handle possible heap buffer overread - debian/patches/CVE-2017-6363.patch: make sure transparent index is within bounds of the palette CVE-2017-6363

0 cloudlinux-ubuntu16.04-els libgd-dev_2.1.1-4ubuntu0.16.04.13_amd64.deb 06588e4f5f29bbd9ddbe51a2f33ee8f2aadeee45 libgd-tools_2.1.1-4ubuntu0.16.04.13_amd64.deb 38b8d3968a23b4936e79769342507d30a9f26635 libgd3_2.1.1-4ubuntu0.16.04.13_amd64.deb eab554e16bac831d5987ab94aa38f80874ddcc80 CLSA-2021:1635459227 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Update to 5.7.35 to fix security issues - CVE-2021-2342, CVE-2021-2372, CVE-2021-2385, CVE-2021-2389, CVE-2021-2390, CVE-2021-2146, CVE-2021-2154, CVE-2021-2162, CVE-2021-2166, CVE-2021-2169, CVE-2021-2171, CVE-2021-2179, CVE-2021-2180, CVE-2021-2194, CVE-2021-2226, CVE-2021-2307 * debian/patches/grant_user_lock.patch: fix test which failed during build under root * debian/patches/off_root_tests.patch: disable mysqld_daemon and mysqld_safe tests under root due to known issues with these tests. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.35 to fix security issues - CVE-2021-2342, CVE-2021-2372, CVE-2021-2385, CVE-2021-2389, CVE-2021-2390, CVE-2021-2146, CVE-2021-2154, CVE-2021-2162, CVE-2021-2166, CVE-2021-2169, CVE-2021-2171, CVE-2021-2179, CVE-2021-2180, CVE-2021-2194, CVE-2021-2226, CVE-2021-2307 * debian/patches/grant_user_lock.patch: fix test which failed during build under root * debian/patches/off_root_tests.patch: disable mysqld_daemon and mysqld_safe tests under root due to known issues with these tests.

0 cloudlinux-ubuntu16.04-els libmysqlclient-dev_5.7.35-0ubuntu0.16.04.1.1_amd64.deb db605033879f5064808915e3901c7416049d7538 libmysqlclient20_5.7.35-0ubuntu0.16.04.1.1_amd64.deb 56f9e7ab479f79454985ec185264e9f90fcae171 libmysqld-dev_5.7.35-0ubuntu0.16.04.1.1_amd64.deb bef1114cf9dc026a49550caa3043a6364b25c451 mysql-client_5.7.35-0ubuntu0.16.04.1.1_all.deb d37c82dfad3793a73a245f73ad3e5f170717ac05 mysql-client-5.7_5.7.35-0ubuntu0.16.04.1.1_amd64.deb 070d9aa9cc304eaeb2e660be19d975d57d813b9e mysql-client-core-5.7_5.7.35-0ubuntu0.16.04.1.1_amd64.deb 5007b410790350076c391d815ccb5864d66dc906 mysql-common_5.7.35-0ubuntu0.16.04.1.1_all.deb c21c2746330754321d30e8f72de38d3ca57d4f71 mysql-server_5.7.35-0ubuntu0.16.04.1.1_all.deb bb98d923fa06a789346f37a41c0b1688242cd61c mysql-server-5.7_5.7.35-0ubuntu0.16.04.1.1_amd64.deb 9737e2c61fdc28fc98b97fb49431e30e686e3f73 mysql-server-core-5.7_5.7.35-0ubuntu0.16.04.1.1_amd64.deb 327ea61ab5b478f68ebc75cc7e799213651fd752 mysql-source-5.7_5.7.35-0ubuntu0.16.04.1.1_amd64.deb 2adc9e1ff0643e525428d42274bf9ceab2b96fbc mysql-testsuite_5.7.35-0ubuntu0.16.04.1.1_all.deb 43e19e5aba4eb8d19a026f5e523c7fa471ba02c1 mysql-testsuite-5.7_5.7.35-0ubuntu0.16.04.1.1_amd64.deb e6a2912bc09fc5ef2a36ea173dd20a8d4b8411e4 CLSA-2021:1635459232 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: crash in systemd leading to a kernel panic - debian/patches/CVE-2021-33910.patch: use strdup instead of strdupa to avoid stack memory exhaustion. - CVE-2021-33910 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: crash in systemd leading to a kernel panic - debian/patches/CVE-2021-33910.patch: use strdup instead of strdupa to avoid stack memory exhaustion. - CVE-2021-33910

0 cloudlinux-ubuntu16.04-els libnss-myhostname_229-4ubuntu21.32_amd64.deb d5d2428fef03a6564e3169a55b928445840642c8 libnss-mymachines_229-4ubuntu21.32_amd64.deb e8b3ccf85db35d83579562fd38373dccdff0f23b libnss-resolve_229-4ubuntu21.32_amd64.deb 0ab34dfcb5f0f24e0f52413b56cdabd116d4594c libpam-systemd_229-4ubuntu21.32_amd64.deb 9ef6a9144292fc141b614837852687f8893f2185 libsystemd-dev_229-4ubuntu21.32_amd64.deb ad9f585c73929efe2c7337626da916b857c4a920 libsystemd0_229-4ubuntu21.32_amd64.deb d8f6981f6fe342507d1ea8738fae989d17a6b360 libudev-dev_229-4ubuntu21.32_amd64.deb acf2bf857681e08531a61cccdb3720b33b4453d2 libudev1_229-4ubuntu21.32_amd64.deb ce2ef5ed6f465dcee9bfe90a5322e4213a1b5708 systemd_229-4ubuntu21.32_amd64.deb 398564254edae20aa9ff83bce6e237d7dc9ca228 systemd-container_229-4ubuntu21.32_amd64.deb 2c50c902fc5b21a5b87e16c5c7012ef1096b0f3f systemd-coredump_229-4ubuntu21.32_amd64.deb ac26e6d2435fa9206d04818c6f9b9076342de760 systemd-journal-remote_229-4ubuntu21.32_amd64.deb 1a083d1af7eb9671b11dad2d7450cb06b85f9e84 systemd-sysv_229-4ubuntu21.32_amd64.deb bf61690a7e6e4cba2d9622253901cb33f07015b4 udev_229-4ubuntu21.32_amd64.deb ce620f9bf7a069f796477ad4e8ff74f649d8864b CLSA-2021:1635459240 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: DoS via DHCP FORCERENEW - debian/patches/CVE-2020-13529.patch: tentatively ignore FORCERENEW command in src/libsystemd-network/sd-dhcp-client.c. - CVE-2020-13529 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DoS via DHCP FORCERENEW - debian/patches/CVE-2020-13529.patch: tentatively ignore FORCERENEW command in src/libsystemd-network/sd-dhcp-client.c. - CVE-2020-13529

0 cloudlinux-ubuntu16.04-els libnss-myhostname_229-4ubuntu21.33_amd64.deb 1004231be36caca36ff9cac306ae047dc173d1a5 libnss-mymachines_229-4ubuntu21.33_amd64.deb aece7793ea45ca08020f10e5b710c05adc2836d8 libnss-resolve_229-4ubuntu21.33_amd64.deb a7ce4ecbf81a71c2ae774c5dddd4b3da78256a11 libpam-systemd_229-4ubuntu21.33_amd64.deb d8ead0b2e3916f72e10e8760e204b6b54587d021 libsystemd-dev_229-4ubuntu21.33_amd64.deb 38ae590d399ed1469df8f4344fe9e7b1a72a6ded libsystemd0_229-4ubuntu21.33_amd64.deb 76539a5e6fd4d4b314ad26636590855b7a0023ae libudev-dev_229-4ubuntu21.33_amd64.deb f2448479d55afa8ec3d0d19ee74bf0b0ad27277a libudev1_229-4ubuntu21.33_amd64.deb 678658a04485eb51804bfd154399cf0d707be87c systemd_229-4ubuntu21.33_amd64.deb 4eb82ba3c9d16a64e1b001067a23fdbb63136e4c systemd-container_229-4ubuntu21.33_amd64.deb 762107cd414d0960f6fd8ad7b636073298aa8268 systemd-coredump_229-4ubuntu21.33_amd64.deb 850b6e39d06b89b4d9208f43d64358239fce5b5f systemd-journal-remote_229-4ubuntu21.33_amd64.deb d9e9adcdee66a9bdf1917cbeceed4b73b1c1d0c5 systemd-sysv_229-4ubuntu21.33_amd64.deb 35ff0ef1a40198b786e3f175e3f1ac85b6e4ebd8 udev_229-4ubuntu21.33_amd64.deb 77992d4a629b26cf2d412ee6e94a458b1d2e4d65 CLSA-2021:1635459277 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. - CVE-2021-23240 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. - CVE-2021-23240

0 cloudlinux-ubuntu16.04-els sudo_1.8.16-0ubuntu1.11_amd64.deb ff0416c54c25d5025df04623c92190a615b64291 sudo-ldap_1.8.16-0ubuntu1.11_amd64.deb f199d42378652790f576f464dc7c421b62d227af CLSA-2021:1635459285 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: memory leak leading to denial of service - debian/patches/CVE-2021-28651.patch: free temporary buffer in urnParseReply in src/urn.cc. - CVE-2021-28651 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory leak leading to denial of service - debian/patches/CVE-2021-28651.patch: free temporary buffer in urnParseReply in src/urn.cc. - CVE-2021-28651

0 cloudlinux-ubuntu16.04-els squid_3.5.12-1ubuntu7.17_amd64.deb 01348a9169962384927d449bf921e557900d9287 squid-cgi_3.5.12-1ubuntu7.17_amd64.deb aa21ebc3166f02b9f31dafc73499059a3e937304 squid-common_3.5.12-1ubuntu7.17_all.deb 9e69a2f5f15f714fe66298749af85b5d3af77438 squid-purge_3.5.12-1ubuntu7.17_amd64.deb 92ba31af05dbca1745935e664860a7a8acd13b38 squid3_3.5.12-1ubuntu7.17_all.deb 53f5b56c9ea9b0609307a77f07d4d06491ac95a2 squidclient_3.5.12-1ubuntu7.17_amd64.deb 4da4af7ca11c28acfbdca765ed75941f9b7172e0 CLSA-2021:1635459350 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name - debian/patches/fix-off-by-one-heap-write-vulnerability.patch - CVE-2021-23017 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name - debian/patches/fix-off-by-one-heap-write-vulnerability.patch - CVE-2021-23017

0 cloudlinux-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.6_all.deb 536f782b79bae198288f9bb6e67dce679be83b25 nginx-common_1.10.3-0ubuntu0.16.04.6_all.deb 580a24a1bf55497f96689336bec777b11e89aad4 nginx-core_1.10.3-0ubuntu0.16.04.6_amd64.deb 308f0e084c0e5fcd3a6a7a4cf6195ceb623d187b nginx-doc_1.10.3-0ubuntu0.16.04.6_all.deb 823027beabc3d47b748290fef57c8a1a3049237c nginx-extras_1.10.3-0ubuntu0.16.04.6_amd64.deb 33bbb8401644f86e8f6da16c5e34ae4e93cb3fbf nginx-full_1.10.3-0ubuntu0.16.04.6_amd64.deb 8af27943a3ccb6fdf9a8ce64b35349e4de0b8ba9 nginx-light_1.10.3-0ubuntu0.16.04.6_amd64.deb c62a6fd6dfc00f73208fdbdb22b13f138e8e497b CLSA-2021:1635459358 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Update fix for CVE-2021-23017 accoding nginx.org recomendations - debian/patches/cve-2021-23017.patch - CVE-2021-23017 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update fix for CVE-2021-23017 accoding nginx.org recomendations - debian/patches/cve-2021-23017.patch - CVE-2021-23017

0 cloudlinux-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.7_all.deb 16c16359473be59adacb84c0d976664ffe6e4ddf nginx-common_1.10.3-0ubuntu0.16.04.7_all.deb 868dca2260ec90b481d0ef1da4619611338d64f1 nginx-core_1.10.3-0ubuntu0.16.04.7_amd64.deb c0e6035304c49c1103d170f7decbffa910196639 nginx-doc_1.10.3-0ubuntu0.16.04.7_all.deb 33c37c26a6e8ed969e924472ebda928db94a59e7 nginx-extras_1.10.3-0ubuntu0.16.04.7_amd64.deb 35e71a9ffd23176a3574ec5b65ece8b43903a122 nginx-full_1.10.3-0ubuntu0.16.04.7_amd64.deb f82cc685cdfe346f46e85df0edbc0c71c24ad2fa nginx-light_1.10.3-0ubuntu0.16.04.7_amd64.deb eeb120ac6ea56c9447f96525ab3b5f96d5d821a5 CLSA-2021:1635459364 Copyright 2021 Cloud Linux Inc 0 * bump to 211.243 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* bump to 211.243

0 cloudlinux-ubuntu16.04-els linux-buildinfo-4.4.0-211-generic_4.4.0-211.243_amd64.deb 752fd5a86528aeb606e058ecd521ec0ad7fd205e linux-buildinfo-4.4.0-211-lowlatency_4.4.0-211.243_amd64.deb 8e05e2e666518d6bc54031dc5d02746d94bb6ce3 linux-cloud-tools-4.4.0-211_4.4.0-211.243_amd64.deb 4b0f01a39db10bb1ffa877a73a68bcbf4e0cf565 linux-cloud-tools-4.4.0-211-generic_4.4.0-211.243_amd64.deb d9ea75640a85e3ea8c16a9a41b5feaf7358f8b42 linux-cloud-tools-4.4.0-211-lowlatency_4.4.0-211.243_amd64.deb b976018d0f1eea787b3cbf88c7027bb7ce7dc2b4 linux-cloud-tools-common_4.4.0-211.243_all.deb 0ac7ab9ac9f22f4649a211c2f992347a5f9f89d6 linux-doc_4.4.0-211.243_all.deb 7849d92993e477ed72fcc43a5f66e32a4a8f559d linux-headers-4.4.0-211_4.4.0-211.243_all.deb 2ad394f269d008d4ab427cf8a2678cc7dc9a314a linux-headers-4.4.0-211-generic_4.4.0-211.243_amd64.deb ee4fe5673c2eed564bff414c8ce42ee2d134bdd6 linux-headers-4.4.0-211-lowlatency_4.4.0-211.243_amd64.deb 95b59588c469b078e6054d4111544cd1b0c297b4 linux-image-unsigned-4.4.0-211-generic_4.4.0-211.243_amd64.deb c86ce230c48e97c74b849a48df92b5b78b0bcb72 linux-image-unsigned-4.4.0-211-lowlatency_4.4.0-211.243_amd64.deb 0b317ce0c86d234668ecfe2e164b97c54c630786 linux-libc-dev_4.4.0-211.243_amd64.deb 916bdea64c306ef44071f09b379c91f2d7760c18 linux-modules-4.4.0-211-generic_4.4.0-211.243_amd64.deb 6b594a204815dc423ae1b32dc18fccd33e320bf9 linux-modules-4.4.0-211-lowlatency_4.4.0-211.243_amd64.deb 0b8ad279aab8ffb0dfc67713aeff81bc1c5bdbf1 linux-modules-extra-4.4.0-211-generic_4.4.0-211.243_amd64.deb ff0c97efeca68024ef6922218e8bc0afbc0c9d8b linux-source-4.4.0_4.4.0-211.243_all.deb c0fcb85a2bf5b9faf9faabe38953f81d3a05956c linux-tools-4.4.0-211_4.4.0-211.243_amd64.deb 03376830556edd6845df50f4aa4c0de25e2830af linux-tools-4.4.0-211-generic_4.4.0-211.243_amd64.deb 6b4aaa4304078b2451cf535e8a4f29c097e981e7 linux-tools-4.4.0-211-lowlatency_4.4.0-211.243_amd64.deb c717f502e0214760034a9387adf13dbbeec303c1 linux-tools-common_4.4.0-211.243_all.deb f0fcd7b88142063af6bb83425e6b29a2f6a583d0 linux-tools-host_4.4.0-211.243_all.deb bf4d9a7441a322c54e145bb942ce061c1dcbdeb9 CLSA-2021:1636389414 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: assertion failure in ISO-2022-JP-3 module - debian/patches/any/CVE-2021-3326.patch: enqueue a second wide character which cannot be written immediately in the state variable. - CVE-2021-3326 * SECURITY UPDATE: emission of a spurious '\0' character on state reset - debian/patches/any/CVE-2021-3326.patch: check actual stored character in state reset code. - CVE-2021-43396 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: assertion failure in ISO-2022-JP-3 module - debian/patches/any/CVE-2021-3326.patch: enqueue a second wide character which cannot be written immediately in the state variable. - CVE-2021-3326 * SECURITY UPDATE: emission of a spurious '\0' character on state reset - debian/patches/any/CVE-2021-3326.patch: check actual stored character in state reset code. - CVE-2021-43396

0 cloudlinux-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5_all.deb e64276cb83839f80f6b41603f4f79467507f9b95 glibc-source_2.23-0ubuntu11.5_all.deb f91f36fe375db52a03fd04471af86ee2fc5f6064 libc-bin_2.23-0ubuntu11.5_amd64.deb 495d394245a3435c51b42774cf04974618f327fd libc-dev-bin_2.23-0ubuntu11.5_amd64.deb c45ab2ffbb60f0ad1032a13348ce1e690b9c711e libc6_2.23-0ubuntu11.5_amd64.deb 91a76d67a43851ebd2fed52d8502b4ceb10d7224 libc6-dev_2.23-0ubuntu11.5_amd64.deb 093bbe7796efc09e7cdb047e631e2c199fd185cb libc6-dev-i386_2.23-0ubuntu11.5_amd64.deb 4a79346daa53ff1557d255eb6b2316ace90554e4 libc6-dev-x32_2.23-0ubuntu11.5_amd64.deb 2f2f55c0f269cf7a089a21883235c5205c344e74 libc6-i386_2.23-0ubuntu11.5_amd64.deb 63a1fb84b78538d233a53b26c594ad175ca2acd4 libc6-pic_2.23-0ubuntu11.5_amd64.deb bccfa59b4b7974e3732e89c7ef7099696726149e libc6-x32_2.23-0ubuntu11.5_amd64.deb a50c2cc62ba4beae2495fe5d512b97ac0b89dd02 locales_2.23-0ubuntu11.5_all.deb 0685c7a733b61f122c4f247a10616d9533ae7522 locales-all_2.23-0ubuntu11.5_amd64.deb a8d062d16894e64fa0faf6dfc18b7ab230b0e4ce multiarch-support_2.23-0ubuntu11.5_amd64.deb dbf3272dc86ac540a90d04f31ad783b996400cfd nscd_2.23-0ubuntu11.5_amd64.deb 73eedb2181d5e608d424217f4de0fba2f61a013b CLSA-2021:1638804058 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: use-after-free in concat op - debian/patches/CVE-awk-use-after-free.patch: second reference to a field reallocs/moves Fields[] array, but first ref still tries to use the element where it was before move. - CVE-2021-42378 - CVE-2021-42379 - CVE-2021-42380 - CVE-2021-42381 - CVE-2021-42382 - CVE-2021-42383 - CVE-2021-42384 - CVE-2021-42385 - CVE-2021-42386 - debian/patches/CVE-awk-printf-buffer-overflow.patch: printf buffer overflow. - No CVE assigned (but mentioned by upstream maintainer as important at http://lists.busybox.net/pipermail/busybox/2021-November/089328.html). Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use-after-free in concat op - debian/patches/CVE-awk-use-after-free.patch: second reference to a field reallocs/moves Fields[] array, but first ref still tries to use the element where it was before move. - CVE-2021-42378 - CVE-2021-42379 - CVE-2021-42380 - CVE-2021-42381 - CVE-2021-42382 - CVE-2021-42383 - CVE-2021-42384 - CVE-2021-42385 - CVE-2021-42386 - debian/patches/CVE-awk-printf-buffer-overflow.patch: printf buffer overflow. - No CVE assigned (but mentioned by upstream maintainer as important at http://lists.busybox.net/pipermail/busybox/2021-November/089328.html).

0 cloudlinux-ubuntu16.04-els busybox_1.22.0-15ubuntu1.4+tuxcare.els2_amd64.deb 5488acb202e24732e48efe79bd048bc917c08af9 busybox-initramfs_1.22.0-15ubuntu1.4+tuxcare.els2_amd64.deb cd7a7f68a64bbc3fd10e50f95e709f8ccd5dee30 busybox-static_1.22.0-15ubuntu1.4+tuxcare.els2_amd64.deb eb0649bcdd6109743219e8b34d578972d40bc889 busybox-syslogd_1.22.0-15ubuntu1.4+tuxcare.els2_all.deb 515f399e4dd348be0cdfeff45ea20e913db63bf7 udhcpc_1.22.0-15ubuntu1.4+tuxcare.els2_amd64.deb d179bbf96170ee1f18594ac015ca80f93e0e30ac udhcpd_1.22.0-15ubuntu1.4+tuxcare.els2_amd64.deb bfd9aac96b9aeec8ea5675f12522b2344903b7e4 CLSA-2021:1638804072 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: directory traversal - debian/patches/CVE-2021-3426.patch: remove 'getfile' feature from pydoc which can be used to leak sensitive data to unauthorized actors. - CVE-2021-3426 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: directory traversal - debian/patches/CVE-2021-3426.patch: remove 'getfile' feature from pydoc which can be used to leak sensitive data to unauthorized actors. - CVE-2021-3426

0 cloudlinux-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_all.deb c30364d776717ab81adf8ef73dd830cc56f9fb97 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 17864bc909324c3628fad3d0a3450778f27672fe libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 525207455eae4c48aaad666dda9d60261bb6d86f libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 920d2e82191e74a33d03d864eed028f43cb29dd7 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 408abb9c13dc6806f31b91c48475b6daf0afad8f libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_all.deb 8ce74e1b01ff26de192c98ac9a13a9043d0edeb3 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 7984202cd26ada1679a53cb814de4c07dcdc8c61 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 3e537744eb34ca5afbc0e15bfd842be05ece5959 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_all.deb 50271093bbc9c21298f4fb8c52034845923b6a73 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_all.deb cce2a98052eaa618ad8254ae5d673fd6e949f92d python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 19339a4a1daa3181a2d1b75c5d2352f63b6bdcc2 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els2_amd64.deb 9e895c3a9828575fd3f052405c4ed92d12a5ad98 CLSA-2021:1639578644 Copyright 2021 Cloud Linux Inc 0 * SECURITY REGRESSION: Broken SSL connections - debian/patches/CVE-2021-43527.patch: Add missing break statement Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY REGRESSION: Broken SSL connections - debian/patches/CVE-2021-43527.patch: Add missing break statement

0 cloudlinux-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els2_amd64.deb 5c956a0fade94a72d772067891a05aebfe2f3e31 libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els2_amd64.deb 0533fe3daca70f213ddfa28c5f234ab53645c9a0 libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els2_amd64.deb bae0b7027caf6a0eeec421a5bfb0586e6db3a712 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els2_all.deb 8e390f700f48ffbf4cf85bbe56ccc7f7cbe46570 libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els2_amd64.deb eebb7b76037f6fcc12a5e0fce4e8633e0813fc5f CLSA-2021:1639580651 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 7193e7ce6a9e7735cddc9e8f2cb6db31b1e83206 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb dabdfd5f35f9b70ca64521e891b463174e1c4818 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb de2b3ed69e237ecf52c4e09b728550fe84972662 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 445d31351cef39e750d21951dbd2c366798d6c4b vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 50a1749e126b164ce41d85aff170fb5774233baf vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 4b860e893fb69851face8c7280b9fb27155b15d6 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 30c345a88eada9f5e92d7be0f31d4fc7e4cf245f vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb f83f9adbe2eca3daf8b18a8587451dfd03a50781 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 191814dc081d05dc328c14b8f9fdcf8c7c77c38b vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 5bd8928b0e0621d7f3566296084aebb7b6d05a42 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb f24a4a7cafbca4ff200634ffb7d8622b650204f8 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 2b94c16282c2f272cccadc6469ff4a459499a018 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb b9052843437f65ed0087fb9ae69ffebf5e4e1578 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 107e985815a4a5b95acd9e15642b35d7854e55c0 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 64dc74b37d76a0fa9d41bce16d26c43129c46c77 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb bf48f906a23d7d95107aed34167cf28090ccef9b CLSA-2021:1639681613 Copyright 2021 Cloud Linux Inc 0 * Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination * Add JDK-8165323.diff: (fs) Files.getFileStore fails with "Mount point not found" in chroot environment Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination * Add JDK-8165323.diff: (fs) Files.getFileStore fails with "Mount point not found" in chroot environment

0 cloudlinux-ubuntu16.04-els openjdk-9-demo_9~b114-0ubuntu2_amd64.deb e998b9dedfae0792eee08db18b3e3047ceda92e1 openjdk-9-doc_9~b114-0ubuntu2_all.deb a3c1f1a316060e0f76ec2e144af925187ac52942 openjdk-9-jdk_9~b114-0ubuntu2_amd64.deb d39f2e3264c272e1f00f86949264b17cf5cf29d1 openjdk-9-jdk-headless_9~b114-0ubuntu2_amd64.deb e7f01c4157dd88927d9a50e21bc6bf325ac9b502 openjdk-9-jre_9~b114-0ubuntu2_amd64.deb edee8a470b7e489b46106e9d87110c4c00fde491 openjdk-9-jre-headless_9~b114-0ubuntu2_amd64.deb e6d911fd2f6ba1b1dca4d86cca150c6155fd6e62 openjdk-9-source_9~b114-0ubuntu2_all.deb f72c06e9db8d53ee6ce7d0aed0ed3f68b7369515 CLSA-2021:1639681626 Copyright 2021 Cloud Linux Inc 0 * Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination

0 cloudlinux-ubuntu16.04-els openjdk-8-demo_8u292-b10-0ubuntu1~16.04.2_amd64.deb 3dac8888ae0d22e507442f2a4a858a8b0349b83f openjdk-8-doc_8u292-b10-0ubuntu1~16.04.2_all.deb 4956ae682d2fbabecce3ba66f454d8fc8ecf9c0a openjdk-8-jdk_8u292-b10-0ubuntu1~16.04.2_amd64.deb f031352b0a421859c8c368e098a58e9bf00c2850 openjdk-8-jdk-headless_8u292-b10-0ubuntu1~16.04.2_amd64.deb ca2677bc4288eecfe3221be2c6a8df73ffe3f971 openjdk-8-jre_8u292-b10-0ubuntu1~16.04.2_amd64.deb 1334ee6433a014a16a5e377ae78322b97d67e488 openjdk-8-jre-headless_8u292-b10-0ubuntu1~16.04.2_amd64.deb e5db79ca29e206b1d96694e77f6179956295f342 openjdk-8-jre-jamvm_8u292-b10-0ubuntu1~16.04.2_amd64.deb cc2d04e45440e5c48c0b9ccd86c852ce85d3347c openjdk-8-jre-zero_8u292-b10-0ubuntu1~16.04.2_amd64.deb 2882e55eaead88df69447f406532f9af73efeace openjdk-8-source_8u292-b10-0ubuntu1~16.04.2_all.deb 457784ec3f5baf786efdec9423f00d99e7116aba CLSA-2021:1639681783 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: fix assumption that ASN.1 string is NULL terminated when it exactly doesn't. - debian/patches/CVE-2021-3712.patch: backport all found cases where code relayed on assumtion that ASN.1 string is NULL terminated - CVE-2021-3712 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix assumption that ASN.1 string is NULL terminated when it exactly doesn't. - debian/patches/CVE-2021-3712.patch: backport all found cases where code relayed on assumtion that ASN.1 string is NULL terminated - CVE-2021-3712

0 cloudlinux-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21_amd64.deb 17d63b1b177102726a0d331d7fc8f6a72c7a6bd1 libssl-doc_1.0.2g-1ubuntu4.21_all.deb 4925cb3d271dedc2b4008b023bcf0a4132621df8 libssl1.0.0_1.0.2g-1ubuntu4.21_amd64.deb 2b6c8253ee527cc4031e00412cdab7c611167b28 openssl_1.0.2g-1ubuntu4.21_amd64.deb 52d58a4ff12729d405272274237f0f55dbad5ccc CLSA-2021:1639681829 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Update to 5.7.36 to fix security issues - CVE-2021-35604, CVE-2021-35624 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.36 to fix security issues - CVE-2021-35604, CVE-2021-35624

0 cloudlinux-ubuntu16.04-els libmysqlclient-dev_5.7.36-0ubuntu0.16.04.1.1_amd64.deb ebc7843365d0e9168c86ef8313edafd58f45e70b libmysqlclient20_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 6e9dd201ed600fcf0015ef9f5313a8da41efb0e8 libmysqld-dev_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 87e491a1002f95d32da38052be1f67752919ea0c mysql-client_5.7.36-0ubuntu0.16.04.1.1_all.deb 8fc87f4b7b4d1c69b4842cad885f517edbf60e92 mysql-client-5.7_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 2837f3f315e902f5e952654e0de73351ea3f4b9f mysql-client-core-5.7_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 394a1af6f1b01a7d5c42037b544d4f06c7ed45b7 mysql-common_5.7.36-0ubuntu0.16.04.1.1_all.deb c420de854da2267dc4c7c97956313f4683a64701 mysql-server_5.7.36-0ubuntu0.16.04.1.1_all.deb d6a1c298aa64541524782d7ff241a8244ee108f9 mysql-server-5.7_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 8fa913958532d897da1683690df61a6f7d4343bb mysql-server-core-5.7_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 411495b5b923e6e4fad3027f603496bc1b6cefd4 mysql-source-5.7_5.7.36-0ubuntu0.16.04.1.1_amd64.deb b571b56f8ac42bdbb7ca6bfa0fa923d4d9fd159d mysql-testsuite_5.7.36-0ubuntu0.16.04.1.1_all.deb 4611d28802cee5b848cf2c1e3d18fbfd0e9fc31c mysql-testsuite-5.7_5.7.36-0ubuntu0.16.04.1.1_amd64.deb 5f652711725b969aa7057e4b5ad612f688ff746a CLSA-2021:1639681836 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: resolver performance degradation via lame cache abuse - debian/patches/CVE-2021-25219.patch: disable lame cache in bin/named/config.c, bin/named/server.c, lib/dns/resolver.c. - CVE-2021-25219 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: resolver performance degradation via lame cache abuse - debian/patches/CVE-2021-25219.patch: disable lame cache in bin/named/config.c, bin/named/server.c, lib/dns/resolver.c. - CVE-2021-25219

0 cloudlinux-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 6c25408c589e946893ced8e7636681b670da29ad bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19.1_all.deb 9ea18608d19fc5f5e44c6b51e47935163a1186e1 bind9-host_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb b2d26a5cb231ee8e67068a7ebeeae591e5d80d61 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb da732438d6f26aa43896972808da1fc32bf15afb dnsutils_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 9c8eb0cf1d0e1695222603e8d6fb488e0696641b host_9.10.3.dfsg.P4-8ubuntu1.19.1_all.deb 431894c0db1c12316e72d0d946dfddb08db77a56 libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 81e60f68ed64c4c2c3da353f17b10a61cddbb6c1 libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 48fc231888a3778ad9e9bb17c291c261e5b4df65 libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 97d94c05831648f7f603d507bab725c1010a97cd libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 822c035caf36c52bc9deabc201e6cfced4cf0bdd libdns162_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 63a22af6d37f88bf9e28d19ba02ee57fdfe4c8fb libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb cc75119e448fe17a2acc6e096f693e479316e1b5 libirs141_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb cfede9cc8975db57ce1b005ae5e7aa3fd9f66624 libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 0573ef950fc017c14031fb3884b4440c32a2fa4b libisc160_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 4fcf3da019f6bec68f0ea8cf4bfa8c8c9c3f7ee4 libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 013858ce227db3301e413ca9c11722c04715f335 libisccc140_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb cde4cbd19460e32eefeef41acd7ead047ea5e686 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 903835308d74673e85171fe77aad882e98aa9359 libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb bb1a9486650395cf89782a47bbd02a8b28b6749d liblwres141_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb 82d8ea392e1ce47a712b5b881da2e81c63a374c8 lwresd_9.10.3.dfsg.P4-8ubuntu1.19.1_amd64.deb cadcf626edd5081d002cf86d59a7a83fea707922 CLSA-2021:1639681846 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Process crash and information disclosure - debian/patches/CVE-2020-7068.patch: fix access-after-free for actual_alias pointer - CVE-2020-7068 * SECURITY UPDATE: logic error due to invalid input validation - debian/patches/CVE-2020-7071.patch: add validation fo url->user field - CVE-2020-7071 * SECURITY UPDATE: program crash due to null pointer dereference - debian/patches/CVE-2021-21702.patch: pass empty string instead for NULL pointers to soap_error1(). Check NULL pointer in attr_is_equal_ex() and node_is_equal_ex() - CVE-2021-21702 * SECURITY UPDATE: integer overflow and subsequent incorrect buffer allocation - debian/patches/CVE-2021-21704.patch: add checks that prevent the overflow, replace strcat() with more secure strlcat() - CVE-2021-21704 * SECURITY UPDATE: logic error due to incorrect input validation - debian/patches/CVE-2021-21705.patch: fix validation of url password with FILTER_VALIDATE_URL parameter, - CVE-2021-21705 * SECURITY UPDATE: priv escalation due to shared memory between worker processes - debian/patches/CVE-2021-21703.patch: change scoreboard->proc type to array of structs and use scoreboard->nprocs only in child processes - CVE-2021-21703 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Process crash and information disclosure - debian/patches/CVE-2020-7068.patch: fix access-after-free for actual_alias pointer - CVE-2020-7068 * SECURITY UPDATE: logic error due to invalid input validation - debian/patches/CVE-2020-7071.patch: add validation fo url->user field - CVE-2020-7071 * SECURITY UPDATE: program crash due to null pointer dereference - debian/patches/CVE-2021-21702.patch: pass empty string instead for NULL pointers to soap_error1(). Check NULL pointer in attr_is_equal_ex() and node_is_equal_ex() - CVE-2021-21702 * SECURITY UPDATE: integer overflow and subsequent incorrect buffer allocation - debian/patches/CVE-2021-21704.patch: add checks that prevent the overflow, replace strcat() with more secure strlcat() - CVE-2021-21704 * SECURITY UPDATE: logic error due to incorrect input validation - debian/patches/CVE-2021-21705.patch: fix validation of url password with FILTER_VALIDATE_URL parameter, - CVE-2021-21705 * SECURITY UPDATE: priv escalation due to shared memory between worker processes - debian/patches/CVE-2021-21703.patch: change scoreboard->proc type to array of structs and use scoreboard->nprocs only in child processes - CVE-2021-21703

0 cloudlinux-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17_amd64.deb 04fe0efed2849d583015bf102ed786d645d5064d libphp7.0-embed_7.0.33-0ubuntu0.16.04.17_amd64.deb 662d10b586912a6b1462c2e9260701427477f62b php7.0_7.0.33-0ubuntu0.16.04.17_all.deb d164946fd1c0385838c5879b3289ae97b63a62c4 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17_amd64.deb c77a15a879563f9e9bfc37ce58cdde912f359267 php7.0-bz2_7.0.33-0ubuntu0.16.04.17_amd64.deb 089ea3440db094c8f106ccac507f63c02abd3fce php7.0-cgi_7.0.33-0ubuntu0.16.04.17_amd64.deb adb7b712b08e91a539e76e36960cf52fcf0e64d1 php7.0-cli_7.0.33-0ubuntu0.16.04.17_amd64.deb dc9c9f73fca6aa2ada384e3445e80b1d30723494 php7.0-common_7.0.33-0ubuntu0.16.04.17_amd64.deb 66cb73c420bdc452bfbf058cc48914cc4c4c21f4 php7.0-curl_7.0.33-0ubuntu0.16.04.17_amd64.deb 5321733aa058000fb5aa36bff6ef8011c1171134 php7.0-dba_7.0.33-0ubuntu0.16.04.17_amd64.deb c37a0a4ae652962588146169882c2fa1eda04bba php7.0-dev_7.0.33-0ubuntu0.16.04.17_amd64.deb 8e8530588839322d084a75938c8a90c7e1546edf php7.0-enchant_7.0.33-0ubuntu0.16.04.17_amd64.deb 19f78aee1f233267e287ae73538290997df47a6e php7.0-fpm_7.0.33-0ubuntu0.16.04.17_amd64.deb 2feeaae04a71f9d009de1a12f7991394c62923c8 php7.0-gd_7.0.33-0ubuntu0.16.04.17_amd64.deb e995e2937babf96e9a4a35d0be8eec6ef5d55049 php7.0-gmp_7.0.33-0ubuntu0.16.04.17_amd64.deb 190cadc3dcb876fca3b64cd9308f5b7ffd545a07 php7.0-imap_7.0.33-0ubuntu0.16.04.17_amd64.deb a2c78035b54f23dbdf7851da0df980ee13724126 php7.0-interbase_7.0.33-0ubuntu0.16.04.17_amd64.deb 8583393804c166a662be434404d6c1b02b755327 php7.0-intl_7.0.33-0ubuntu0.16.04.17_amd64.deb 848404d295860bb0c1d65fd05537d051991f1f89 php7.0-json_7.0.33-0ubuntu0.16.04.17_amd64.deb fbc5b940d8befaf3f769fb72afc66cbf1ee6979e php7.0-ldap_7.0.33-0ubuntu0.16.04.17_amd64.deb 6ff0c68a420be0928b56afc607d7107b070bb2f7 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17_amd64.deb af427d1f77c24a5045943155e3929be2ed5b04bc php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17_amd64.deb d7158e695a99fb2338fe71ea186ae07a351f763b php7.0-mysql_7.0.33-0ubuntu0.16.04.17_amd64.deb 78e1f3b380453dd4ef2f2e085c18dba28988e492 php7.0-odbc_7.0.33-0ubuntu0.16.04.17_amd64.deb 5cc3cae601746ece6a9c3bd051298d212733ee51 php7.0-opcache_7.0.33-0ubuntu0.16.04.17_amd64.deb 8b6e36f3577de670deb0a3370d5e2f2bba8f84fc php7.0-pgsql_7.0.33-0ubuntu0.16.04.17_amd64.deb 1fc30f8ba186325550c359193538b2865e09cb47 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17_amd64.deb c50c60b0b81aefbf40899a1cc1a8470c0a39fcc2 php7.0-pspell_7.0.33-0ubuntu0.16.04.17_amd64.deb ada380645bf0a3965c10e3b7c7986c53c3fbb41e php7.0-readline_7.0.33-0ubuntu0.16.04.17_amd64.deb 50941350c6da3418b4e50af1fa493fb903055259 php7.0-recode_7.0.33-0ubuntu0.16.04.17_amd64.deb bec2e248661808e6aa78e88f433be34b23184d24 php7.0-snmp_7.0.33-0ubuntu0.16.04.17_amd64.deb 3d88b62e832cdfbf0acafee2167f5ed2cc69a7fb php7.0-soap_7.0.33-0ubuntu0.16.04.17_amd64.deb 97895c0ca5537f1d895fd8b248b14d761ba46185 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17_amd64.deb 2f18da63c4ee5a361a5f73359b457e9b50766d86 php7.0-sybase_7.0.33-0ubuntu0.16.04.17_amd64.deb 475769cc6b10db8a0bf614e5a66761a822bf5481 php7.0-tidy_7.0.33-0ubuntu0.16.04.17_amd64.deb 45339a745eb2c1128035aa8d207449a9989d0821 php7.0-xml_7.0.33-0ubuntu0.16.04.17_amd64.deb 56cb1d8f02296cd3d5fda0d9cc6a9bda8b56aab9 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17_amd64.deb 5c031f4bb10a249614ecee1f4bb2276362c9ce04 php7.0-xsl_7.0.33-0ubuntu0.16.04.17_all.deb 6114bfc8f0ac30dfcbd1cbc41baaf10afdad76a0 php7.0-zip_7.0.33-0ubuntu0.16.04.17_amd64.deb 3b1782ca6c22c4557259d9f9fb9e3901b562e8e4 CLSA-2021:1639681852 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: illegal memory access if buffer name is very long - debian/patches/CVE-2021-3872.patch: make sure not to go over the end of the buffer in screen.c - CVE-2021-3872 * SECURITY UPDATE: ml_get error after search with range - debian/patches/CVE-2021-3875.patch: limit the line number to the buffer line count in ex_docmd.c - CVE-2021-3875 * SECURITY UPDATE: invalid memory access when scrolling without a valid screen - debian/patches/CVE-2021-3903.patch: do not set VALID_BOTLINE in w_valid in move.c - CVE-2021-3903 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: illegal memory access if buffer name is very long - debian/patches/CVE-2021-3872.patch: make sure not to go over the end of the buffer in screen.c - CVE-2021-3872 * SECURITY UPDATE: ml_get error after search with range - debian/patches/CVE-2021-3875.patch: limit the line number to the buffer line count in ex_docmd.c - CVE-2021-3875 * SECURITY UPDATE: invalid memory access when scrolling without a valid screen - debian/patches/CVE-2021-3903.patch: do not set VALID_BOTLINE in w_valid in move.c - CVE-2021-3903

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.7_amd64.deb 60c1bc2d719e1bd52af342713032aede4e483932 vim-athena_7.4.1689-3ubuntu1.7_amd64.deb 19841e4b514f1cf9141e3a821e2a940975866fd5 vim-athena-py2_7.4.1689-3ubuntu1.7_amd64.deb 766cd49876aa278e492cb4520b9e8ad1028b9ebd vim-common_7.4.1689-3ubuntu1.7_amd64.deb caf5f790d8351ac1f3441bff8f1a8909ba90bede vim-doc_7.4.1689-3ubuntu1.7_all.deb 1ab04f16d44eac6d838736c36a1e32a5f58aebf7 vim-gnome_7.4.1689-3ubuntu1.7_amd64.deb f3e0c3f4314473bd732532080a388a9f43fab989 vim-gnome-py2_7.4.1689-3ubuntu1.7_amd64.deb 7131b8e070ea101a0e661a12c97ed679eb12f826 vim-gtk_7.4.1689-3ubuntu1.7_amd64.deb c633555a4da069548b9d0d146f0492cadbcf2a99 vim-gtk-py2_7.4.1689-3ubuntu1.7_amd64.deb 2c79ecedb96b88c587ac61a282583b9d0c50e6d0 vim-gtk3_7.4.1689-3ubuntu1.7_amd64.deb 3ea0b08f78cb187ec6a47682f0d0b4432d3619ed vim-gtk3-py2_7.4.1689-3ubuntu1.7_amd64.deb ce6468a0515be9508adafcbdee8c22275cbdb62f vim-gui-common_7.4.1689-3ubuntu1.7_all.deb 982784ee1ee311f832c45d400b8d8874e55b27ae vim-nox_7.4.1689-3ubuntu1.7_amd64.deb bc1695a4ffcfab5880f31cde7c24de26ebbb8fc8 vim-nox-py2_7.4.1689-3ubuntu1.7_amd64.deb 79b5e2c248236b9a05c0c8af4241ae523a30225d vim-runtime_7.4.1689-3ubuntu1.7_all.deb 8ac0f934567e5957da363c4048c2bbad7214223f vim-tiny_7.4.1689-3ubuntu1.7_amd64.deb db4e27a289495ec0ce812281382f07c689dac409 CLSA-2021:1639681859 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Fix heap-based buffer overflow when reading character past end of line - debian/patches/CVE-2021-3927.patch: Correct the cursor column in src/ex_docmd.c. - CVE-2021-3927 * SECURITY UPDATE: Fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions - debian/patches/CVE-2021-3928.patch: Check that preword is not empty in src/spell.c. - CVE-2021-3928 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix heap-based buffer overflow when reading character past end of line - debian/patches/CVE-2021-3927.patch: Correct the cursor column in src/ex_docmd.c. - CVE-2021-3927 * SECURITY UPDATE: Fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions - debian/patches/CVE-2021-3928.patch: Check that preword is not empty in src/spell.c. - CVE-2021-3928

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb d9f607086055a2d7d59e7a6cdb489f8605991148 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 50d5c1f0db1df9f4a2bc7b0fc056a6d87eb0a54f vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 2685dca6228c48b97361b25cc57207cd5659d9ad vim-common_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb e3b5dd05d84d253faf2545de893b898ccd1f13b8 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els3_all.deb 877d5565fd8ace5fb137fcf250ee7b7ffd7b5a99 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 8e07a27c0ccfa0f97cf7b2c92a012eaceb28e00f vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 7ae19c826eaea2bf2328a0ae39c13492abb5caca vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 6b72d1b6bb0979a508d9324c4979ef3281aa85c9 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 9af489f1e719aa7b635d7786bc0102935a70aa40 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 18cbec82c42dd79b66839a1dc9ed96148072a5ba vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 4939cc3769bec486b78bceaba97fb3eb97821d85 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els3_all.deb 7f519b16c7536aac2892f460b4df780b17ec45db vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 0e9bf1d37274651e57e59af8f0ce748ed7d239a5 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 3243ba196ce27ea2e8cabb1601a4d13a328c8f65 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els3_all.deb b7784905e9135f77ff1fe0ba83b5602bf80bb852 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els3_amd64.deb 5c0b40f9a7b55b975ddf99fda01af3c245163a38 CLSA-2021:1639681866 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: helper programs may run with privilege escalation - debian/patches/CVE-2021-41617.patch: set initgroups() before setresgid() - CVE-2021-41617 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: helper programs may run with privilege escalation - debian/patches/CVE-2021-41617.patch: set initgroups() before setresgid() - CVE-2021-41617

0 cloudlinux-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els1_amd64.deb e575898db3f970bfe73073e76367322defab99d5 openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els1_amd64.deb ad300054c6847a28c891cfb2b07fbf6d0c3da693 openssh-server_7.2p2-4ubuntu2.10+tuxcare.els1_amd64.deb 3985cb5a1ec990066d30288ec400206a1cb45e31 openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els1_amd64.deb d3ae26243621b8e344be7e4997d2fe5afc3ddd86 ssh_7.2p2-4ubuntu2.10+tuxcare.els1_all.deb 1f87c00b9d091c3fb790f3a88a8991d02954cf7e ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els1_amd64.deb 6472a732a392ab2e9fdbeb46d68199482863c21d ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els1_all.deb 48af1c15775a6337cb0cd9840cf4f0b388c2e429 CLSA-2021:1639681874 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 7193e7ce6a9e7735cddc9e8f2cb6db31b1e83206 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb dabdfd5f35f9b70ca64521e891b463174e1c4818 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb de2b3ed69e237ecf52c4e09b728550fe84972662 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 445d31351cef39e750d21951dbd2c366798d6c4b vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 50a1749e126b164ce41d85aff170fb5774233baf vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 4b860e893fb69851face8c7280b9fb27155b15d6 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 30c345a88eada9f5e92d7be0f31d4fc7e4cf245f vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb f83f9adbe2eca3daf8b18a8587451dfd03a50781 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 191814dc081d05dc328c14b8f9fdcf8c7c77c38b vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 5bd8928b0e0621d7f3566296084aebb7b6d05a42 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb f24a4a7cafbca4ff200634ffb7d8622b650204f8 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 2b94c16282c2f272cccadc6469ff4a459499a018 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb b9052843437f65ed0087fb9ae69ffebf5e4e1578 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 107e985815a4a5b95acd9e15642b35d7854e55c0 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 64dc74b37d76a0fa9d41bce16d26c43129c46c77 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb bf48f906a23d7d95107aed34167cf28090ccef9b CLSA-2021:1639686040 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 7193e7ce6a9e7735cddc9e8f2cb6db31b1e83206 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb dabdfd5f35f9b70ca64521e891b463174e1c4818 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb de2b3ed69e237ecf52c4e09b728550fe84972662 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 445d31351cef39e750d21951dbd2c366798d6c4b vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 50a1749e126b164ce41d85aff170fb5774233baf vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 4b860e893fb69851face8c7280b9fb27155b15d6 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 30c345a88eada9f5e92d7be0f31d4fc7e4cf245f vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb f83f9adbe2eca3daf8b18a8587451dfd03a50781 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 191814dc081d05dc328c14b8f9fdcf8c7c77c38b vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 5bd8928b0e0621d7f3566296084aebb7b6d05a42 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb f24a4a7cafbca4ff200634ffb7d8622b650204f8 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 2b94c16282c2f272cccadc6469ff4a459499a018 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb b9052843437f65ed0087fb9ae69ffebf5e4e1578 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb 107e985815a4a5b95acd9e15642b35d7854e55c0 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb 64dc74b37d76a0fa9d41bce16d26c43129c46c77 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb bf48f906a23d7d95107aed34167cf28090ccef9b CLSA-2021:1640271821 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2020-28007.patch - debian/patches/CVE-2020-28008.patch - debian/patches/CVE-2020-28009.patch - debian/patches/CVE-2020-28011.patch - debian/patches/CVE-2020-28012.patch - debian/patches/CVE-2020-28013.patch - debian/patches/CVE-2020-28014+CVE-2021-27216.patch - debian/patches/CVE-2020-28015+28021.patch - debian/patches/CVE-2020-28017.patch - debian/patches/CVE-2020-28020.patch - debian/patches/CVE-2020-28022.patch - debian/patches/CVE-2020-28024.patch - debian/patches/CVE-2020-28025.patch - debian/patches/CVE-2020-28026.patch: backport patches from upstream to correct issues. - CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026, CVE-2021-27216 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2020-28007.patch - debian/patches/CVE-2020-28008.patch - debian/patches/CVE-2020-28009.patch - debian/patches/CVE-2020-28011.patch - debian/patches/CVE-2020-28012.patch - debian/patches/CVE-2020-28013.patch - debian/patches/CVE-2020-28014+CVE-2021-27216.patch - debian/patches/CVE-2020-28015+28021.patch - debian/patches/CVE-2020-28017.patch - debian/patches/CVE-2020-28020.patch - debian/patches/CVE-2020-28022.patch - debian/patches/CVE-2020-28024.patch - debian/patches/CVE-2020-28025.patch - debian/patches/CVE-2020-28026.patch: backport patches from upstream to correct issues. - CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014, CVE-2020-28015, CVE-2020-28017, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026, CVE-2021-27216

0 cloudlinux-ubuntu16.04-els exim4_4.86.2-2ubuntu2.6+tuxcare.els1_all.deb 8d6ef61956d190b583fa19101bae9952aec1fb80 exim4-base_4.86.2-2ubuntu2.6+tuxcare.els1_amd64.deb daa528b2fe0a4942bb5b400c58022a977bb98a5d exim4-config_4.86.2-2ubuntu2.6+tuxcare.els1_all.deb 7aa4603b05de6ef8c9628628cd3d5f6d032af48d exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els1_amd64.deb df98dd9c0ed3f1f60522702c828b3dee1f40006b exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els1_amd64.deb e1d5a2f4fe45f35621fc64f186d727e9e6557883 exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els1_amd64.deb 255eb10058274a0cb0ac8d4c9405330f15970e1c eximon4_4.86.2-2ubuntu2.6+tuxcare.els1_amd64.deb 746b5de73d2522fe77a17a9e8b09b7bed00ece1a CLSA-2021:1640697102 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Privilege Escalation - debian/patches/CVE-2021-3800.patch: Drop a redundant environment variable in _g_locale_get_charset_aliases function at libcharset/localcharset.c. - CVE-2021-3800 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Privilege Escalation - debian/patches/CVE-2021-3800.patch: Drop a redundant environment variable in _g_locale_get_charset_aliases function at libcharset/localcharset.c. - CVE-2021-3800

0 cloudlinux-ubuntu16.04-els libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els1_amd64.deb 85f10bbbd2050146c3ecb7226480143d0799c745 libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els1_amd64.deb 117d59690113aed3416248293da03a880b98c4be libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els1_amd64.deb ad3f16d2d492c0db720ba77b2b8aee3ca19140aa libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els1_all.deb fe06f44de81f94d63bf3d57d4f8fea2dbb9f94e8 libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els1_amd64.deb d159e57e44ddb21bd87fa14ca4cab8d7b0cfd157 libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els1_all.deb 0a37b086a1586366026ec80a0ed00ecf9980cc98 libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els1_amd64.deb 21dc5719c88c8787eb3ad0e1c26cd7f25f2a1a17 CLSA-2021:1640697114 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: buffer overflow in the mod_lua multipart parser - debian/patches/CVE-2021-44970.patch: add test to prevent integer overflow in req_parsebody() - CVE-2021-44970 * SECURITY UPDATE: null pointer dereference in reverse proxy module - debian/patches/CVE-2021-44224.patch: add tests for return value of ap_proxy_de_socketfy() - CVE-2021-44224 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overflow in the mod_lua multipart parser - debian/patches/CVE-2021-44970.patch: add test to prevent integer overflow in req_parsebody() - CVE-2021-44970 * SECURITY UPDATE: null pointer dereference in reverse proxy module - debian/patches/CVE-2021-44224.patch: add tests for return value of ap_proxy_de_socketfy() - CVE-2021-44224

0 cloudlinux-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els3_amd64.deb a9ff40cee693444642a3d39b7ca6e4d3a390f937 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els3_amd64.deb 2ea687734d4bac5412be28682edcc581e39f757e apache2-data_2.4.18-2ubuntu3.17+tuxcare.els3_all.deb a075a7b294aff83f975bdecf7b2935a6969db28b apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els3_amd64.deb a0bfc44f7444f418cc3bf9775f0baf9b47d46dce apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els3_all.deb f64792d1da9bb1de16712b36e8246291f4408a8a apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els3_amd64.deb 6aeb1fe6d3f01807e96805aa1dce45cf4485826d apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els3_amd64.deb 0198dddeac75c7b719c319f023ceb4bf94c4e33d apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els3_amd64.deb 473fd2daee63de0f2cac2d34b49b0ebe700f28df CLSA-2021:1640700710 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Out-of-bounds array access - debian/patches/CVE-2021-3517.patch: Validate UTF8 in xmlEncodeEntities - CVE-2021-3517 * SECURITY UPDATE: Use-after-free error - debian/patches/CVE-2021-3518.patch: Fix use-after-free with 'xmllint --xinclude --dropdtd' - CVE-2021-3518 * SECURITY UPDATE: Null pointer dereference while parsing in recovery mode - debian/patches/CVE-2021-3537.patch: Propagate error in xmlParseElementChildrenContentDeclPriv - CVE-2021-3537 * SECURITY UPDATE: Parser fix for the billion laugs attach - debian/patches/CVE-2021-3541.patch: Fix parameter entities expansion in xmlParserEntityCheck - CVE-2021-3541 * SECURITY UPDATE: Miscalculation of available bytes when parsing - debian/patches/CVE-2017-8872.patch: Free input buffer in xmlHaltParser - CVE-2017-8872 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2019-20388.patch: Fix memory leak in xmlSchemaValidateStream - CVE-2019-20388 * SECURITY UPDATE: Out-of-bounds array access - debian/patches/CVE-2020-24977.patch: Fix out-of-bounds read with 'xmllint --htmlout' - CVE-2020-24977 * SECURITY UPDATE: Use-after-free error - debian/patches/CVE-2021-3516.patch: Fix use-after-free with 'xmllint --html --push' - CVE-2021-3516 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out-of-bounds array access - debian/patches/CVE-2021-3517.patch: Validate UTF8 in xmlEncodeEntities - CVE-2021-3517 * SECURITY UPDATE: Use-after-free error - debian/patches/CVE-2021-3518.patch: Fix use-after-free with 'xmllint --xinclude --dropdtd' - CVE-2021-3518 * SECURITY UPDATE: Null pointer dereference while parsing in recovery mode - debian/patches/CVE-2021-3537.patch: Propagate error in xmlParseElementChildrenContentDeclPriv - CVE-2021-3537 * SECURITY UPDATE: Parser fix for the billion laugs attach - debian/patches/CVE-2021-3541.patch: Fix parameter entities expansion in xmlParserEntityCheck - CVE-2021-3541 * SECURITY UPDATE: Miscalculation of available bytes when parsing - debian/patches/CVE-2017-8872.patch: Free input buffer in xmlHaltParser - CVE-2017-8872 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2019-20388.patch: Fix memory leak in xmlSchemaValidateStream - CVE-2019-20388 * SECURITY UPDATE: Out-of-bounds array access - debian/patches/CVE-2020-24977.patch: Fix out-of-bounds read with 'xmllint --htmlout' - CVE-2020-24977 * SECURITY UPDATE: Use-after-free error - debian/patches/CVE-2021-3516.patch: Fix use-after-free with 'xmllint --html --push' - CVE-2021-3516

0 cloudlinux-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb 0a14d2ae81f266a214531cb4fc4888b281c11304 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb 92bedf4a4f4ecdecccae68f5ac91a7c610bf8daf libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_all.deb ee09716c2fa0ba3089fcf97d2d139025550bea0f libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb 0e6653515a817a8267556ee4d70f951ed275bad0 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb 41cfe6e25d472ef15137496503bdb0d9120af7b5 CLSA-2021:1640791516 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: - debian/patches/CVE-2018-12700.patch: fix infinite recursion. - debian/patches/CVE-2021-45078.patch: fix heap-based buffer overflow. - CVE-2018-12700, CVE-2021-45078 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: - debian/patches/CVE-2018-12700.patch: fix infinite recursion. - debian/patches/CVE-2021-45078.patch: fix heap-based buffer overflow. - CVE-2018-12700, CVE-2021-45078

0 cloudlinux-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb e859238d9f4179dbfb54494bf3f5a93ae3a33268 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 152ccc35de0be199617f1a41233c23bcff9c9722 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 00a04010c0b1ac8f2d468edbee132ea69f5103b8 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb af0ec4ed0a77e4ec5f2621758ba987b7ee0faa3d binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 9be6a15d515618f8beebce27860ba752778daf8c binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 6a4dd31f62fbd932724774cb96aea7176b04721c binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_all.deb b04c441f701819528d6618584115a178669181a3 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb bf1f18a0a3b0f1a9b27fdbd9a7aa58ac058fa750 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 62ab9918c5b44a72ccb3ac8b57b42075bc7d09af binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb e0ca459c47c90fad5d41e1ce05636b14a96cabd6 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 3ceaa3602df5671070116c32d0a36e9176ae1058 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 0af3b076d99cd5f26515d5afc44bc39a4de29877 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 4ce4b1e23741a3b35e7a17e07b48336eeb2ad9ec binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 6fd60ff949bbd615ccd7f691029dab04a801f0ab binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 976d9944118a01148e555cfe9eb1d07a4ad6f99d binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 731f553215607d47d2df0d336df10e9be8ff3e6b binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb f138199dda17b31cd0ebec8060ed1ad335fa6f2a binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 5745b4c0addb082449638f5f0843af0c22e3c22e binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb db5d7b5a4257d697f679d4d9acbf946dee41f9f9 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 9318af58674dca45ff0e001a9ef1397747cbac19 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb eb09da4e35c1226547c1077da97e5ed8c679d219 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb ed214e32ecde587f314743ff82b4f761a75ec82a binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_all.deb 3af47e97c76fdc75e5cc010abf4ea1bea7908e72 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els3_amd64.deb 874ef22d313cc238b1676f0f4f46788fe653d616 CLSA-2022:1642087622 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using freed memory with /\%V - debian/patches/CVE-2021-4192.patch: Get the line again after getvvcol() - CVE-2021-4192 * SECURITY UPDATE: Going beyond the end of the line with /\%V - debian/patches/CVE-2021-4193.patch: Check for valid column in getvcol() - CVE-2021-4193 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using freed memory with /\%V - debian/patches/CVE-2021-4192.patch: Get the line again after getvvcol() - CVE-2021-4192 * SECURITY UPDATE: Going beyond the end of the line with /\%V - debian/patches/CVE-2021-4193.patch: Check for valid column in getvcol() - CVE-2021-4193

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 86a6874a209f24e6032a72d5d42f15f5feebb0c4 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 5854ad7f93eb98b46691fe52ae80bc0094c303bd vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 82d19dd5d860aac8d397a7b0380571cd89bc9c64 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 1e56753e5edb5cb2410e67cb36eeaf45ac3c5974 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els5_all.deb a4d6270b0e444bb02ed39de9a12f89376c415bdf vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 02b1c2f4bd65bc04ef27b50c88568a43c101aa42 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb a2fef74bd4df7713a261d9aa340e8a391d6dacfb vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb a8cc85745929a6ef53ea677c9a791c29cc92a12f vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 6e6108cf3b6b99768d84dbd3d095c458af1aebbb vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 74e3adff461462ea9bc779c22c4bda580535b301 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb a9b345f55a5b047b19c4b4ccbbf1d475ac3fc34b vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els5_all.deb aac33a2ded095ca8ca9a92ba4da7041c15e4d58a vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb cb8e122260f3f51d941b84fad9cc98428a39abfd vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb c2099cf79d62063d73c98c6d6093bb5b1336d9f2 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els5_all.deb 1c56a4c9b45cd7c29ce72fdcaa607c03765e4f22 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els5_amd64.deb 2484ab076b6798be358dbe57c63030d035073866 CLSA-2022:1642429251 Copyright 2021 Cloud Linux Inc 0 * Security update for Ubuntu 16.04. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Security update for Ubuntu 16.04.

0 cloudlinux-ubuntu16.04-els openjdk-8-demo_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 6677ae12be7cd01478e1e181b97651e751a6255c openjdk-8-doc_8u312-b07-0ubuntu1~16.04+tuxcare.els1_all.deb d6bddfb0f43c9d03f6c8bfadafd31fe4fae25213 openjdk-8-jdk_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 5762e3e38b2df6befe2552a727d3be0c8e5e6b1d openjdk-8-jdk-headless_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb a50d139267ecbc13b23e3a5a8731f50b76bf6bea openjdk-8-jre_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb b297ce2f7d7a9f16ed4c0160e9cc589049cc8ab3 openjdk-8-jre-headless_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 5cbe92212e1f3c4fc62e661a648481a06d889d08 openjdk-8-jre-jamvm_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 847dc803c881c252a5876e6a23c96276b29379f8 openjdk-8-jre-zero_8u312-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb cf4a508e02122828453c37ca2027452d977c0298 openjdk-8-source_8u312-b07-0ubuntu1~16.04+tuxcare.els1_all.deb 8bb674e90a1cca6be13fb7c6e8844064ea90bf20 CLSA-2022:1643211736 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Local Privilege Escalation in pkexec - debian/patches/CVE-2021-4034.patch: properly handle command-line arguments in src/programs/pkcheck.c, src/programs/pkexec.c. - CVE-2021-4034 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Local Privilege Escalation in pkexec - debian/patches/CVE-2021-4034.patch: properly handle command-line arguments in src/programs/pkcheck.c, src/programs/pkexec.c. - CVE-2021-4034

0 cloudlinux-ubuntu16.04-els gir1.2-polkit-1.0_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb b7646f18c09d4585b788e515416c095a0a424de2 libpolkit-agent-1-0_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb 4ae8bc99abeb8bbd977275de70bc33ad8bea941b libpolkit-agent-1-dev_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb 5460ef7ad3b8e19d8f55adacc0c22bd16e62140d libpolkit-backend-1-0_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb 0bd9f6ad286c79cb795618c19448611ba975ae2e libpolkit-backend-1-dev_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb 2cd68d791b0d1444fafca47fff079466dd9c7c6e libpolkit-gobject-1-0_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb d504bda410e523f473bcfe27aec99300a0f305c1 libpolkit-gobject-1-dev_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb dfa7df6343d8059d8f9d66555b4a455e42902b51 policykit-1_0.105-14.1ubuntu0.5+tuxcare.els1_amd64.deb 7831c6f2c9e5980ebe1cd915db442ef892b4b6cd policykit-1-doc_0.105-14.1ubuntu0.5+tuxcare.els1_all.deb c01911614c0dcf360dbc28179e72b734e59e5c2e CLSA-2022:1643637259 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Crash or buffer overflow - debian/patches/CVE-2017-12424.patch: fix buffer overflow if NULL line is present in db in lib/commonio.c. - CVE-2017-12424 * SECURITY UPDATE: Access to privileged information - debian/patches/CVE-2018-7169.patch: newgidmap: enforce setgroups=deny if self-mapping a group in src/newgidmap.c. - CVE-2018-7169 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash or buffer overflow - debian/patches/CVE-2017-12424.patch: fix buffer overflow if NULL line is present in db in lib/commonio.c. - CVE-2017-12424 * SECURITY UPDATE: Access to privileged information - debian/patches/CVE-2018-7169.patch: newgidmap: enforce setgroups=deny if self-mapping a group in src/newgidmap.c. - CVE-2018-7169

0 cloudlinux-ubuntu16.04-els login_4.2-3.1ubuntu5.5+tuxcare.els1_amd64.deb 8c44dd85d367208b7f9520a61596f757fe809df0 passwd_4.2-3.1ubuntu5.5+tuxcare.els1_amd64.deb 959990fd2bf6e0624a0ed3720549a071dc976736 uidmap_4.2-3.1ubuntu5.5+tuxcare.els1_amd64.deb b27900939a0a0c8fee24370c34aafa37b694b995 CLSA-2022:1643637294 Copyright 2021 Cloud Linux Inc 0 * CVE-2021-38198 - ELSCVE-686: KVM: MMU: return page fault error code from permission_fault - ELSCVE-686: kvm: x86: MMU support for EPT accessed/dirty bits - ELSCVE-686: KVM: nVMX: fix EPT permissions as reported in exit qualification - ELSCVE-686: KVM: X86: MMU: Use the correct inherited permissions to get shadow page * CVE-2021-3655 - ELSCVE-715: sctp: add size validation when walking chunks - ELSCVE-715: sctp: add param size validation for SCTP_PARAM_SET_PRIMARY - ELSCVE-715: sctp: validate chunk size in __rcv_asconf_lookup - ELSCVE-715: sctp: validate from_addr_param return - ELSCVE-715: sctp: fix return value check in __sctp_rcv_asconf_lookup * CVE-2021-3428 - ELSCVE-1704: ext4: don't allow overlapping system zones - ELSCVE-1704: ext4: check journal inode extents more carefully * CVE-2021-38205 - ELSCVE-389: net: xilinx_emaclite: Do not print real IOMEM pointer * CVE-2021-28688 - ELSCVE-670: xen-blkback: don't leak persistent grants from xen_blkbk_map() * CVE-2021-34693 - ELSCVE-668: can: bcm: fix infoleak in struct bcm_msg_head * CVE-2020-25673 - ELSCVE-819: nfc: Avoid endless loops caused by repeated llcp_sock_connect() * CVE-2021-23134 - ELSCVE-620: net/nfc: fix use-after-free llcp_sock_bind/connect * CVE-2021-3573 - ELSCVE-846: Bluetooth: use correct lock to prevent UAF of hdev object * CVE-2021-38204 - ELSCVE-457: usb: max-3421: Prevent corruption of freed memory * CVE-2021-42008 - ELSCVE-1730: net: 6pack: fix slab-out-of-bounds in decode_data * CVE-2020-36385 - ELSCVE-1181: RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fix CVEs: * CVE-2021-38198 * CVE-2021-3655 * CVE-2021-3428 * CVE-2021-38205 * CVE-2021-28688 * CVE-2021-34693 * CVE-2020-25673 * CVE-2021-23134 * CVE-2021-3573 * CVE-2021-38204 * CVE-2021-42008 * CVE-2020-36385

0 cloudlinux-ubuntu16.04-els linux-buildinfo-4.4.0-213-generic_4.4.0-213.245_amd64.deb 6612933e7527bb8dc2fd533c17ff9ef13b8feed5 linux-buildinfo-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb a0b4482f9821dbdd8f3376055e361344354db8b1 linux-cloud-tools-4.4.0-213_4.4.0-213.245_amd64.deb 489cf07c04697b1edacaaa8bfe4919ae93cfcaab linux-cloud-tools-4.4.0-213-generic_4.4.0-213.245_amd64.deb 98eed10e30c80afc76aa3e38d89c964f490b3388 linux-cloud-tools-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb b58327057036c742ac74a01f6a31019b79a48282 linux-cloud-tools-common_4.4.0-213.245_all.deb ffb541e8e58faa260cc257ab28fdd2de654b5bcb linux-doc_4.4.0-213.245_all.deb 04c9ccb254c35c4946b3c3712c59793ff3f89eb6 linux-headers-4.4.0-213_4.4.0-213.245_all.deb 5f1bb9bfaf1da2f19c553741b33e0d868a49fcc8 linux-headers-4.4.0-213-generic_4.4.0-213.245_amd64.deb 0c31717bb870c88712309882876341cd5e7681f1 linux-headers-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb a337326a03ed5c64f523800e5f4cf4a8a948613e linux-image-unsigned-4.4.0-213-generic_4.4.0-213.245_amd64.deb 14571e5897078d08043f536bc096a791fb8f6e5a linux-image-unsigned-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb a2a0f181ddbefb4bde6a9ef44e099eee6dc5ab3f linux-libc-dev_4.4.0-213.245_amd64.deb 667df021d65c4c1f844628a6112ca74a8d4bc6fa linux-modules-4.4.0-213-generic_4.4.0-213.245_amd64.deb c99415c5907ead5610f53cacc4e56ff9122b9f29 linux-modules-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb ae93f42be6eab6ec7c6ae811db40604a9d1a5d0b linux-modules-extra-4.4.0-213-generic_4.4.0-213.245_amd64.deb 29be9cd617b72e1ef06ae38f630d68989de8d4a6 linux-source-4.4.0_4.4.0-213.245_all.deb 82e984c87ec9c51686379087d2bb29a3cf692e8f linux-tools-4.4.0-213_4.4.0-213.245_amd64.deb 041370c721666c4f13f1a7c6f060710e5199b7f9 linux-tools-4.4.0-213-generic_4.4.0-213.245_amd64.deb 1501d3007a037c62a3a939770a17d3e30f6e5f95 linux-tools-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb 52f224600682f06106b6b587c87c579181f4b0dd linux-tools-common_4.4.0-213.245_all.deb 9aa390a51838fcc440c54aa3597cf254ab8ec9c5 linux-tools-host_4.4.0-213.245_all.deb a338ad7aba274346d3cfe9bcbaeadf5428911d50 CLSA-2022:1643639170 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Going over the end of status line buffer - debian/patches/CVE-2022-0213.patch: Check line length when appending a space to NameBuff - CVE-2022-0213 * SECURITY UPDATE: Block insert goes over the end of the line - debian/patches/CVE-2022-0261.patch: Handle invalid byte better and fix inserting the wrong text - CVE-2022-0261 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Going over the end of status line buffer - debian/patches/CVE-2022-0213.patch: Check line length when appending a space to NameBuff - CVE-2022-0213 * SECURITY UPDATE: Block insert goes over the end of the line - debian/patches/CVE-2022-0261.patch: Handle invalid byte better and fix inserting the wrong text - CVE-2022-0261

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 423ec29c6afdabe6a0128fa07d763e72d7b21b72 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb e778a1c9ab3885b67097e8d7cc740fe2f0316bf1 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb d1aef97729389977d569937d898533e389d2a050 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 99d75413c9b73fbe129123b5cff3be61b12a413a vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els6_all.deb 35d4b54ca7fcb31ea8ceaad9f5b9accf226e7e4d vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 92d829962068060de187ec5a62e5b44c577269a8 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 251d3c431951ce86075e0984b20a56c921e40dbd vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb ee8081565bd2a9fd0271bce17e6690f4e1b0f792 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 5c1e18c030650401c9214824e2655440b3a7bb3f vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb ff96b7dc76d178070a0f2db8c6d15e984f2d9518 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 6d00fbb6a64302465b1104c5c7ff8a48e6c921e6 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els6_all.deb 48c1d90c2b9d571d4ab469620d50335ee9a6bcab vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 279c04895aa5c73cc00456d0c33f98f5018449aa vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 8430386004e7b010b99bfdd9dc72a855981ef8ac vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els6_all.deb 5b74d162c8b4fc92153cb5940a22168124bf2243 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els6_amd64.deb 1870a94ee98b5d699df3c0f919e2cbcdf89610de CLSA-2022:1643819084 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: buffer overflow in svcunix_create - debian/patches/any/CVE-2022-23218.patch: check whether AF_UNIX socket path length doesn't exceed storage size - CVE-2022-23218 * SECURITY UPDATE: buffer overflow in clnt_create - debian/patches/any/CVE-2022-23219.patch: check whether AF_UNIX socket path length doesn't exceed storage size - CVE-2022-23219 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overflow in svcunix_create - debian/patches/any/CVE-2022-23218.patch: check whether AF_UNIX socket path length doesn't exceed storage size - CVE-2022-23218 * SECURITY UPDATE: buffer overflow in clnt_create - debian/patches/any/CVE-2022-23219.patch: check whether AF_UNIX socket path length doesn't exceed storage size - CVE-2022-23219

0 cloudlinux-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els3_all.deb 1aecc8fa24d28bbb23f78893f0db60d090a33a11 glibc-source_2.23-0ubuntu11.5+tuxcare.els3_all.deb 6bcfdb188a4ca56a821192b22d2cad2c9fc4122f libc-bin_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 917ff54d949ba7c08f667604cea6010d378515ec libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 9947681f264287bdea1ed0e3cb60c60baec151e9 libc6_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 3cdd15dba9225a538443673a1d08c5f04a80c03f libc6-dev_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 3bc7148a3733fe6252a5393f8589147e6b983d90 libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 0340ca9ea92253231033964279ef135caa093e66 libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 44efec8b06d39cad5c4db4cfa865256995a0f94c libc6-i386_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb cd3b81e56eaef3c3404280f25cc0ac79c48f3204 libc6-pic_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb cb15fa307f09eed39bc81441bbde5c35e43f1c8a libc6-x32_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 1df906d99bf09d451d83a6e2c65edb294eb75b49 locales_2.23-0ubuntu11.5+tuxcare.els3_all.deb 6c9efb117818043dedf166e15cd4e994981ffd4e locales-all_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 8536552ebb8b038317dd26dc058be23d93bbc5db multiarch-support_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb e2526e1950908f6515c2d591451b777e4dc424af nscd_2.23-0ubuntu11.5+tuxcare.els3_amd64.deb 5f01631d6b0b952ceb8a73baeffd1794926183f4 CLSA-2022:1644501113 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: code exec via out-of-bounds read/write in vfs_fruit - debian/patches/CVE-2021-44142.patch: refactor get_entry function in order to add additional checks - CVE-2021-44142 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: code exec via out-of-bounds read/write in vfs_fruit - debian/patches/CVE-2021-44142.patch: refactor get_entry function in order to add additional checks - CVE-2021-44142

0 cloudlinux-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 73b068609ca501ef397c8b7d7b5bcd0753d6c1a0 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb e835be4f4dcbb599593f0b9c4d10558bfbf17efa libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb c62bd0c87ed6890edafd412a7fd4eb5cacddfc66 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 378edb0827a464e5a2b260cfc245b5ff011a9dd4 libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 05d8dbf342696dc46fea07f907a6cde631b899ae libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 3d9131e6f93ef9d0e4d5890d89e2547ec3dcfb73 libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 03f52e7d46b7c55989b4eb547b3963d8fa0f701d libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 81c2f07ef9a3c2c8577fcfa2f25f1f2a7e47ef93 python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb f7b34523069a08f5e7a3d3a6883d8ea24bf5cc74 registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 7eee10c093063fbc413ab5b830f5765eaee604db samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb cd7e199eddb19b5bea7095c86bb6a4d449c69db5 samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_all.deb 91b328150706e31f164a1706ea125258aab1c2d8 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 9f05a227ad73e6872df34ebbb66675e9ed4e775e samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 5c272d022a7c76c84e46143ef5e6f46ba053106c samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb d3f5555afdf3c4fae03aa7b18bd1b178de6d8270 samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb fb1df12017cb5b0cccade7a8cd3185c5a2afed06 samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb c01fe66cf25cc5443183e78c31c643fc2e48b4eb samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 45992b07a3705abdd7ac00df30193e76c6396950 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 496b6546c2a723fa706fb965ff7f6f3f17c322dd winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els1_amd64.deb 582b4dc82edc497b27e70a8296b89a9ec1dd1ad5 CLSA-2022:1644855867 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Condition with many "(" causes a crash - debian/patches/CVE-2022-0351.patch: Limit recursion depth to 1000 - CVE-2022-0351 * SECURITY UPDATE: Illegal memory access with large tabstop in Ex mode - debian/patches/CVE-2022-0359.patch: Allocate enough memory - CVE-2022-0359 * SECURITY UPDATE: Illegal memory access when copying lines in Visual mode - debian/patches/CVE-2022-0361.patch: Adjust the Visual position after copying lines - CVE-2022-0361 * SECURITY UPDATE: Illegal memory access when undo makes Visual area invalid - debian/patches/CVE-2022-0368.patch: Correct the Visual area after undo - CVE-2022-0368 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Condition with many "(" causes a crash - debian/patches/CVE-2022-0351.patch: Limit recursion depth to 1000 - CVE-2022-0351 * SECURITY UPDATE: Illegal memory access with large tabstop in Ex mode - debian/patches/CVE-2022-0359.patch: Allocate enough memory - CVE-2022-0359 * SECURITY UPDATE: Illegal memory access when copying lines in Visual mode - debian/patches/CVE-2022-0361.patch: Adjust the Visual position after copying lines - CVE-2022-0361 * SECURITY UPDATE: Illegal memory access when undo makes Visual area invalid - debian/patches/CVE-2022-0368.patch: Correct the Visual area after undo - CVE-2022-0368

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 33550aa749fd27093560d3de92e90d4862d3338c vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 5f59713b3f2b69a63352cf0e09a8fa4e519fde9e vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb cd38a42ac127028922ece45175bdaba4a9b89491 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 66ec421f5f889f56bb64e54a732058154231235c vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els7_all.deb 79141802659541f44534c124e49665ac83ff84b1 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 1ede6110dcd52dc0b3b86e2b9281d973cba41754 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 0f8edad9d67e1a99703c7462a1eb4efbc5ad3e1e vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb bd7506a886e35134b691075da6e9dae273974897 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb b999bd2ebbb37edc11c6bd2c0f9e0758802c9f51 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb f4f5ce2e07fe3713733db6ea231a547fd69a9a1d vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 8ec2082e8aad110574932243bc964eec0cbde2ed vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els7_all.deb 41f337c77a8cbfa17b37a74dd7f0ecf79f155f01 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 0a4faf6fbc0e398906a54fb32f4a18c998f558a5 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb bf539a7f9b7ad2b20eaf54b29f02928692af9965 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els7_all.deb 499383783651dfb59d68c72b322b054b935a283d vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els7_amd64.deb 5eef0d0507ec5691dfc2e0a28c1613dd6e98d7b6 CLSA-2022:1645465475 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Stack corruption when looking for spell suggestions - debian/patches/CVE-2022-0408.patch: Prevent the depth increased too much, add a five second time limit to finding suggestions - CVE-2022-0408 * SECURITY UPDATE: Using freed memory when substitute with function call - debian/patches/CVE-2022-0413.patch: Make a copy of the substituted text - CVE-2022-0413 * SECURITY UPDATE: ':retab 0' may cause illegal memory access - debian/patches/CVE-2022-0417.patch: Limit the value of 'tabstop' to 10000 - CVE-2022-0417 * SECURITY UPDATE: Using freed memory with ':lopen' and ':bwipe' - debian/patches/CVE-2022-0443.patch: Do not use a wiped out buffer - CVE-2022-0443 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Stack corruption when looking for spell suggestions - debian/patches/CVE-2022-0408.patch: Prevent the depth increased too much, add a five second time limit to finding suggestions - CVE-2022-0408 * SECURITY UPDATE: Using freed memory when substitute with function call - debian/patches/CVE-2022-0413.patch: Make a copy of the substituted text - CVE-2022-0413 * SECURITY UPDATE: ':retab 0' may cause illegal memory access - debian/patches/CVE-2022-0417.patch: Limit the value of 'tabstop' to 10000 - CVE-2022-0417 * SECURITY UPDATE: Using freed memory with ':lopen' and ':bwipe' - debian/patches/CVE-2022-0443.patch: Do not use a wiped out buffer - CVE-2022-0443

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb e1e88fc0aab4d46ad3296e4f5cf463cc802689a2 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb a93133ba9e92819ecb738be747867d5359e77ad1 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 96037485f57966011f69214ca1a0b4b7e6efa5a7 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 4d04616f3bdeabb6fd9ac633021d7025f92c7b2c vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els8_all.deb 05144f8555815c556a1dcc441cccbaca06f52d6b vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 742ae79d4ce29c4d6dff66c2c7adc96a3a92d5cc vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb c88aefcca0520e21fbf2e188a0d2340aa8c5ffd7 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb bcf5f50837e0406646933b5779b3307a92e256ee vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 819bc5f81a877db0827d0f8c255de5da3e86ce24 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 3f28d57c27f2832c2865782137c2837e696651c5 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 574c72bc1abe987e8839a53980d299a24154be45 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els8_all.deb ee522bbfd54329cfbd62192ddf87568cd2900878 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb 483cd925941b0566fae4eea65c88862be083488b vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb c6161a49edcb4095d5ec7d7478167c54cf9e62a0 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els8_all.deb 4442ea6470df961d654c70f0e77c856e8292de65 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els8_amd64.deb b65b948f095fa33ee98cb7aff743d3d131c95a2b CLSA-2022:1645465490 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Denial of Service and Data Integrity vulnerability in features command - debian/patches/CVE-2021-32036.patch: Check action type for oidReset - CVE-2021-32036 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service and Data Integrity vulnerability in features command - debian/patches/CVE-2021-32036.patch: Check action type for oidReset - CVE-2021-32036

0 cloudlinux-ubuntu16.04-els mongodb_2.6.10-0ubuntu1+tuxcare.els1_amd64.deb def182e7c5354d6edba0e4fb7d7fce083fcdd2dd mongodb-clients_2.6.10-0ubuntu1+tuxcare.els1_amd64.deb 3bcd39f634f002e6cbe5339aaad457f7931aaf62 mongodb-server_2.6.10-0ubuntu1+tuxcare.els1_amd64.deb 537ab276b13db1a923294c2a9869c333cac35128 CLSA-2022:1646061262 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: SQL injection in SQL plugin - debian/patches/CVE-2022-24407.patch: escape password for SQL insert/update commands in plugins/sql.c. - CVE-2022-24407 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: SQL injection in SQL plugin - debian/patches/CVE-2022-24407.patch: escape password for SQL insert/update commands in plugins/sql.c. - CVE-2022-24407

0 cloudlinux-ubuntu16.04-els cyrus-sasl2-doc_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_all.deb 75d3cdadb0d475129d74101691e70d3772073e57 libsasl2-2_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb 4b83c3dae7087fc09912f8f8797098e5ea8d4d9b libsasl2-dev_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb dbadf721eeee545e4d0365131a576dc224af9cdf libsasl2-modules_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb 3eba24ef550dd10093ca98b5fc3868878d157f93 libsasl2-modules-db_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb 3a8a036f487051afcb1f8044a52913f997b5c07b libsasl2-modules-gssapi-heimdal_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb e237bf7d6b0f20bda8620d229827bda6de5e7fac libsasl2-modules-gssapi-mit_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb dc2ad9a921b687c1ed5ab3d60617acaf914759f9 libsasl2-modules-ldap_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb 695b9db3df4b2013eee2c64d227d20317bb02ed4 libsasl2-modules-otp_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb be020cdad9175e7fc0c7e0ee0993ca3b50c28926 libsasl2-modules-sql_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb 27d61dc427e2ec94aca81455204dbc0ce0eb53cb sasl2-bin_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb de3d415e526942eeadb1242bf53043b69557a1b1 CLSA-2022:1646085834 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2015-9253-pre1.patch: include .inc files used in fpm tests in sapi/fpm/tests/ alogin with other .phpt test scripts. - debian/patches/CVE-2015-9253-pre2.patch: close the listening socket on sapi/fpm/fpm/fpm_signals.c and added tests in sapi/fpm/tests/bug77934-reload-process-control.phpt. - debian/patches/CVE-2015-9253.patch: directly listen on socket, instead of dumping it to STDIN in sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm_stdio.c, and added tests in sapi/fpm/tests/bug73342-nonblocking-stdio.phpt. - CVE-2015-9253 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2017-8923-pre.patch: added ZSTR_MAX_LEN macro in Zend/zend_string.h and make use of it in Zend/zend_operators.c instead of using SIZE_MAX. - debian/patches/CVE-2017-8923.patch: added a length check before calling zend_string_realloc method in Zend/zend_vm_def.h and Zend/zend_vm_execute.h. - CVE-2017-8923 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2017-9118.patch: added ZSTR_MAX_OVERHEAD macro in Zend/zend_string.h that has the the maximal overhead of a zend_string and uses it in ext/pcre/php_pcre.c to assign a zend_string length value. - CVE-2017-9118 * SECURITY UPDATE: Use after free - debian/patches/CVE-2017-9119.patch: changed the decrement of refcount to be made once the string allocation has succeeded in Zend/zend_string.h. - CVE-2017-9119 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2017-9120.patch: changed the string allocation from zend_string_alloc to zend_string_safe_alloc in ext/mysqli/mysqli_api.c. - CVE-2017-9120 * SECURITY UDPATE: Improper handling of special characters - debian/patches/CVE-2021-21707.patch: added a string validation to check for improper characters in ext/dom/domimplementation.c and in ext/libxml/libxml.c and added tests in ext/simplexml/tests/bug79971_1.phpt and ext/dom/tests/bug79971_2.phpt. - CVE-2021-21707 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2015-9253-pre1.patch: include .inc files used in fpm tests in sapi/fpm/tests/ alogin with other .phpt test scripts. - debian/patches/CVE-2015-9253-pre2.patch: close the listening socket on sapi/fpm/fpm/fpm_signals.c and added tests in sapi/fpm/tests/bug77934-reload-process-control.phpt. - debian/patches/CVE-2015-9253.patch: directly listen on socket, instead of dumping it to STDIN in sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm_stdio.c, and added tests in sapi/fpm/tests/bug73342-nonblocking-stdio.phpt. - CVE-2015-9253 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2017-8923-pre.patch: added ZSTR_MAX_LEN macro in Zend/zend_string.h and make use of it in Zend/zend_operators.c instead of using SIZE_MAX. - debian/patches/CVE-2017-8923.patch: added a length check before calling zend_string_realloc method in Zend/zend_vm_def.h and Zend/zend_vm_execute.h. - CVE-2017-8923 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2017-9118.patch: added ZSTR_MAX_OVERHEAD macro in Zend/zend_string.h that has the the maximal overhead of a zend_string and uses it in ext/pcre/php_pcre.c to assign a zend_string length value. - CVE-2017-9118 * SECURITY UPDATE: Use after free - debian/patches/CVE-2017-9119.patch: changed the decrement of refcount to be made once the string allocation has succeeded in Zend/zend_string.h. - CVE-2017-9119 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2017-9120.patch: changed the string allocation from zend_string_alloc to zend_string_safe_alloc in ext/mysqli/mysqli_api.c. - CVE-2017-9120 * SECURITY UDPATE: Improper handling of special characters - debian/patches/CVE-2021-21707.patch: added a string validation to check for improper characters in ext/dom/domimplementation.c and in ext/libxml/libxml.c and added tests in ext/simplexml/tests/bug79971_1.phpt and ext/dom/tests/bug79971_2.phpt. - CVE-2021-21707

0 cloudlinux-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 9f697e2e417b0f17f31098f2b080703d33bb3063 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 6b28b0ae73d0a441f834ec03dde4839f1e6761f0 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_all.deb 602cdecbe052cb246643497489e10e434fc1635f php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 1bdaf7d2056391be7177ba9856e366d0ac78d9a9 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 9828527d6e9d86c65f9111cf9130d91b9bb34f71 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 1e7616078cfce3e3520e6d608726d95c995b7065 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 992043429db7036a191431d6d3a0d3631e8972f5 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 89428768e6cf4df5457a1ccb2fbca34ad4a240b5 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 0e29d95f0e1c677b250933f9fcf7321277aaa9f3 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb dd1d0a7eb6615caad0bc18fafe04cba515d3fd90 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 0b373b2124d37269e141b428ca536ae2f4319da0 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 97cbaf869992ad1d45d06e61d995873f48dc37cd php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 2b07699f1d0fa1af69180c3291146d218153c2d6 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 876e2ccfbb8cfb2f77c01844cd68ba61ef53f432 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb ec2cd7b2bac890aa3963195e59376570bdc2e201 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 5fd132b3efa35a3f842ed172d4fe41a1e3637396 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 19b27c2655bcd0c969e9320231d45825e84e73cc php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 6e641fba874f73c659d3be8c6cad576cc43ddce3 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 10b65ac61eaedb1e8d0386963163916b31907fee php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb b835c41dd56ffbd047df52c87ad5759a301fe11b php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 859061dd7c7ad64b7faa45ad06e0690de9af1fdf php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 2fdebd8a8ef880f1a28c32f18cc1f44d3fcfb8bc php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 54ece0f53de3148f23ffcefc93a7d472ca4c9cf5 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb d621b525473d36497cd1dd2d96bb8afdfcc66b43 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb e0fc04bb5f17549696791fbf075bc0d649cac48a php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 7732e0f45b25b4ba9395d43ec26bac11ecb35dec php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 667578bed09c66793596e7a29e175725776fad7e php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 5469822a1231bd39313089efe71db45c1b76067d php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb e7cd2b1cb4d33f972c1acf13e5076250eb748d96 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb c629169b306feca7bde4915a27efd7ea3caf2a97 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 184f718067f1634f69c33b88c5dc23b483d2d316 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb eab04bbc953afefc6e8b2756b69501bafc55b81f php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb e25daf6bb4b554a6f4a7d5110d8955752894c2bc php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb e1f87c5bfed1753d4857faad737268cda3174b99 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 8788460e67e98a96ba60f724372dbd3ad14010e4 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb a8bed7aee0b4571b299f07f124bc064c88198e77 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 557ab48bec07b236d971d06925c7c0215147112c php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_all.deb 9a54096575832589605c3713ed7948c422229532 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els2_amd64.deb 0ac77edbe967a1811ae8734f76648bc5d69e066e CLSA-2022:1646915699 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: May end up with no current buffer - debian/patches/CVE-2022-0554.patch: When deleting the current buffer to not pick a quickfix buffer as the new current buffer - CVE-2022-0554 * SECURITY UPDATE: Crash when repeatedly using :retab - debian/patches/CVE-2022-0572.patch: Bail out when the line is getting too long - CVE-2022-0572 * SECURITY UPDATE: Crash when using special multi-byte character - debian/patches/CVE-2022-0685.patch: Don't use isalpha() for an arbitrary character - CVE-2022-0685 * SECURITY UPDATE: Crash with specific regexp pattern and string - debian/patches/CVE-2022-0729.patch: Stop at the start of the string - CVE-2022-0729 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: May end up with no current buffer - debian/patches/CVE-2022-0554.patch: When deleting the current buffer to not pick a quickfix buffer as the new current buffer - CVE-2022-0554 * SECURITY UPDATE: Crash when repeatedly using :retab - debian/patches/CVE-2022-0572.patch: Bail out when the line is getting too long - CVE-2022-0572 * SECURITY UPDATE: Crash when using special multi-byte character - debian/patches/CVE-2022-0685.patch: Don't use isalpha() for an arbitrary character - CVE-2022-0685 * SECURITY UPDATE: Crash with specific regexp pattern and string - debian/patches/CVE-2022-0729.patch: Stop at the start of the string - CVE-2022-0729

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 380a73e32ed581f9b5e049beb386c40d9e63ed3d vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 911dcb145a7a6b3f5f66d4f3000960e86a855098 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 26d31db5a51df4cb89eafc27618b09e20eb4db38 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 67990e69e6bd3472eb115143caeec445a5ce0774 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els9_all.deb 8c73f7d7bd749a27914eb00bd55a1d31256495c3 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 1d961489a367da2335396dfec2829d8151efe2d2 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 36f29b95c2f40cdaa5bbcc7806a9807865c46282 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 8bd67b6b299fbec31e305b50534942dcf1357e0c vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb bcd0fd5ff8f3688033e22efa121b62d855588fc4 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 8e0c5dbee3500a4dfa4f387fac280cda6fb73fa3 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 6d3c6be7b3f0ec9bae2ee0ee9d4a9c64831e7dcb vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els9_all.deb 1eadd590d76aceaa88623fc6f35d9daf10663789 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 0b1ac119c011ae4caa61a944e36b94e0d7178080 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb a18c6e1091a02dcb1fb8f3393ce8d79105e93ee7 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els9_all.deb 9c8aaf17bfeb3523897f4b4d216cda5c7aee2369 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els9_amd64.deb 4a135f6d2e81f5e6b3ac6f877723415f859c1e09 CLSA-2022:1647254642 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Use-after-free of ID and IDREF attributes - debian/patches/CVE-2022-23308.patch: Do not store empty or whitespace-only attributes in ID table - CVE-2022-23308 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use-after-free of ID and IDREF attributes - debian/patches/CVE-2022-23308.patch: Do not store empty or whitespace-only attributes in ID table - CVE-2022-23308

0 cloudlinux-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els2_amd64.deb a4369faf1a6ed2b79abe1174660ab36b8152bccd libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els2_amd64.deb 435737ca8db3ed2c08ad120b0502073c8d0dbe8e libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els2_all.deb 2645c185fde26622ba5314e9f2224fee6d1b9157 libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els2_amd64.deb f5833f9c458a7714777523b76b842713552abe8d python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els2_amd64.deb c6d97594b9a5d32bce800075511ae35272156fc4 CLSA-2022:1647254655 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: incorrect URL parsing - debian/patches/CVE-2022-0391.patch: add stripping ASCII newline and tabs from the url by urllib.parse - CVE-2022-0391 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: incorrect URL parsing - debian/patches/CVE-2022-0391.patch: add stripping ASCII newline and tabs from the url by urllib.parse - CVE-2022-0391

0 cloudlinux-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_all.deb 16439bd67b7da9d25c14d8b8dece8ce4cabf6670 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb eebbd4927c1ba828c5654e2487232d10615bdfc8 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb 7f40154c7c8b2cc03dbcf6110a19d26d3ab59f63 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb 7f8ddbeadf83449d2eaaf7dd586149806cddd9cb libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb dcd18abcfe0a5aaef1b94d9781fc5195de658a8c libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_all.deb 73fef3c96ab93ab5ee18fbf5d670cf4aa35ce6ec python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb a2641744c88b09564010186a5e0fc1ecf5798001 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb dcd8fb79429e3a41107cc9eaf82d405b4b15aaae python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_all.deb b94e361ea116ea3262a9af569299617847bae124 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_all.deb 31dc2766512fc699b27b719d074097143b0902a3 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els1_amd64.deb 12b6d810b398e4c716181233af42ce7a4efee199 CLSA-2022:1647550603 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Infinite loop in BN_mod_sqrt() - debian/patches/CVE-2022-0778.patch: fix infinite loop in crypto/bn/bn_sqrt.c. - CVE-2022-0778 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Infinite loop in BN_mod_sqrt() - debian/patches/CVE-2022-0778.patch: fix infinite loop in crypto/bn/bn_sqrt.c. - CVE-2022-0778

0 cloudlinux-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els2_amd64.deb c12c0ee9cdb79104597058d0ec7d3c1184cd8704 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els2_all.deb f0bf7422f7f5e84f96dbea00c7fdb40da5dffd31 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els2_amd64.deb 28453c0c16b60afca72b72f134dd07779d729371 openssl_1.0.2g-1ubuntu4.21+tuxcare.els2_amd64.deb 7539f9b645a8089257c732b657e08e2f7d09884b CLSA-2022:1647969910 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/httplib.py, Lib/test/test_httplib.py. - CVE-2021-3737 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/httplib.py, Lib/test/test_httplib.py. - CVE-2021-3737

0 cloudlinux-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb 64b233a406b843f27e39541e056610388df5c732 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 2c60c60bcaf33c1f34f63ec56e477ab8bf92d02f libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb bce3db2a34921713e5d1526f1757586de7acdd8f libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 4637a4a8db3550656b999c57dfa5c82a3dc1e777 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 53911c349649410d93f7c902af82c651ee643198 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb 0e6f1eb77fe8cc17996ce3cb6d8be62cd4be675f python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 7742d55b5221314291f00cdcb21a4d4f7461ad50 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 4ef073be436a89ac2f95384d8269e4b303b4eca5 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb 4bf396aa801830c077e871584a19711d29d13b9a python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb 273f0b6da5e4474bce8f0489bd5be29f2de8de11 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb ba82e100d37c959dc4ce0b2b442ae4349d0d93a7 CLSA-2022:1648048535 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/httplib.py, Lib/test/test_httplib.py. - CVE-2021-3737 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/httplib.py, Lib/test/test_httplib.py. - CVE-2021-3737

0 cloudlinux-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb 35dcd18f36750fbc02e405bd41188f78e470a586 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 30a6c66c5605629ed6ea457270c387d85765f815 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb dff63b3f5c56164f15209d87b81e5c22a0de435d libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb fc146f0a1cccd5faff1331e7c88784deae81004b libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb b5549aeb9c371b8d50c00bb7bf6af302ea18ae7a libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb ecf85ff9eb4a3aba708e6101a894f34618cad86f python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 2b88d7a8bba101584a11658d145f45195ecba456 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 945501eba21b7019c1e071777b0bc14b6f97e05e python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb 31e92b93e12fba1517f059c06ae2ccdb072e8ee8 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_all.deb fca7a35760295093e88a490cdf53e1e848ff441e python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els2_amd64.deb 007c0b845b33c6153e5b68fa265308a6f62b275f CLSA-2022:1648136327 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: mod_lua Use of uninitialized value of in r:parsebody - debian/patches/CVE-2022-22719.patch: refactor lua_read_body() in order to catch all possible errors - CVE-2022-22719 * SECURITY UPDATE: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier - debian/patches/CVE-2022-22720.patch: simpler connection close logic if discarding the request body fails - CVE-2022-22720 * SECURITY UPDATE: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - debian/patches/CVE-2022-22721.patch: make sure and check that LimitXMLRequestBody fits in system memory - CVE-2022-22721 * SECURITY UPDATE: mod_sed: Read/write beyond bounds - debian/patches/CVE-2022-23943.patch: use size_t to allow for larger buffer sizes and unsigned arithmetics and refactor logic flow of sed_write_output() - CVE-2022-23943 apache2 (1:2.4.18-2ubuntu3.17+tuxcare.els3) xenial-security; urgency=medium Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_lua Use of uninitialized value of in r:parsebody - debian/patches/CVE-2022-22719.patch: refactor lua_read_body() in order to catch all possible errors - CVE-2022-22719 * SECURITY UPDATE: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier - debian/patches/CVE-2022-22720.patch: simpler connection close logic if discarding the request body fails - CVE-2022-22720 * SECURITY UPDATE: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - debian/patches/CVE-2022-22721.patch: make sure and check that LimitXMLRequestBody fits in system memory - CVE-2022-22721 * SECURITY UPDATE: mod_sed: Read/write beyond bounds - debian/patches/CVE-2022-23943.patch: use size_t to allow for larger buffer sizes and unsigned arithmetics and refactor logic flow of sed_write_output() - CVE-2022-23943 apache2 (1:2.4.18-2ubuntu3.17+tuxcare.els3) xenial-security; urgency=medium

0 cloudlinux-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els4_amd64.deb 6e1e37b6f1c0c90bde17d98cd6e31f0fed4aeeb5 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els4_amd64.deb a20940b0171c5eec5ab001fcb762a49d79388e39 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els4_all.deb bfa44ea8d6a27c4ef5a86b045b9465b0d8a9c832 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els4_amd64.deb 8e750f2eef6e1682647aa0d5f3d045fa43c0b429 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els4_all.deb bf32725a4337dea65db97300e3a511ea4f2d97e4 apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els4_amd64.deb 7f22e20ec35a5fb99e9cb8fb04d28707a4393cbb apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els4_amd64.deb da5505da5ad6498a447a6acac69f8fff32de7782 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els4_amd64.deb 336a6170ec6cb95b0d38913efdba5dfaa207ae51 CLSA-2022:1648138003 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Regain dropped privileges - debian/patches/CVE-2019-20044-pre.patch: change the order of the calls to setgid (this should go first) and setuid in Src/options.c. - debian/patches/CVE-2019-20044-1.patch: add extra checks to drop privileges securely in Src/options.c. - debian/patches/CVE-2019-20044-2.patch: add Src/openssh_bsd_setres_id.c and its object file to Src/zsh.mdd, fix some of the checks from the previous patch in Src/options.c, update compatibility wrappers in Src/zsh_system.h, update the uid/gid methods in AC_CHECK_FUNCS in configure.ac and add a test in Test/E01options.ztst. - debian/patches/CVE-2019-20044-3.patch: improve Src/options.c changes from above two patches. - debian/patches/CVE-2019-20044-4.patch: clean up white spaces in Src/options.c. - debian/patches/CVE-2019-20044-5.patch: add privileged tests to Test/P01privileged.ztst, remove the notes on privileged test in Test/E01options.ztst and add the prilived tests to the Test/README. - CVE-2019-20044 * SECURITY UPDATE: Arbitrary code execution - debian/patches/CVE-2021-45444.patch: save PROMPTSUBST option before the call to promptexpand() in b/Src/prompt.c and restore after it is executed. - CVE-2021-45444 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Regain dropped privileges - debian/patches/CVE-2019-20044-pre.patch: change the order of the calls to setgid (this should go first) and setuid in Src/options.c. - debian/patches/CVE-2019-20044-1.patch: add extra checks to drop privileges securely in Src/options.c. - debian/patches/CVE-2019-20044-2.patch: add Src/openssh_bsd_setres_id.c and its object file to Src/zsh.mdd, fix some of the checks from the previous patch in Src/options.c, update compatibility wrappers in Src/zsh_system.h, update the uid/gid methods in AC_CHECK_FUNCS in configure.ac and add a test in Test/E01options.ztst. - debian/patches/CVE-2019-20044-3.patch: improve Src/options.c changes from above two patches. - debian/patches/CVE-2019-20044-4.patch: clean up white spaces in Src/options.c. - debian/patches/CVE-2019-20044-5.patch: add privileged tests to Test/P01privileged.ztst, remove the notes on privileged test in Test/E01options.ztst and add the prilived tests to the Test/README. - CVE-2019-20044 * SECURITY UPDATE: Arbitrary code execution - debian/patches/CVE-2021-45444.patch: save PROMPTSUBST option before the call to promptexpand() in b/Src/prompt.c and restore after it is executed. - CVE-2021-45444

0 cloudlinux-ubuntu16.04-els zsh_5.1.1-1ubuntu2.3+tuxcare.els1_amd64.deb 1a1dbfce0b9aabc00d99391e107756c343c5c59c zsh-common_5.1.1-1ubuntu2.3+tuxcare.els1_all.deb f1311a634160d632fbe1473228cc64a9c4db85ba zsh-dev_5.1.1-1ubuntu2.3+tuxcare.els1_amd64.deb b4d92a90220a6ae65cbd8fb8c67ec380acc5dd0b zsh-doc_5.1.1-1ubuntu2.3+tuxcare.els1_all.deb 6528cbc2a45a4b794071ddc45d51b5b2ecb3bd07 zsh-static_5.1.1-1ubuntu2.3+tuxcare.els1_amd64.deb e94557d17657c0894d3f5489936683a9bda06280 CLSA-2022:1648142109 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Crash if image dimensions are too large - debian/patches/CVE-2017-13144-*.patch: Fix memory leak in MPC image format - CVE-2017-13144 * SECURITY UPDATE: Stack-based buffer overflow - debian/patches/CVE-2020-19667.patch: Zero-out memory before use - CVE-2020-19667 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2020-25664.patch: Expand virtual memory allocation by 256 bytes - CVE-2020-25664 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2020-25665.patch: Expand virtual memory allocation by 256 bytes - CVE-2020-25665 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2020-25674.patch: Properly calculate upper limit for color loop - CVE-2020-25674 * SECURITY UPDATE: Signed integer overflows - debian/patches/CVE-2020-25676.patch: Constrain pixel offsets in magick/pixel.c - CVE-2020-25676 * SECURITY UPDATE: Division by zero - debian/patches/CVE-2020-27750.patch: Replace division by multiplication in magick/colorspace-private.h - CVE-2020-27750 * SECURITY UPDATE: Memory leaks - debian/patches/CVE-2020-27753.patch: Fix memory handling in coders/miff.c - CVE-2020-27753 * SECURITY UPDATE: Division by zero - debian/patches/CVE-2020-27760.patch: Fix division by zeros in magick/enhance.c - CVE-2020-27760 * SECURITY UPDATE: Outside the range of representable values - debian/patches/CVE-2020-27762.patch: Adds consistency checks in coders/hdr.c - CVE-2020-27762 * SECURITY UPDATE: Unsigned int overflow - debian/patches/CVE-2020-27770.patch: Guard against underflow when decrement value in magick/string.c - CVE-2020-27770 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash if image dimensions are too large - debian/patches/CVE-2017-13144-*.patch: Fix memory leak in MPC image format - CVE-2017-13144 * SECURITY UPDATE: Stack-based buffer overflow - debian/patches/CVE-2020-19667.patch: Zero-out memory before use - CVE-2020-19667 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2020-25664.patch: Expand virtual memory allocation by 256 bytes - CVE-2020-25664 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2020-25665.patch: Expand virtual memory allocation by 256 bytes - CVE-2020-25665 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2020-25674.patch: Properly calculate upper limit for color loop - CVE-2020-25674 * SECURITY UPDATE: Signed integer overflows - debian/patches/CVE-2020-25676.patch: Constrain pixel offsets in magick/pixel.c - CVE-2020-25676 * SECURITY UPDATE: Division by zero - debian/patches/CVE-2020-27750.patch: Replace division by multiplication in magick/colorspace-private.h - CVE-2020-27750 * SECURITY UPDATE: Memory leaks - debian/patches/CVE-2020-27753.patch: Fix memory handling in coders/miff.c - CVE-2020-27753 * SECURITY UPDATE: Division by zero - debian/patches/CVE-2020-27760.patch: Fix division by zeros in magick/enhance.c - CVE-2020-27760 * SECURITY UPDATE: Outside the range of representable values - debian/patches/CVE-2020-27762.patch: Adds consistency checks in coders/hdr.c - CVE-2020-27762 * SECURITY UPDATE: Unsigned int overflow - debian/patches/CVE-2020-27770.patch: Guard against underflow when decrement value in magick/string.c - CVE-2020-27770

0 cloudlinux-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 6f6506f00864fe57341900bdbcea0802039605e1 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 188445b562fb794919093fa3408f7576ac95c749 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 47a1cc1f02c38467c052bf09a51deccd63cfb761 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 6777baac1a11405af6bcd10a8efd807d1c49f9ac libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 23c24dc35fe268e3c73b4a6fb2cfc031092e7a71 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 6f31c040f168a67003e0c0d6d393e5d7b8b7874b libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb e8733b8a52b4e5476a8d5dc97d241f2f40c2f524 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 7335a538b55f98fa0c5cd119ca471be22d94504b libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb e4f86790e23ee44c4bc1f98752753a843e2e6b4e libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb c15c3cf6b21e98b63d3c536246c34f3be2210d28 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 2c76f7e6edd7b994d168b094d850f574979c5123 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 11d955d860c946753d1ede8f9c039b229bc9b04c libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 82173437aad7e472196d185350e70324c307a2e8 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 255a2247255f6d9006ec46cb0ec70be0021c33e8 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 65f57ff544a428bf45e310a28f4dbb81b744ed93 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 17c8036d1ac7ceb0b9f00edeb01da132eccddbc4 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 498f99ed864b926240f79d3e11eecf0475eb17e4 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 0ca2a7533d1a6d7159631a4c88b84cce4fde143c libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_amd64.deb 019d1a7dcd0c77b72edd88676e445e694fd68923 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb 33403f199aec61c5da62a61046248150e969908b perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els2_all.deb c56c885de9d0cf0633de16e9cc21085c61afceb4 CLSA-2022:1648149396 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: single byte buffer underflow and overflow - debian/patches/any/CVE-2021-3999.patch: reject buffer of size 1 and return NULL with errno set to ERANGE - CVE-2021-3999 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: single byte buffer underflow and overflow - debian/patches/any/CVE-2021-3999.patch: reject buffer of size 1 and return NULL with errno set to ERANGE - CVE-2021-3999

0 cloudlinux-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els4_all.deb 12a48f89f28b4c47410992fc1565c05e169a1957 glibc-source_2.23-0ubuntu11.5+tuxcare.els4_all.deb b1bdfe266c3661913ca12c0899ad4dc232bd143a libc-bin_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 5af21364dc458e986f27381e2059b34b4b427b1b libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb c3823ac1580c11becded7597e37c6b5d55dba75e libc6_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 1d629afc50a8b35d899121ed30208fb0a527937b libc6-dev_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb c51346e48fb3b49630d29da07f2248866885e5f5 libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 0962248cf2fff82c77691b71859222ac4d4b3c8a libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 4fda9736d5ca5e07588a36ee788e487107c353fd libc6-i386_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 3ef9088ede8b54840d06837594282e3a38c1342d libc6-pic_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 60690790089eccc4466e02a82f43a6caa720c12d libc6-x32_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 86f2ddae6a317ba79fd7b480371b2273993987e7 locales_2.23-0ubuntu11.5+tuxcare.els4_all.deb 4d25aefa32536781487e59fb498d49694949f7ca locales-all_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb f81aca126c52d7778270022629bc79becda7de42 multiarch-support_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 7b4140ba565adfda9b5eb1aaacb8dbefda91eb86 nscd_2.23-0ubuntu11.5+tuxcare.els4_amd64.deb 6671fe1468514d3ab8c53a81adfce7da865da9b2 CLSA-2022:1649170483 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: cache poisoning via bogus NS records - debian/patches/CVE-2021-25220.patch: tighten rules for acceptance of records into the cache in lib/dns/resolver.c. - CVE-2021-25220 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: cache poisoning via bogus NS records - debian/patches/CVE-2021-25220.patch: tighten rules for acceptance of records into the cache in lib/dns/resolver.c. - CVE-2021-25220

0 cloudlinux-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb b2af72e6c7a72dd17bd4411dd3be195c6d36f1ed bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_all.deb f10e320300d240c96823c7fab2082582368591ff bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 52b1324f0a51b2ba9e9ade7ea393e2b35d622490 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 92eb28967a68973b93007e45505b29329a18eb2c dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 486e1b9abe0b3a22a4d3ba04fead649e2347d53f host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_all.deb f79e749de81a5eb9dfff370e7bf137ed44140d9f libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 052852fb07d5abd35676cec03f29f93355fe2689 libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 28d5632679c3065676248e05278cd2663c9cfaf2 libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 24db18b4656e167887011b4bb388730e5ae9717b libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 199a101594dcd5d4c5f388b6f08742c174d39344 libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 19fa92260d4df4d8bb18a40d25ba856c31be23c4 libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 3522d9af577ffe94948ee89edc03dc6c30e93714 libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 04b02f4ddc120a3523c94786a058e785eb5727ba libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 741b7c6eab54f00d40c630645e4c77ef95e1765a libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 9b95aef3f835a9fc821b1061ea378921752b16be libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 1002041ec39a417eee85676ac9aa24c2aff6006b libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 27c44652e53558171417c1be078cd83b33b1c627 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb ee95edcc9a8b7310c5068f5a77c0200d0c3545ff libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb 0744b6097dde7a8ff2648f8d8b9cdd075e8fe3d5 liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb d3f5410819c5942bed05f81aff7c87a6c32bf707 lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els2_amd64.deb a76b37e71be541660dce407bb6f7869e88f690a3 CLSA-2022:1649170534 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2022-0943.patch: Don't include the NULL to the end of the line - CVE-2022-0943 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2022-0943.patch: Don't include the NULL to the end of the line - CVE-2022-0943

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb a2aca6740dbb31b0f4f4ef1ada44ddf57dafeaa7 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb f999303ffcd5034e764c4bd7aa779c35e3672df3 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb 5a03c6840bcfd108421bb419d3c8e62e025afcb8 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb a1d2ac04c9c24690c12730b2b206db13ce868496 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els10_all.deb 906873048a4ef70af660741dfb4c72de0d058496 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb c7e71ed1cee5dfedaf0c165b46ca4404f4a3d181 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb 30f56b78991e43a3500b047b8a72944d20410daf vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb 7aa66578eaff1cdf7102bb0fa58f66fae8a416ff vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb b84787b1b5f40eefeb8640c0eeac843122b69914 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb 28103d6a9dadf544bd81653c30ef0e720be06388 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb 4dab6f3cebd88e8b7ae98d1b5c40567e7200bff8 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els10_all.deb f707407b093053f35190fc3097ae5571efb3116f vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb 5d293dfff4020f174fa3b195eb9be7a6f25ad53b vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb dc339527f4e925aee0b315c7a64580dc80a8dcc3 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els10_all.deb 4449ea40fa4d1395479027009a5ad1f797bae675 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els10_amd64.deb a3271851f30543d0d65c0c4cb9c1d32ef1ff5725 CLSA-2022:1649170553 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/test_ftplib.py. - CVE-2021-4189 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/test_ftplib.py. - CVE-2021-4189

0 cloudlinux-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_all.deb 8a26f64512f7638e7339f77d6d61c24c8675f8ad libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb e3523f7a7f004c83a8f45f11ccb85b63687d1817 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb e0bd47b4b303800ce6e2207c9ec8da2266c9034a libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb 50ee951394f02370562e3b4663aff2855325b133 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb 1a51bba3db6030a8d96f0a05c39fe5b2173888b3 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_all.deb 197aa569bb532cfbe793fa7a0b7dcbe685f03daa python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb c85837a31896a6556e9a2bac22b04265fd75b2ce python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb 50f9170d7f10b98ef1093babf1cb6e0225606229 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_all.deb ecb4b9d75437ac6127e308a84646b68d81dbfc65 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_all.deb 10d81b6a288b08dcfd2e1580548c32427cd2c457 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els3_amd64.deb eae76a2c20a28615fd7797d6b2f9ab5c10e5cef9 CLSA-2022:1649170583 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: memory corruption when deflating - debian/patches/CVE-2018-25032-1.patch: fix a bug that can crash deflate on some input when using Z_FIXED in deflate.c, deflate.h. - debian/patches/CVE-2018-25032-2.patch: assure that the number of bits for deflatePrime() is valid in deflate.c. - CVE-2018-25032 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption when deflating - debian/patches/CVE-2018-25032-1.patch: fix a bug that can crash deflate on some input when using Z_FIXED in deflate.c, deflate.h. - debian/patches/CVE-2018-25032-2.patch: assure that the number of bits for deflatePrime() is valid in deflate.c. - CVE-2018-25032

0 cloudlinux-ubuntu16.04-els lib32z1_1.2.8.dfsg-2ubuntu4.3+tuxcare.els1_amd64.deb 14671ce7fb4a9d6b13d047169de60855f5dadf55 lib32z1-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els1_amd64.deb 03b2e26f35d5c65c34b8413ef5ec118c6e50780d libx32z1_1.2.8.dfsg-2ubuntu4.3+tuxcare.els1_amd64.deb dc4387a7569195bf6645ebdc737ffbd6556efeb5 libx32z1-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els1_amd64.deb b1ca2a2176b0e7bf8fd10942d7db2eb684a40b66 zlib1g_1.2.8.dfsg-2ubuntu4.3+tuxcare.els1_amd64.deb c3b4bf9369adc99ba684e13f8dabddb94835b66a zlib1g-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els1_amd64.deb 50b68f8cb4599255da3d3a7bc7cdb34ba71f7168 CLSA-2022:1649170601 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: authentication bypass via multiple deferred authentication plug-ins - debian/patches/CVE-2022-0547.patch: disallow multiple deferred authentication plug-ins in doc/openvpn.8, src/openvpn/plugin.c. - CVE-2022-0547 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: authentication bypass via multiple deferred authentication plug-ins - debian/patches/CVE-2022-0547.patch: disallow multiple deferred authentication plug-ins in doc/openvpn.8, src/openvpn/plugin.c. - CVE-2022-0547

0 cloudlinux-ubuntu16.04-els openvpn_2.3.10-1ubuntu2.2+tuxcare.els1_amd64.deb d4f019273f7e10bc90e9a4861fb52845e4c513d3 CLSA-2022:1649348075 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/test_ftplib.py. - CVE-2021-4189 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/test_ftplib.py. - CVE-2021-4189

0 cloudlinux-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_all.deb 1bcb63715460573fa52ab8f7e2a7c9baeb21e3f7 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb 150a8a6b1a611b9b6ff2bbe1fc0bdd0ad5118cf2 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb 3c38079f5bdf213ff85f192316ea2cb16c902225 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb 78b1837c2afb705e433019d2023580b961b3678d libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb a1277bd0c0434ac257460c8391151fdfb91e6dad libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_all.deb e41681f7f89ff47ec1d0554ca3cd7e780fd4ebdb python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb b4b3c0141d9823f884e264ef41ab92e9b8e479ef python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb 96780a028a8277a98ca138e76fe161ee38a29b97 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_all.deb b1dde38a289842b0868a84462634be436820666a python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_all.deb 19ef019275a84db55cb70522dde41ad53160a2b8 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb 9be1dd51edac344ebe4e740bd35b490d65c155cf python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els3_amd64.deb 91dc65ce66a261fce8a65009b2d0dbda014d4820 CLSA-2022:1649695737 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Vulnerability against application layer protocol content confusion attack - debian/patches/CVE-2021-3618.patch: Drop the connection after reaching the specified number of invalid protocol commmands - CVE-2021-3618 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Vulnerability against application layer protocol content confusion attack - debian/patches/CVE-2021-3618.patch: Drop the connection after reaching the specified number of invalid protocol commmands - CVE-2021-3618

0 cloudlinux-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_all.deb b6333ed576982ccde50c0813818c62df32268cdb nginx-common_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_all.deb 90b7077ad46936bed824640d6e6f5ea4675e6fcb nginx-core_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_amd64.deb 3a0368d1c266e59ab6259b7594d7a0501de8c391 nginx-doc_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_all.deb c47132626b3518585ac460d0eb3c9c77aa97963f nginx-extras_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_amd64.deb 1ee6bb1386dbee1c186cf9fe7eb554a2453af9dc nginx-full_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_amd64.deb 69f1b00763447a80fc313192e368c4dd07c21c19 nginx-light_1.10.3-0ubuntu0.16.04.8+tuxcare.els1_amd64.deb 93c175b308f56277724b2d1ebd9c377b8b1e9554 CLSA-2022:1649869212 Copyright 2021 Cloud Linux Inc 0 * CVE-2022-28388 - [ELSCVE-3855] can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-28388 - [ELSCVE-3855] can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path

0 cloudlinux-ubuntu16.04-els linux-buildinfo-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb 54009dbaa9e555c4659626f639fde05bd6a062ff linux-buildinfo-4.4.0-215-tuxcare.els5-lowlatency_4.4.0-215.247_amd64.deb 76beb23c0e82a63111b141056044b89f8b1b1a79 linux-cloud-tools-4.4.0-215-tuxcare.els5_4.4.0-215.247_amd64.deb c18239b61b90a737d9759f77c67fe7ede8b980a4 linux-cloud-tools-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb ca7e793f9f9b347947d668ee58eee133837b25d1 linux-cloud-tools-4.4.0-215-tuxcare.els5-lowlatency_4.4.0-215.247_amd64.deb 60cd2da3f895bc5a5dfbea5ae42e27704d02d188 linux-cloud-tools-common_4.4.0-215.247_all.deb 0a3b34f6f54eb4b590b190e54a5b1e64bb5fca36 linux-doc_4.4.0-215.247_all.deb 1967d8fb73b765a1457e70a3c2ba94b4fe004d8c linux-headers-4.4.0-215-tuxcare.els5_4.4.0-215.247_all.deb bd6b9e9f5401b8535172e4a77472f5c8317f3f04 linux-headers-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb 2512ee578170f78b355ed53dc1b226736f56389c linux-headers-4.4.0-215-tuxcare.els5-lowlatency_4.4.0-215.247_amd64.deb cadc6b3ae0ea25b9000154ccd3dbb9b076c4d3fa linux-image-unsigned-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb 761edc2666dd11215628689e01711d24474f35b1 linux-image-unsigned-4.4.0-215-tuxcare.els5-lowlatency_4.4.0-215.247_amd64.deb e1986fd24fdc37524d9a717655f00aac53b1b527 linux-libc-dev_4.4.0-215.247_amd64.deb a5f59953e659de914d7e50d05ca65dbddf0b2c92 linux-modules-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb e7fea1a5f49d1be74e4852f63462a0f3290cde90 linux-modules-4.4.0-215-tuxcare.els5-lowlatency_4.4.0-215.247_amd64.deb 55b774f1bfe39f8faa2ffb5e6de86edb32ac4cf5 linux-modules-extra-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb e21409129aed7334a36fdbd5ddf79a59ea1f62d7 linux-source-4.4.0_4.4.0-215.247_all.deb 3b1b9c4369a81789f3da63e80b6d1b7a8878a49d linux-tools-4.4.0-215-tuxcare.els5_4.4.0-215.247_amd64.deb 767232c00ca42c31ded19f0a000839b23c9fe099 linux-tools-4.4.0-215-tuxcare.els5-generic_4.4.0-215.247_amd64.deb 5cbd275ff81e356f4797a82d7102d8edb6612672 linux-tools-4.4.0-215-tuxcare.els5-lowlatency_4.4.0-215.247_amd64.deb c2cd22019a90793747787cdf78d759137466e916 linux-tools-common_4.4.0-215.247_all.deb 15e4a2e16d7b43541a51015caf026e056bc35980 linux-tools-host_4.4.0-215.247_all.deb 64c9ebea02a71f390ea3fd3439aa361b71859488 CLSA-2022:1649869251 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using buffer line after it has been freed - debian/patches/CVE-2022-1154.patch: After getting mark get the line again - CVE-2022-1154 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using buffer line after it has been freed - debian/patches/CVE-2022-1154.patch: After getting mark get the line again - CVE-2022-1154

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb dd42743f1f98e680d210b745da61768da26f00ae vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb f5e5d79de9726587ecd1dd04ef89d925d8966fd2 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb d6e313088734b10e65aa92d9ed29053782e4e3c8 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb 1ffc36872a3ef25e89f02ec54d14faf83e07d824 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els11_all.deb f30534bdba77d0f2afff2efb90c0f6a8deecbc95 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb dbb51138038c72e0dc2e157a6f06906cda24b90b vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb 04aafa5a77bcaab3949c2bdd037a446de23c1958 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb 8e545debea018c13fb85b6469bb44a528271437b vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb b0cf62cab768fd7e0fad0b906887d66468315eb6 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb 34b843946946a61a2c6351919fb1a5989ccf84bb vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb a56c5ffd6a28b35340c5e39ac8953391e2c73213 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els11_all.deb 30be28c9b99f17852bf37978b36c994808d9282f vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb b4db3384ffbc462f97bf109a13e3d804442e0a13 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb ab68ac3b2626dd1c0b8952ef9dd2225f6d63e102 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els11_all.deb 4e26452c63a3da7a432766ee4ec139077069b9ea vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els11_amd64.deb 746900fff362d167259dfee36446c06c922345d7 CLSA-2022:1650377131 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: possible remote code execution - debian/patches/CVE-2022-28391.patch: fix possible terminal injection attacks from DNS query results - CVE-2022-28391 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible remote code execution - debian/patches/CVE-2022-28391.patch: fix possible terminal injection attacks from DNS query results - CVE-2022-28391

0 cloudlinux-ubuntu16.04-els busybox_1.22.0-15ubuntu1.4+tuxcare.els3_amd64.deb d5ae3b6a8e0cb722b03c3bd2baad4084bc2924e9 busybox-initramfs_1.22.0-15ubuntu1.4+tuxcare.els3_amd64.deb e655bf782727908d28ee0a7cdec653e0c1d8a9eb busybox-static_1.22.0-15ubuntu1.4+tuxcare.els3_amd64.deb b3924197038ce1eb908363e9d58be819c7bb54a1 busybox-syslogd_1.22.0-15ubuntu1.4+tuxcare.els3_all.deb b00a5caea68d3e68587b8f7203ae459126229241 udhcpc_1.22.0-15ubuntu1.4+tuxcare.els3_amd64.deb e5cb9313a68d63785f07fa53fe738cfabf894201 udhcpd_1.22.0-15ubuntu1.4+tuxcare.els3_amd64.deb 9227f20ab3a0021926d83700b22a1f2e3fef0462 CLSA-2022:1650377152 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: HTTP request smuggling in Lua module - debian/modules/nginx-lua: Fix parsing HTTP headers in the ngx.location.capture API (porting an upstream patch 9ab38e8ee35fc08a57636b1b6190dca70b0076fa from https://github.com/openresty/lua-nginx-module) - CVE-2020-11724 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: HTTP request smuggling in Lua module - debian/modules/nginx-lua: Fix parsing HTTP headers in the ngx.location.capture API (porting an upstream patch 9ab38e8ee35fc08a57636b1b6190dca70b0076fa from https://github.com/openresty/lua-nginx-module) - CVE-2020-11724

0 cloudlinux-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_all.deb d964b0daf679afc68ad62f3635af0af79946ddfe nginx-common_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_all.deb f1c7fd40e18bff6d99c6d6336f53281681e3ad35 nginx-core_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_amd64.deb d80989544804c3529200f184883430356ead88f5 nginx-doc_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_all.deb f7d5abcfc55f36f307c50ad8082f7e4e8bf710c5 nginx-extras_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_amd64.deb b5e4a629091726861b906b8a908383ce7c4ef0b8 nginx-full_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_amd64.deb 03368eac2f0d70ce5dbf62783e347e9fc62b3a89 nginx-light_1.10.3-0ubuntu0.16.04.8+tuxcare.els2_amd64.deb b9d5159c103ac1b3dfaeb90d0a2ae9efe2f4233e CLSA-2022:1651685129 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: privilege gain via setuid - debian/patches/CVE-2019-18276.patch: replace the use of setuid and setgid when possible with setresuid and setresgid, respectively. - CVE-2019-18276 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege gain via setuid - debian/patches/CVE-2019-18276.patch: replace the use of setuid and setgid when possible with setresuid and setresgid, respectively. - CVE-2019-18276

0 cloudlinux-ubuntu16.04-els bash_4.3-14ubuntu1.4+tuxcare.els1_amd64.deb cda56df7396a9cc81434bb24340c65ed4c058401 bash-builtins_4.3-14ubuntu1.4+tuxcare.els1_amd64.deb b1d687ec1ebe78751d8121e79f3590a1c6ed4db2 bash-doc_4.3-14ubuntu1.4+tuxcare.els1_all.deb d1ee5cf69052e3f43391ff3fd78c2b3c2e885605 bash-static_4.3-14ubuntu1.4+tuxcare.els1_amd64.deb 8a3e245f08c983ce244f107ad72a849ea46fae46 CLSA-2022:1652706309 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: denial of dervice - debian/patches/CVE-2018-16881.patch: introduces a frame size check in the processDataRcvd function of plugins/imptcp/imptcp.c. - CVE-2018-16881 * SECURITY UPDATE: heap-based overflow - debian/patches/CVE-2019-17041.patch: adds length checks for invalid AIX log message in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c. - CVE-2019-17041 * SECURITY UPDATE: heap-based overflow - debian/patches/CVE-2019-17042.patch: adds length checks for invalid Cisco log messages in contrib/pmcisconames/pmcisconames.c. - CVE-2019-17042 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of dervice - debian/patches/CVE-2018-16881.patch: introduces a frame size check in the processDataRcvd function of plugins/imptcp/imptcp.c. - CVE-2018-16881 * SECURITY UPDATE: heap-based overflow - debian/patches/CVE-2019-17041.patch: adds length checks for invalid AIX log message in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c. - CVE-2019-17041 * SECURITY UPDATE: heap-based overflow - debian/patches/CVE-2019-17042.patch: adds length checks for invalid Cisco log messages in contrib/pmcisconames/pmcisconames.c. - CVE-2019-17042

0 cloudlinux-ubuntu16.04-els rsyslog_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb 533fc7bbd15b58ce598895fd350e67a85663e327 rsyslog-elasticsearch_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb ed0d3acfb41e34dbce4a38511e10376b0abf3366 rsyslog-gnutls_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb d61a4ced9118014485eddda4f2ccfb3a5635a9bc rsyslog-gssapi_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb 95c7a6f7ccac9e75a59d93aa9674c97029d465a8 rsyslog-mysql_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb ca6ecc91dcd6a28d7ea3c5ae6a1a9ab3ceccc0df rsyslog-pgsql_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb 3e38a827cfcbf6e08dae1c0a78070e2f3ba59218 rsyslog-relp_8.16.0-1ubuntu3.1+tuxcare.els1_amd64.deb 6890c63d4df5e878bcae406cd561a5447901b20c CLSA-2022:1652706322 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: arbitrary file override with crafted file names - debian/patches/CVE-2022-1271-1.patch: avoid exploit via multi-newline file names in zgrep.in. - debian/patches/CVE-2022-1271-2.patch: add test in tests/Makefile.am, tests/zgrep-abuse. - debian/patches/CVE-2022-1271-3.patch: port to POSIX sed in zgrep.in. - debian/patches/CVE-2022-1271-4.patch: optimize out a grep in gzexe.in. - debian/patches/CVE-2022-1271-5.patch: use C locale more often in gzexe.in, sample/zfile, zdiff.in, zgrep.in, znew.in. - debian/patches/CVE-2022-1271-6.patch: fix "binary file matches" mislabeling in tests/Makefile.am, tests/zgrep-binary, zgrep.in. - debian/rules: fix permissions on new test scripts. - CVE-2022-1271 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: arbitrary file override with crafted file names - debian/patches/CVE-2022-1271-1.patch: avoid exploit via multi-newline file names in zgrep.in. - debian/patches/CVE-2022-1271-2.patch: add test in tests/Makefile.am, tests/zgrep-abuse. - debian/patches/CVE-2022-1271-3.patch: port to POSIX sed in zgrep.in. - debian/patches/CVE-2022-1271-4.patch: optimize out a grep in gzexe.in. - debian/patches/CVE-2022-1271-5.patch: use C locale more often in gzexe.in, sample/zfile, zdiff.in, zgrep.in, znew.in. - debian/patches/CVE-2022-1271-6.patch: fix "binary file matches" mislabeling in tests/Makefile.am, tests/zgrep-binary, zgrep.in. - debian/rules: fix permissions on new test scripts. - CVE-2022-1271

0 cloudlinux-ubuntu16.04-els gzip_1.6-4ubuntu1+tuxcare.els1_amd64.deb a7fa9ccf77048d8bb1848bbfc0c1cbe5f8d33678 CLSA-2022:1652801011 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: arbitrary file overwrite or code execution with crafted file names - debian/patches/CVE-2022-1271.patch: fix escaping of malicious filenames in src/scripts/xzgrep.in. - CVE-2022-1271 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: arbitrary file overwrite or code execution with crafted file names - debian/patches/CVE-2022-1271.patch: fix escaping of malicious filenames in src/scripts/xzgrep.in. - CVE-2022-1271

0 cloudlinux-ubuntu16.04-els liblzma-dev_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb 9dae3ade27e6630c70c7b7185b319e77039bd1d4 liblzma-doc_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_all.deb 52801c75659c8623aaf0acfc541b98190d4dc041 liblzma5_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb ddf6bd4d398efe62aa8d2ee8b3f09612e4543cec xz-utils_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb 54e697bd41e4a313eaa5dc3987236fd4b1a2026e xzdec_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb 9aa0c0471e57c9210e9854dee21d9b251f7e0ce4 CLSA-2022:1652986439 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: memory corruption when deflating - debian/patches/CVE-2018-25032-1.patch: fix a bug that can crash deflate on some input when using Z_FIXED in deflate.c, deflate.h. - debian/patches/CVE-2018-25032-2.patch: assure that the number of bits for deflatePrime() is valid in deflate.c. - CVE-2018-25032 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption when deflating - debian/patches/CVE-2018-25032-1.patch: fix a bug that can crash deflate on some input when using Z_FIXED in deflate.c, deflate.h. - debian/patches/CVE-2018-25032-2.patch: assure that the number of bits for deflatePrime() is valid in deflate.c. - CVE-2018-25032

0 cloudlinux-ubuntu16.04-els rsync_3.1.1-3ubuntu1.3+tuxcare.els1_amd64.deb 0f87a9550c6d304752c275dd9dfe02d8391b1db3 CLSA-2022:1652986454 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: SQL injection vulnerability - debian/patches/CVE-2022-29155.patch: Escape filter values in servers/slapd/back-sql/search.c. - CVE-2022-29155 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: SQL injection vulnerability - debian/patches/CVE-2022-29155.patch: Escape filter values in servers/slapd/back-sql/search.c. - CVE-2022-29155

0 cloudlinux-ubuntu16.04-els ldap-utils_2.4.42+dfsg-2ubuntu3.13.tuxcare.els1_amd64.deb 3bff199da230daa57df1cd570f1e7717142022bb libldap-2.4-2_2.4.42+dfsg-2ubuntu3.13.tuxcare.els1_amd64.deb 3b6afe9935768875fc21e42f108426f958b4cfc3 libldap2-dev_2.4.42+dfsg-2ubuntu3.13.tuxcare.els1_amd64.deb a2a743dbb7623970c84bced6fbb8014c074627d8 slapd_2.4.42+dfsg-2ubuntu3.13.tuxcare.els1_amd64.deb 0cae49b2ecf1ead2644d494722871df7998aa714 slapd-smbk5pwd_2.4.42+dfsg-2ubuntu3.13.tuxcare.els1_amd64.deb 3bcae304b82a2806e79c2e7e61f282d30f4ac534 CLSA-2022:1653329020 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Going before the start of the command line - debian/patches/CVE-2022-1619.patch: Check already being at the start of the command line - CVE-2022-1619 * SECURITY UPDATE: NULL pointer access when using invalid pattern - debian/patches/CVE-2022-1620.patch: Check for failed regexp program - CVE-2022-1620 * SECURITY UPDATE: Can add invalid bytes with :spellgood - debian/patches/CVE-2022-1621.patch: Check for a valid word string - CVE-2022-1621 * SECURITY UPDATE: Trailing backslash may cause reading past end of line - debian/patches/CVE-2022-1629.patch: Check for NUL after backslash - CVE-2022-1629 * SECURITY UPDATE: Buffer overflow with invalid command with composing chars - debian/patches/CVE-2022-1616.patch: Check that the whole character fits in the buffer - CVE-2022-1616 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Going before the start of the command line - debian/patches/CVE-2022-1619.patch: Check already being at the start of the command line - CVE-2022-1619 * SECURITY UPDATE: NULL pointer access when using invalid pattern - debian/patches/CVE-2022-1620.patch: Check for failed regexp program - CVE-2022-1620 * SECURITY UPDATE: Can add invalid bytes with :spellgood - debian/patches/CVE-2022-1621.patch: Check for a valid word string - CVE-2022-1621 * SECURITY UPDATE: Trailing backslash may cause reading past end of line - debian/patches/CVE-2022-1629.patch: Check for NUL after backslash - CVE-2022-1629 * SECURITY UPDATE: Buffer overflow with invalid command with composing chars - debian/patches/CVE-2022-1616.patch: Check that the whole character fits in the buffer - CVE-2022-1616

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb fd71abb94434df2bf70286f556f1865a911d5b9f vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb 054d706692c1321cc3e61e45d2b5e9b7061344b3 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb f3d0c00d6a96de8698070288f541aaaf16e4844b vim-common_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb fa555f8b884dcbcd94de26ba6157834f9be520e1 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els12_all.deb d6e19ebcc3a685428226bf9a5495e54e936685b7 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb 50a0a61fe82837ee267ddc0d32ac79f546b6d60f vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb 2f80e1ee0926d63a232eca887b0843c471e4f67e vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb 26a381ededdf1a67e7b5fe32b7a564c4d359528a vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb c564a65dcf642d0e4ae7fad1c302291d7d409b78 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb 9e389d48281010430cdd488562f49738ddc24a85 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb bcebb7aabf2d33a1af7ea63e822c0728f2aa6c51 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els12_all.deb 0f52e166b3e36a651f074337e48d08b71997be5d vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb f93c8501e599d905e18acf6a17a63d280359df80 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb b2d2c25d8ce82507470562471461acdc427db556 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els12_all.deb afbf207c35220fa96af984198d6f459625507022 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb 694291b8195fee1a5600b7d74e1e4cd3b72cb4bb CLSA-2022:1653499822 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Reading beyond the end of a line - debian/patches/CVE-2022-0318.patch: For block insert only use the offset for correcting the length, adjust expected output of the relevant UTF8 block insertion test - CVE-2022-0318 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reading beyond the end of a line - debian/patches/CVE-2022-0318.patch: For block insert only use the offset for correcting the length, adjust expected output of the relevant UTF8 block insertion test - CVE-2022-0318

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 0bdf85c8cfae54b4db6ff3f9ff165bae287b62c3 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 5ef7aa67e7523cafb43653a8df03066ec1c621d1 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 4efbb250da5502ef7b00b27f8f11901e5fa19b56 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 4417492135af01d90d3b1695039ecdd7de2975b5 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els13_all.deb 9bed39391dc8a03e16f4de700f477168d483ddba vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 7e89e8c3b3602eff1fb939d1205d8c21b4c4fa63 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 1402ba85776e90d894b1a4a98467d3c62e3c0a71 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb a3206855fc66ffae16a4e646bf801ebf00e27007 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb e36d76f0d36e674190ff0c069db37103d196dbd0 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb ee4fc64085bb9a70169404ccfdcb3fd6159c1774 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb e458928c457d74e3343146dc5c44bb9243a1b4f3 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els13_all.deb 3b60df329c84135e78b795e90a2182e7adaa33e5 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb c6631cb48411f1830029961a4cc22e301dbfa15c vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb 0364188eaa444fdafe907de1300263aba8608d1e vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els13_all.deb 99ebda26c0288845fbc6c7eca9e75adf125522ae vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els13_amd64.deb bd7e17b088d92f772186bfaf284bd86aed88eceb CLSA-2022:1653917271 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2022-24903.patch: introduces a bounds check to address a potential heap buffer overflow in plugins/imptcp/imptcp.c. - CVE-2022-24903 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2022-24903.patch: introduces a bounds check to address a potential heap buffer overflow in plugins/imptcp/imptcp.c. - CVE-2022-24903

0 cloudlinux-ubuntu16.04-els rsyslog_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb 0a413285bb7c2311c7bafc0e0584f09ec373382a rsyslog-elasticsearch_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb adbd8235fe2c852264b1b6c6b08e693b565c8137 rsyslog-gnutls_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb 4e8728bc91751756e183d24da498b4bbbbe86265 rsyslog-gssapi_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb 3c860823bb2f8734cb01352eca64d9b26763d042 rsyslog-mysql_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb 36fc4d4245ba00fa628fefa0d1daa9a8de52f07b rsyslog-pgsql_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb e249fc70cd689bc8763de6050cc2464fed94efb8 rsyslog-relp_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb c954a2b833d1a118bad7dd79d8d90f5c49deb669 CLSA-2022:1653917554 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Reading past end of the line when C-indenting - debian/patches/CVE-2022-1733.patch: Add extra check for NUL - CVE-2022-1733 * SECURITY UPDATE: Invalid memory access when changing text in Visual mode - debian/patches/CVE-2022-1735.patch: Check the Visual position after making a change - CVE-2022-1735 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reading past end of the line when C-indenting - debian/patches/CVE-2022-1733.patch: Add extra check for NUL - CVE-2022-1733 * SECURITY UPDATE: Invalid memory access when changing text in Visual mode - debian/patches/CVE-2022-1735.patch: Check the Visual position after making a change - CVE-2022-1735

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 1a5045dbbde5791596c52dfe8138b2eb0a0a4b7b vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 56f3d102659721032f864cb1624b5a3aae983f9e vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 9815cbd22fff2c35ee4ae15edac53a8dbc541c59 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 426219a655ef304e898e33ea9d17b873e0ac9040 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els14_all.deb f0f6417a4d96ef44a29d4a6b946411bcae8d7f9d vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb d0a371013e5c3ff26e510579925a50867454259d vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 421018f0e5b6721f35768248e23fe588d752f6b6 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 59f262541e5109cd3c1f65116775e9d8cb2b1b90 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 90cb96e45b3d18cdff3b54ae9cc9128e8005593a vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 52439655d9165cfaff9a2c07a73d5f0bfe003e0d vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb daa6ba4436a83361c581302f241b71cca15fb37f vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els14_all.deb f4631d909c27270e451d25f51356067bcd547cca vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb ad2aaf6423827c5a1a30ad062f1d2f3f7e3a6e14 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb 6c035ebd032a17b55f34c8e8165a8c4798e37cd6 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els14_all.deb ed1920262b518adbbde07203d6b47268fe4312ff vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els14_amd64.deb a4794e13aeb88303cd26baa3fc93857b8507b2fa CLSA-2022:1654011190 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Improper Neutralization - debian/patches/CVE-2022-1292.patch: restrict using shell to invoke openssl due to possible privilege escalation - debian/patches/CVE-2022-1473.patch: fix bug OPENSSL_LH_flush() memory releasing leading to DoS - CVE-2022-1292 - CVE-2022-1473 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper Neutralization - debian/patches/CVE-2022-1292.patch: restrict using shell to invoke openssl due to possible privilege escalation - debian/patches/CVE-2022-1473.patch: fix bug OPENSSL_LH_flush() memory releasing leading to DoS - CVE-2022-1292 - CVE-2022-1473

0 cloudlinux-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb 97b0258b717db9ba916495b178063f2fb4498f68 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els3_all.deb 8d02efad2a81172b4c3f58760999a6158091f75e libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb b54282ed0d3aa995973c710cfb93460ca883251f openssl_1.0.2g-1ubuntu4.21+tuxcare.els3_amd64.deb b1cc08019cc3cefaae541c65407ed071e9074886 CLSA-2022:1654106859 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Injection attack - debian/patches/CVE-2022-0391.patch: sanitize urls in urllib.parse when it containing ASCII newline and tabs in Doc/library/urllib.parse.rst, Lib/test/test_urlparse.py, Lib/urllib/parse.py. - CVE-2022-0391 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Injection attack - debian/patches/CVE-2022-0391.patch: sanitize urls in urllib.parse when it containing ASCII newline and tabs in Doc/library/urllib.parse.rst, Lib/test/test_urlparse.py, Lib/urllib/parse.py. - CVE-2022-0391

0 cloudlinux-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_all.deb 5fed540fff6ba8ce72d35ddcc0060be985af1a4b libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb a1e64fa3f368ff0a129df3f2ec6f89d561e20b71 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb f2c8824c9f4cae62d056a4077a3190b3ea6db234 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb c8dc14f67209401f632bfabb4996205972fe4b67 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb eafe51bcd10a68bad45a09116db69c9230dff31c libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_all.deb e2d0a08605a8f274046b04b2d207cbdd5ea688bc python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb 9220ce30f6cc6574dd89825ac78fbd75694bc84c python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb 814e507e5728ee185d8839ff20bca270bb510010 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_all.deb 29fc5ef70004ef29d9fe2c7e1148ae22d549759a python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_all.deb 9a21e872a76f4ec4d27caed6137c38ec14178ea3 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb f793e1568edf997503e841616e0c8d9d728d0e68 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els4_amd64.deb 3f6b6da6aba141822822aca70624bf691f852b28 CLSA-2022:1654174467 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: String hashing algorithm collisions - debian/patches/CVE-2021-33582-pre.patch: gracefully handle lookup on zero-sized tables - debian/patches/CVE-2021-33582-1.patch: replace ad-hoc algorithm with seeded djb2 in strhash - debian/patches/CVE-2021-33582-2.patch: use a seed when hashing - CVE-2021-33582 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: String hashing algorithm collisions - debian/patches/CVE-2021-33582-pre.patch: gracefully handle lookup on zero-sized tables - debian/patches/CVE-2021-33582-1.patch: replace ad-hoc algorithm with seeded djb2 in strhash - debian/patches/CVE-2021-33582-2.patch: use a seed when hashing - CVE-2021-33582

0 cloudlinux-ubuntu16.04-els cyrus-admin_2.4.18-3+tuxcare.els1_all.deb 15057319ff4a3e5f2f06ed354986c13bc3cd4768 cyrus-admin-2.4_2.4.18-3+tuxcare.els1_all.deb 7e606a20ef0b09159d8cbd0bf7d721d54b4e3abc cyrus-clients_2.4.18-3+tuxcare.els1_amd64.deb 3c38840c6f04e6884d4e4ec5c56fe82087d7a1b9 cyrus-clients-2.4_2.4.18-3+tuxcare.els1_all.deb 9895d692caae21bf08a0d21792de621f6e307c4f cyrus-common_2.4.18-3+tuxcare.els1_amd64.deb 6e5b2803c1f25a1b936016bbf0a1f98ffebbe932 cyrus-common-2.4_2.4.18-3+tuxcare.els1_all.deb 8b17a8bee2eaf890d7cadc330fc0682baaefe17c cyrus-dev_2.4.18-3+tuxcare.els1_amd64.deb 9d396997e12dd0673920e05a9361b216b89e6805 cyrus-dev-2.4_2.4.18-3+tuxcare.els1_all.deb 9a0538d2c3ac05e8a9ed4f028bce56da64dcd799 cyrus-doc_2.4.18-3+tuxcare.els1_all.deb a2592c6d1b9861466315279368b66062948cfa50 cyrus-doc-2.4_2.4.18-3+tuxcare.els1_all.deb 55fb7f5e68b076fdadfccdb9303a2d9928d294f8 cyrus-imapd_2.4.18-3+tuxcare.els1_amd64.deb 52cbd894e61f4392d5b2d286252b7de9bbeaa411 cyrus-imapd-2.4_2.4.18-3+tuxcare.els1_all.deb 5241dcca03543035344546af0b6e6ef4652807a9 cyrus-murder_2.4.18-3+tuxcare.els1_amd64.deb 32f309e9622f7b21377fd5e2dd0eccfe4d3f15ec cyrus-murder-2.4_2.4.18-3+tuxcare.els1_all.deb 3d99cfd6f3bed59ae11b02e98c3641b1c5d239b2 cyrus-nntpd_2.4.18-3+tuxcare.els1_amd64.deb 6212bb1b7cbd7a3bcbaba13e1c4aee184983d83a cyrus-nntpd-2.4_2.4.18-3+tuxcare.els1_all.deb ddea5ce4a7c9c052f72883d4c974ab99ad2eac56 cyrus-pop3d_2.4.18-3+tuxcare.els1_amd64.deb 6fe799bbea258c3e22caf1925375708bd51209ff cyrus-pop3d-2.4_2.4.18-3+tuxcare.els1_all.deb c1d5b4a6d1e81fb4c7ae1ef40177d88606d0dd2b cyrus-replication_2.4.18-3+tuxcare.els1_amd64.deb 71689123a003bef7bc6344f88935b7b7b02435ea cyrus-replication-2.4_2.4.18-3+tuxcare.els1_all.deb 84472e21a972895eb366327e159c1675d26fdd47 libcyrus-imap-perl_2.4.18-3+tuxcare.els1_amd64.deb 452cc5bf706502bbcc4659b8ff1d18cdbb81f2bf libcyrus-imap-perl24_2.4.18-3+tuxcare.els1_all.deb a2724aa3ce42eb89760c25a8a6c417e56ebb1e8a CLSA-2022:1654525751 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Memory access error when substitute expression changes window - debian/patches/CVE-2022-1785.patch: Disallow changing window in substitute expression - CVE-2022-1785 * SECURITY UPDATE: Accessing freed memory when line is flushed - debian/patches/CVE-2022-1796.patch: Make a copy of the pattern to search for - CVE-2022-1796 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Memory access error when substitute expression changes window - debian/patches/CVE-2022-1785.patch: Disallow changing window in substitute expression - CVE-2022-1785 * SECURITY UPDATE: Accessing freed memory when line is flushed - debian/patches/CVE-2022-1796.patch: Make a copy of the pattern to search for - CVE-2022-1796

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb d62510a5fffdbfc00f83751617089bdf1f5641a0 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 31136402fb00e6e5e549b165fa4fd864daf5ae40 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb e1c990a16fb2e0a9174c2dc3211f4f42e20a9243 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 30ceba47e1740043b8e90376f5aa04bf9f2e8b8a vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els15_all.deb 74d884e2fa343ba665f34117135f4c2c7ba6fcf5 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb ea858d55e3c0eb12ba797ece82ebc123fdda0c06 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 41506ea3ad77ebc99e508141c8aff18189554118 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 62ed3f288e3ff9aa9967ce8e14aca9edcd025722 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb a2e57354c7b1d68e5c78775da09022c073173b0c vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 2169e3a487b0751a90dd3c54820225003a345381 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 1042c17865cf0effa98385f80796acc49c8747bb vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els15_all.deb d3a906bc6ad5eb94956c827fee714f5027e98354 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 97260ca26ff71fae394231eac06468ef13e55b46 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb 30f4bb5c8d43f546cbc164a4c3e110e7ec027000 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els15_all.deb 9a5fb40f1cfa1994fe3155f2d84545a1904b4048 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els15_amd64.deb eb547f94e17652f936ca0513680f419d6d20aad1 CLSA-2022:1654717100 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Directory traversal issue in dpkg-source - scripts/Dpkg/Source/Archive.pm: Prevent directory traversal for in-place extracts. - CVE-2022-1664 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Directory traversal issue in dpkg-source - scripts/Dpkg/Source/Archive.pm: Prevent directory traversal for in-place extracts. - CVE-2022-1664

0 cloudlinux-ubuntu16.04-els dpkg_1.18.4ubuntu1.7+tuxcare.els1_amd64.deb 1ceccbde309901a24ab27b8d0c8e0ad02c154dd6 dpkg-dev_1.18.4ubuntu1.7+tuxcare.els1_all.deb 95347e1b04b8c8a243bec45bfe5aee0a27338a86 dselect_1.18.4ubuntu1.7+tuxcare.els1_amd64.deb bd466fee6b719143093a69261d69e9e0112393f2 libdpkg-dev_1.18.4ubuntu1.7+tuxcare.els1_amd64.deb bf5a4a56f6cc38ac5d57792509d1a8f006eb6c88 libdpkg-perl_1.18.4ubuntu1.7+tuxcare.els1_all.deb e010b0db6eca32164a12345650de7c62d43b3759 CLSA-2022:1654802345 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Division by zero - debian/patches/CVE-2020-27760.patch: Fix divisions by zeros in magick/enhance.c - CVE-2020-27760 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2022-28463.patch: Fix buffer overflow - CVE-2022-28463 * Fix several issues with undefined behavior: - debian/patches/fix-potential-divide-by-zero-in-svg.patch: Fix potential division by zero in coders/svg.c - debian/patches/fix-out-of-range-value-in-txt.patch: Fix undefined behavior in the form of values outside the range of 'unsigned long long' type in coders/text.c - debian/patches/fix-out-of-range-value-in-scale-to-quantum.patch: Fix undefined behavior in the form of values outside the range of 'unsigned short' type in magic/quantum-private.h - debian/patches/fix-shift-value-overflow-in-bmp.patch: Fix overflow on value shift in coders/bmp.c Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Division by zero - debian/patches/CVE-2020-27760.patch: Fix divisions by zeros in magick/enhance.c - CVE-2020-27760 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/CVE-2022-28463.patch: Fix buffer overflow - CVE-2022-28463 * Fix several issues with undefined behavior: - debian/patches/fix-potential-divide-by-zero-in-svg.patch: Fix potential division by zero in coders/svg.c - debian/patches/fix-out-of-range-value-in-txt.patch: Fix undefined behavior in the form of values outside the range of 'unsigned long long' type in coders/text.c - debian/patches/fix-out-of-range-value-in-scale-to-quantum.patch: Fix undefined behavior in the form of values outside the range of 'unsigned short' type in magic/quantum-private.h - debian/patches/fix-shift-value-overflow-in-bmp.patch: Fix overflow on value shift in coders/bmp.c

0 cloudlinux-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 35bf5148dd0dfb7de64007551a029345afeff899 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 0f9ab8df86b027b7294c401845abbb798adc77bb imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb 845739a58818301572a7fcaa6103c7fca75aa431 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb 6a71dc9c5c442b49c50937148c648ccaedb2d894 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb 3347d010382c748783c546e3e94e8e2d46023a68 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 88ea8a87f515e95704d220bde3b9916a22a35f97 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb d76863d4b183302c7d05e46e0c6c4799b0dff56a libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb c09fe4e8f791cc5634eb4cfbd4c94d401e13f787 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 7609cae0759832275e4f7624e4e3aeab2f0f7e77 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb 64f30cf0369df730b7288b3bd38580b5ab2f8823 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 48f18f26302f5c71fc692042d2707634fe525912 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb 9c769dcfd48181dde0be71a8ce54b2f25fbe8f51 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 9a84988b8b29296e6317f45938af71762cb15cf4 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 7f10473f21fe758fe6d59cf412e96ccef6821965 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 5ecb0aa7c3bcfca9f5a1e2759044dd783d051466 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb b692b25a1c1342d5ea20397f82d906a911f57a4d libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb f5b02c19deed62d76c733d2d04a3cbd557213d6a libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb f332d0e449cd99f6d01e737b6995c554537699e0 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els3_amd64.deb 7670e0a739b49ce394f303aef4794920cb53070f libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb ba6e9ef5e29f0d60d946f00b62a619715e9de3a4 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els3_all.deb 1588c80537daa6ee613d5c3329efaaf31ae2120d CLSA-2022:1654804099 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: ml_get() error when exchanging windows in Visual mode - debian/patches/CVE-2022-0319.patch: Correct end of Visual area when entering another buffer - CVE-2022-0319 * SECURITY UPDATE: Cursor may be in an invalid position after text formatting - debian/patches/CVE-2022-1851.patch: Correct the cursor position after formatting - CVE-2022-1851 * SECURITY UPDATE: Access before start of text with a put command - debian/patches/CVE-2022-1886.patch: Check the length is more than zero - CVE-2022-1886 * SECURITY UPDATE: Using freed memory with "]d". - debian/patches/CVE-2022-1898: Copy the pattern before searching - CVE-2022-1898 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: ml_get() error when exchanging windows in Visual mode - debian/patches/CVE-2022-0319.patch: Correct end of Visual area when entering another buffer - CVE-2022-0319 * SECURITY UPDATE: Cursor may be in an invalid position after text formatting - debian/patches/CVE-2022-1851.patch: Correct the cursor position after formatting - CVE-2022-1851 * SECURITY UPDATE: Access before start of text with a put command - debian/patches/CVE-2022-1886.patch: Check the length is more than zero - CVE-2022-1886 * SECURITY UPDATE: Using freed memory with "]d". - debian/patches/CVE-2022-1898: Copy the pattern before searching - CVE-2022-1898

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 96ab2849b1734917a000e4080c3d2b26cca09d07 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 106f91f5339a760404c3ceca8fb9d182e42c1ae2 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 4d92081d2b67e844193989d02849dc8a55086e95 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb ad508e8b4b25d1f45419b0106de87b5b42285efe vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els16_all.deb 96ea3cc6a37d50a47e6b9f6c1639cbba18c17449 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 36011f440d9f64611636b9ebf42714e4fd92ce17 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 293ff6b23cae59617e9d4f4dfbadd186a5162c82 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 1844e72fb70f2b46a991634df898d46c55999e0d vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb b9789b8c05751d776ae973c0334ae7a79ce45efc vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 4fbf46161cd52e77943cdfaba53fda522da80119 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb e02480e2514078e383b0f59581a9a5b2ba547916 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els16_all.deb fa770e54dff01a26836aaae8d1ce330f941ccf32 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 5675598ad63a898245c1f87421802e65a2cd320b vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb 174b894f48e2becb1aeb1de97fe279293c96e637 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els16_all.deb 6ff2092a96ec6449bd3ddd8cd4e0eb1276b032bb vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els16_amd64.deb f766bad18fbfa394a225314775eae679e94c1e89 CLSA-2022:1655317708 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Reusing OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials - debian/patches/CVE-2022-22576.patch: Check additional SASL parameters for connection reuse - CVE-2022-22576 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reusing OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials - debian/patches/CVE-2022-22576.patch: Check additional SASL parameters for connection reuse - CVE-2022-22576

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 6b20e7fe95e246ce9ffc9179cd7e75d1522e5a2b libcurl3_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 9b6a1acf184ba2f86baae71c14a9779e015e9c95 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 184303e73db966fb39276f4b922d2290df4d3820 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 680899edaf3bb68efd74f46a88f1e9b818566e6d libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els1_all.deb ef2468601385dd84302731ab9107fd060a9cac98 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 0e1d3c04053b8ee5d5160a3e436fde7268608b95 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 621e1a76ef739aa3bd66e09942dce4723ff1cc29 libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els1_amd64.deb 5b956950641797d610bccf190e6709722c98fd33 CLSA-2022:1655317854 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Crash with weird 'vartabstop' value - debian/patches/CVE-2022-0714.patch: Check for running into the end of the line - CVE-2022-0714 * SECURITY UPDATE: Substitute overwrites allocated buffer - debian/patches/CVE-2022-1897.patch: Disallow undo when in a substitute command - CVE-2022-1897 * SECURITY UPDATE: Cursor position may be invalid after "0;" range - debian/patches/CVE-2022-1927.patch: Check the cursor position when it was set by ";" in the range - CVE-2022-1886 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash with weird 'vartabstop' value - debian/patches/CVE-2022-0714.patch: Check for running into the end of the line - CVE-2022-0714 * SECURITY UPDATE: Substitute overwrites allocated buffer - debian/patches/CVE-2022-1897.patch: Disallow undo when in a substitute command - CVE-2022-1897 * SECURITY UPDATE: Cursor position may be invalid after "0;" range - debian/patches/CVE-2022-1927.patch: Check the cursor position when it was set by ";" in the range - CVE-2022-1886

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 7b3cd77ef357fddb4c8bb7bed2a7f5f9c9690b50 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 49c4dade47b5285adb8afdaa7d9c7a2593ac2a47 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 84c9f734254c8d9064e1d9b2bb137a1ad1064b6a vim-common_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb e8b956721c704bdeb0e55421f9461a3b75e551df vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els17_all.deb 5b35b529f939167bbe561ca471771dcf4e6cb65e vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 4584f03d8abe3398e88ef8d94084243809737845 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 7790414632337de80b33a5aa6d15e6809acc57ee vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 1f82b2da30f75d66e975d3a7ad702889b5db176d vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 24a2f341c9510aa08590bd063f3e331c75dc6bf9 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb c02fa772ce8a781ce0768e4fe082799649c9db2a vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb e3340226266067d634e1fbac05b9c355205a03ea vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els17_all.deb 2333678bd9d08c55383d9aa0767ce92995014a80 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 824f9b01828ac65d79c4c169f70722472dc1f46f vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb e5161fde4ec03083aea934434a1e51c82ad153e7 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els17_all.deb d90b79c9b6db9b105d27d5e02b23f652e3182cf9 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els17_amd64.deb 800f44ced81708a3562bcec8da3360d4a57f1a77 CLSA-2022:1655757814 Copyright 2021 Cloud Linux Inc 0 * Fix build process: - debian/keystores/*.pem|*.jks: update expiring certs and keystores - debian/patches/0028-update-expiring-test-certs.patch: update expiring test certs - debian/patches/0029-fix-path-to-valid-keystore.patch: fix path to valid keystore - debian/patches/0030-use-tls12-in-tests.patch: use TLSv1.2 protocol instead of TLSv1 for several tests * SECURITY UPDATE: AJP Request Injection and potential Remote Code Execution - debian/patches/CVE-2020-1938-1.patch: rename requiredSecret to secret and add secretRequired - debian/patches/CVE-2020-1938-2.patch: refactor secret check - debian/patches/CVE-2020-1938-3.patch: add new AJP attribute allowedArbitraryRequestAttributes - debian/patches/CVE-2020-1938-4.patch: change the default bind address for AJP to the loopback address - CVE-2020-1938 * SECURITY UPDATE: Remote Code Execution via session persistence - debian/patches/CVE-2020-9484.patch: improve validation of storage location when using FileStore - CVE-2020-9484 * SECURITY UPDATE: Fix for CVE-2020-9484 was incomplete - debian/patches/CVE-2021-25329.patch: use consistent approach for sub-directory checking - CVE-2021-25329 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fix build process: - debian/keystores/*.pem|*.jks: update expiring certs and keystores - debian/patches/0028-update-expiring-test-certs.patch: update expiring test certs - debian/patches/0029-fix-path-to-valid-keystore.patch: fix path to valid keystore - debian/patches/0030-use-tls12-in-tests.patch: use TLSv1.2 protocol instead of TLSv1 for several tests * SECURITY UPDATE: AJP Request Injection and potential Remote Code Execution - debian/patches/CVE-2020-1938-1.patch: rename requiredSecret to secret and add secretRequired - debian/patches/CVE-2020-1938-2.patch: refactor secret check - debian/patches/CVE-2020-1938-3.patch: add new AJP attribute allowedArbitraryRequestAttributes - debian/patches/CVE-2020-1938-4.patch: change the default bind address for AJP to the loopback address - CVE-2020-1938 * SECURITY UPDATE: Remote Code Execution via session persistence - debian/patches/CVE-2020-9484.patch: improve validation of storage location when using FileStore - CVE-2020-9484 * SECURITY UPDATE: Fix for CVE-2020-9484 was incomplete - debian/patches/CVE-2021-25329.patch: use consistent approach for sub-directory checking - CVE-2021-25329

0 cloudlinux-ubuntu16.04-els libservlet3.0-java_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 1ac80c267ebe536917077ee0599c7e99e124f62d libservlet3.0-java-doc_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 5428cdde1f820c84286641ac89bfb6ee19545b80 libtomcat7-java_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb eadd9eb3bbfca5795d0029d1992c374a69778e7f tomcat7_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 79f4822b569bb3e478b76f828c71e4dbc9ba309d tomcat7-admin_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 935d12280bddb2bc8ccec01580eb116f7f956054 tomcat7-common_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 758ade8c5b6216763b12ea7f437490b361185916 tomcat7-docs_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb f61b9a18d81ec706bc407bc9153dff8d3139d584 tomcat7-examples_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 8ade094c213208189137957acab367b653885527 tomcat7-user_7.0.68-1ubuntu0.4+tuxcare.els1_all.deb 9f59f70f51672b1da58e3606a20e5b464d5d1df9 CLSA-2022:1655901847 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using uninitialized value and freed memory in spell command - debian/patches/CVE-2022-2042.patch: Initialize "attr" and check for empty line early - CVE-2022-2042 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using uninitialized value and freed memory in spell command - debian/patches/CVE-2022-2042.patch: Initialize "attr" and check for empty line early - CVE-2022-2042

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 528926fb43955d34af1d03810757e2aa8bc28c6c vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 87e376791aa358d8fc12177dc0ab0d1c26df7ff7 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 8fdb7615197729b7dc085f2695b187563d5d6cd2 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 7aed59c0c8f927c773bf322b92517fdbcc9624f7 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els19_all.deb 9f3d4f217162b7640bd4fa410178e8e16c5cc05d vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 64a6142a927ea5cd8ee7fc7d3c8c9340d73aefc3 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 0c43c768d3c138cfbe0b137614fb80ca1c373aed vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb ee16644031c38e489207067772d616780a1348d0 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb f5bfa5d5e772ffb5fb0c9fe4a110e5d757ddeb3e vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 9a967ced9e01fb9ba386f1635abe74704f2c94f1 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 67ebe7b5b4652c42cd05e12d9020fc05a5dd1da1 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els19_all.deb 8b6c1a7154dc7e09b1c387c1366c4ff4a5d9c22d vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 4dd1e1f35c38a8a3ff79d03ed5b8c1d94d22e194 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb fbd7a6a9eb788a5392f917ccf283c1dfb651c57c vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els19_all.deb ec57383032b3c4f3eba911988acf02ed48720ae3 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els19_amd64.deb 11e08994f917b5f513f7432068838cbb12df2961 CLSA-2022:1656430897 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: malicious server could make libcurl get stuck in a never-ending busy-loop when trying to retrieve cert information - debian/patches/CVE-2022-27781.patch: add maximum value of possible traversed certificates - CVE-2022-27781 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: malicious server could make libcurl get stuck in a never-ending busy-loop when trying to retrieve cert information - debian/patches/CVE-2022-27781.patch: add maximum value of possible traversed certificates - CVE-2022-27781

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb f1b8e2de8a4bfc57476787cc3db968607fe4d729 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb 21e3da2965c235f8897273087a01dc46b47f461c libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb 7ea845b333caebec41612d33899faa1630ad05b1 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb ee1ff547c33eb5731522a9f6b82685777ab9f4f9 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els2_all.deb 816465d41af425660120beae7e9bf2a7ceadfd9f libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb abb2b62edc181bf3207b0ea5f41b024141735c9c libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb bdb8c31d40bdad823d4bc96989483b1a1fdbb5ab libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els2_amd64.deb b4068b9d0d1f6ec74bdc67887afa1c2dd92708c2 CLSA-2022:1656430949 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: mod_sed may make excessively large memory allocations and trigger an abort - debian/patches/CVE-2022-30522.patch: limit mod_sed memory usage - CVE-2022-30522 * SECURITY UPDATE: HTTP request smuggling in mod_proxy_ajp - debian/patches/CVE-2022-26377.patch: parse request headers in the way so Transfer-Encoding has precedence over Content-Length - CVE-2022-26377 * SECURITY UPDATE: possible out-of-bounds read in ap_strcmp_match() with an extremely large input buffer - debian/patches/CVE-2022-28615.patch: use apr_size_t (e.g. long) for array indexing - CVE-2022-28615 * SECURITY UPDATE: mod_lua r:wsread() may return length that points past the end of the storage allocated for the buffer - debian/patches/CVE-2022-30556.patch: consistently use lua_websocket_readbytes() and check the return value - CVE-2022-30556 * SECURITY UPDATE: mod_proxy may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism - debian/patches/CVE-2022-31813.patch: preserve original request headers so an upstream knows what the original request hostname was - CVE-2022-31813 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_sed may make excessively large memory allocations and trigger an abort - debian/patches/CVE-2022-30522.patch: limit mod_sed memory usage - CVE-2022-30522 * SECURITY UPDATE: HTTP request smuggling in mod_proxy_ajp - debian/patches/CVE-2022-26377.patch: parse request headers in the way so Transfer-Encoding has precedence over Content-Length - CVE-2022-26377 * SECURITY UPDATE: possible out-of-bounds read in ap_strcmp_match() with an extremely large input buffer - debian/patches/CVE-2022-28615.patch: use apr_size_t (e.g. long) for array indexing - CVE-2022-28615 * SECURITY UPDATE: mod_lua r:wsread() may return length that points past the end of the storage allocated for the buffer - debian/patches/CVE-2022-30556.patch: consistently use lua_websocket_readbytes() and check the return value - CVE-2022-30556 * SECURITY UPDATE: mod_proxy may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism - debian/patches/CVE-2022-31813.patch: preserve original request headers so an upstream knows what the original request hostname was - CVE-2022-31813

0 cloudlinux-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els5_amd64.deb eacb6cb73d2e56ef9e17562a7b92aacee5452c15 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els5_amd64.deb 9fa32c9bd8f6f40719360bada8ae3a2c68993e9f apache2-data_2.4.18-2ubuntu3.17+tuxcare.els5_all.deb e2aa97c046edc9cfa9a90212ec461cf141019b85 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els5_amd64.deb ccd541c6f8cc23b2552c4bb985fba4b6226764ad apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els5_all.deb ea20e6b533b4c20ced86663562377828b4fe0c22 apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els5_amd64.deb 68a0876402472d76433188ef8b8ab2eb9a0bf263 apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els5_amd64.deb 7ea9e3e04659191c0806ccef0a48e73d84159c76 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els5_amd64.deb 82a10115aa94610f268db757233650564f44842e CLSA-2022:1656959316 Copyright 2021 Cloud Linux Inc 0 * Fix undefined references in ap_proxy_create_hdrbrgd() - ELS-190 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fix undefined references in ap_proxy_create_hdrbrgd() - ELS-190

0 cloudlinux-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els7_amd64.deb 5b5482856b38e5c566e8a282166709c24c26f386 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els7_amd64.deb d088f0b3ce51dd386c7de900e298d4a27098235f apache2-data_2.4.18-2ubuntu3.17+tuxcare.els7_all.deb ee25382a4fe7fd8d93cb6dfd18e7274a08eb4789 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els7_amd64.deb 0f38182f4b47ad4807de0557be4b81439106c09c apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els7_all.deb fd6ba94359645afcf6ad46153c9ac4b6e3a9c945 apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els7_amd64.deb 71991f80ce72e9a63abfacac9d5829534264a9af apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els7_amd64.deb 9e3d4217e1ada7a12e440b6e496796161bc507ed apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els7_amd64.deb 20c8e4e0016937264e4208c5c64ccdad8a32dd58 CLSA-2022:1656959369 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: libcurl would reuse a previously created connection even when a TLS or SSH related option had been changed that should have prohibited reuse. - debian/patches/CVE-2022-27782-tls.patch: add missing primary checks of tls parameters before connection reuse - CVE-2022-27782 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: libcurl would reuse a previously created connection even when a TLS or SSH related option had been changed that should have prohibited reuse. - debian/patches/CVE-2022-27782-tls.patch: add missing primary checks of tls parameters before connection reuse - CVE-2022-27782

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb e7ef05477ede92c663ecf12a504ab970c2920a67 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb 7731a3c373d68cd4f7ccbb3edf7269f999e9e975 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb 42ffc5b25d99876f48d83f6ae1e26c9e4d13a221 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb 030187e7ee25e217fc413ff216a2f9529027d896 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els3_all.deb b8a43e0a15e0bee900241ce59391fc5d7c7f9386 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb d212e22c12a9d93dd96d4fc3619e4736628d4d45 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb f6c7a271f5fa5ebbe43263abf74ea999886caa69 libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els3_amd64.deb 67ddbb8faeb1443ae1aac678d2c7e7f3d88025ee CLSA-2022:1657182029 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: RCE via Uninitialized array in pg_query_params() - debian/patches/CVE-2022-31625.patch: don't free parameters which haven't initialized yet in ext/pgsql/pgsql.c, ext/pgsql/tests/bug81720.phpt. - CVE-2022-31625 * SECURITY UPDATE: RCE via mysqlnd/pdo password buffer overflow - debian/patches/CVE-2022-31626.patch: properly calculate size in ext/mysqlnd/mysqlnd_wireprotocol.c. - CVE-2022-31626 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: RCE via Uninitialized array in pg_query_params() - debian/patches/CVE-2022-31625.patch: don't free parameters which haven't initialized yet in ext/pgsql/pgsql.c, ext/pgsql/tests/bug81720.phpt. - CVE-2022-31625 * SECURITY UPDATE: RCE via mysqlnd/pdo password buffer overflow - debian/patches/CVE-2022-31626.patch: properly calculate size in ext/mysqlnd/mysqlnd_wireprotocol.c. - CVE-2022-31626

0 cloudlinux-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb b32c5542109d26f1244dc3ec0bb28bf0e3f1fdd8 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 9eaa7e6495aeae55700abff7e2ca449372065dd2 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_all.deb d3094956a534176af6fda302068a804df0d4a64c php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 5211fab83ca22832524d3613a3d5cc8b6ab1bbab php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb cc156ed1ce9adcb6e65c94c039ce3b5324b1f8e0 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 9664a4d4d0e3af45565d092ad58ac2f59ecbcf27 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 65d095976cfeb6408a55da79bba85fd5ecd33a39 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb eb6e1716cacb01a94233229cc6cfe697a00baf8a php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 36afc4effc137571779bae8e2f6082c419a25c22 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 5b6ec6356c7e40321afd9596b152fd5914f4d129 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb b8907660818d4eb45e749023b11b92b18ac8fdfb php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb bc41fb0d83403e9a6f10943d1b71355cab906337 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb d8c7658144f096b349125650bf0d77b170d82cc7 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb f903fcc1b5e7eb48ac74dd51c807adcf53a59a44 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb a9c5c80a71d652578b66d3e5b0bee75c04a059a0 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb bb3588f1d7d7747951001cddfa4ec23f687b9128 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 27b80aa6f4d92ef800848c3a39bbe0b3adb7621d php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 5d1415e17b7d65a549a10ee0563a4eee539ad7bd php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 11ab182ae3908964f2c38c88279f70924504fe29 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 00ba32d914f36ffcf2b3030132c6906c4185e3f9 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 1070c0fe035df99880e84d00cb0e1268e5759705 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 9931c02c248663db1ea88aa10cdfbf5a0f39338f php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb d099c429a5fcf922d3ff9ada444ec29d90ec93f1 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb a6c1e77814656544aff6045a14c4eb8b42724bce php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 0b726abe30198ee6223df093e25a90b7e9313644 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 40df1a6f9ffaccac55157adfccd3b68dcb267ab8 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb ce7889336ca95ff45e57304a54ac0b90139dba62 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb cd610b6a3d33312ab63fafce0fdf12697d1a4b86 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb b2207b947f7b45aac957b90ce560ad21f7929a64 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 36a1f5e812cdab4bd560240d30b420c9a33b40c8 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 8b88ae11e014ad70cea087fd077b8601d4f37259 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb a747f57b87f8109fc9daa0a15d40500b6b283aac php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 4ce6e2828888ca16e1c51a8af67ccef9bb1b86ba php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb feb2993d70454b14f6665b17a8eae18f616e9ad5 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 13af83c2839ae14ba5bbaa7ce173e286f781fe06 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 90a9a590c9e3f339f48eb24e317c091779602655 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb 5a4c14a243e8fe4d53ead54c31186a641e35e995 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_all.deb 8450343f59d9053a9da7c08323ca86be1b611f5d php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els3_amd64.deb a1602560faac7c2fbe6c219728182a0bb691e1b6 CLSA-2022:1657182150 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Reading past end of line with "gf" in Visual block mode - debian/patches/CVE-2022-1720.patch: Do not include the NUL in the length - CVE-2022-1720 * SECURITY UPDATE: Searching for quotes may go over the end of the line - debian/patches/CVE-2022-2124.patch: Check for running into the NUL - CVE-2022-2124 * SECURITY UPDATE: Lisp indenting my run over the end of the line - debian/patches/CVE-2022-2125.patch: Check for NUL earlier - CVE-2022-2125 * SECURITY UPDATE: Using invalid index when looking for spell suggestions - debian/patches/CVE-2022-2126.patch: Do not decrement the index when it is zero - CVE-2022-2126 * SECURITY UPDATE: Substitute may overrun destination buffer - debian/patches/CVE-2022-2129.patch: Disallow switching buffers in a substitute expression - CVE-2022-2129 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reading past end of line with "gf" in Visual block mode - debian/patches/CVE-2022-1720.patch: Do not include the NUL in the length - CVE-2022-1720 * SECURITY UPDATE: Searching for quotes may go over the end of the line - debian/patches/CVE-2022-2124.patch: Check for running into the NUL - CVE-2022-2124 * SECURITY UPDATE: Lisp indenting my run over the end of the line - debian/patches/CVE-2022-2125.patch: Check for NUL earlier - CVE-2022-2125 * SECURITY UPDATE: Using invalid index when looking for spell suggestions - debian/patches/CVE-2022-2126.patch: Do not decrement the index when it is zero - CVE-2022-2126 * SECURITY UPDATE: Substitute may overrun destination buffer - debian/patches/CVE-2022-2129.patch: Disallow switching buffers in a substitute expression - CVE-2022-2129

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb dd4b9d480f9533d70b8bf98ad993f8b47963ac8a vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 608270cfcba136f67efc7ac687d17402a19298c6 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 22a11b3e4d6bdd326ce784dd60f79cfb6b119cd9 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb c32df77c734a83af0b22380b4f7f84060195a9fe vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els20_all.deb 581c590e4cec47f7e8fcf51d2a3558932a03ccd1 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 25cfa1e9de260411660135ff3a432e1fdbb3afa7 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 5eb1f83a1ef19899c95ea33401d72648f5084742 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 9e504b266e018cd0aaa08a00d44884caa0fe9686 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 5e644dd3be7f1b4c450f15f7fe74846b5fbc296a vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb bc6e50d4381ed224c830eada004261eeb7b3cae2 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 09206284af3ba14acc0c5f90304f23e091f2947c vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els20_all.deb c5f4e94422c78bfebdbc38bc0bb4191c3dc0b349 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb c76a6c3956083b5e80309adcdd13a838bcabcd5e vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 54fc12a91c43f915b5dfa4bb2dac7f46aac85952 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els20_all.deb 89cc02f1c1742d168e1ddac540b06220da77243c vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els20_amd64.deb 1031a203c10d5bf04a3130f3b57eaa26159308aa CLSA-2022:1657813374 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Heap-based buffer overflow in function utf_ptr2char - debian/patches/CVE-2022-2182.patch: When on line zero check the column is valid for line one in do_one_cmd function - CVE-2022-2182 * SECURITY UPDATE: Out-of-bounds read in function get_lisp_indent - debian/patches/CVE-2022-2183.patch: Add check to avoid going over the NUL at the end of the line in get_lisp_indent function - CVE-2022-2183 * SECURITY UPDATE: Heap-based buffer overflow in function ins_bs - debian/patches/CVE-2022-2207.patch: Check the cursor column is more than zero in ins_bs function - CVE-2022-2207 * SECURITY UPDATE: Out-of-bound write in function ml_append_int - debian/patches/CVE-2022-2210.patch: Use zero offset when change removes all lines in a diff block in diff_mark_adjust_tp function - CVE-2022-2210 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based buffer overflow in function utf_ptr2char - debian/patches/CVE-2022-2182.patch: When on line zero check the column is valid for line one in do_one_cmd function - CVE-2022-2182 * SECURITY UPDATE: Out-of-bounds read in function get_lisp_indent - debian/patches/CVE-2022-2183.patch: Add check to avoid going over the NUL at the end of the line in get_lisp_indent function - CVE-2022-2183 * SECURITY UPDATE: Heap-based buffer overflow in function ins_bs - debian/patches/CVE-2022-2207.patch: Check the cursor column is more than zero in ins_bs function - CVE-2022-2207 * SECURITY UPDATE: Out-of-bound write in function ml_append_int - debian/patches/CVE-2022-2210.patch: Use zero offset when change removes all lines in a diff block in diff_mark_adjust_tp function - CVE-2022-2210

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb f8734d6715a803a41d2b64591cac8348ce3a5dd8 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb 25629c985b6c8297df7e91c3e382b93461d291a8 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb 5dfc0fcb7c5861b0235f18a61baabc8bb6518047 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb e9d4109499bdac9da378d3516a4208c4dce04d6f vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els22_all.deb 03eae57a2f7af69df2801ce139180f5b15de06d8 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb b28b4e9e5e01a397c5c2db08536de23d06402a08 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb 494d3499f8cfd5fb14453467b1ed4cfa943efa69 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb e0955d2d431bee43b90e60fe5275822f8bfb50f2 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb 660d7d29643f04bf8393f372650dc3f61d037343 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb 1135fc18550128d3cebc49beb78a0cf722d86383 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb c6befe934f10d27236780a3fa627ec3179671b3a vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els22_all.deb 1b52846bdae0ca0dac3b90a416ea8af07b4b85ee vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb e39458042b8210c1b7a45a9680b9b9cc0ebb7fc8 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb d804c55ccd4d0609b76908eba1b94a5b190379c7 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els22_all.deb 52c98b0c85b2ae550dc247e66f5c9597a916cd1a vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els22_amd64.deb 28a71d2961b36d59ae32006dc1d750ed46d6e118 CLSA-2022:1657814447 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: MITM attack introducing arbitrary SQL quieries - debian/patches/CVE-2021-23214.patch: Raise error if data was received during SSL handshake - CVE-2021-23214 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: MITM attack introducing arbitrary SQL quieries - debian/patches/CVE-2021-23214.patch: Raise error if data was received during SSL handshake - CVE-2021-23214

0 cloudlinux-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb ce1db2f64a93b7eeb6eb0f970bbb016db8701bce libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 3aa306e1636d2124e57bcc172cddc29ebb09935f libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb b6b015963fa65f9adcc01e217ca99471d4bc0728 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 2b9698a425c7a61e4f99d8d1bce7732311502dc9 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb f3f5300372b51d70d38770e7662037aaaa22cfd4 libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb cc35fbf39579f142fd1770b545c083b9b8f0a142 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb c55fd9b31f4a4d366f3cf1949ff7b8216059a53d postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 720f4c6e186da7efb0ebcbafe2ec99505ba857e7 postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 34efa0a0e54b0eb539750a2a98e06b0e0da3d11f postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_all.deb 315059395c243d81ffdfec0a72b1f2f4d4c0e35a postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 549103aa65f672973e7f39e749e10d924603f258 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb d0c750295f08052eb18131735e274d71931a46b4 postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb ed4d33058ad8b21753741df4dd26391a54ab2819 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 02271f3e16c4c680a02a224df4ce70089a76da4b postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 6a5ee775ad04407706e4894a9779a87d0266fc51 CLSA-2022:1657814965 Copyright 2021 Cloud Linux Inc 0 * SECURITY REGRESSION: Invalid fix for CVE-2022-1473 - debian/patches/CVE-2022-1473.patch: removing unnecessary patch since this version is actually not affected * SECURITY UPDATE: c_rehash script allows command injection - debian/patches/CVE-2022-1292.patch: switch to upstream patch, and apply it before c_rehash-compat.patch - debian/patches/CVE-2022-2068.patch: fix file operations in tools/c_rehash.in - debian/patches/c_rehash-compat.patch: updated patch to apply after the security updates - CVE-2022-2068 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY REGRESSION: Invalid fix for CVE-2022-1473 - debian/patches/CVE-2022-1473.patch: removing unnecessary patch since this version is actually not affected * SECURITY UPDATE: c_rehash script allows command injection - debian/patches/CVE-2022-1292.patch: switch to upstream patch, and apply it before c_rehash-compat.patch - debian/patches/CVE-2022-2068.patch: fix file operations in tools/c_rehash.in - debian/patches/c_rehash-compat.patch: updated patch to apply after the security updates - CVE-2022-2068

0 cloudlinux-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els4_amd64.deb 5c7873740644dc254a9aa6949e9d5217ac3610dc libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els4_all.deb 632d084d1af09a5d5e40c346432e3895014be9e2 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els4_amd64.deb 73aa0ab92d76dc352ddf93ee3bc3ec97bde0d624 openssl_1.0.2g-1ubuntu4.21+tuxcare.els4_amd64.deb bd9fe94aefb03dfeb07ecaa1f6620a6c1ac03751 CLSA-2022:1657815857 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: fix undefined behavior - debian/patches/CVE-2022-32546.patch: fix outside of range value type convertion leading to undefined behavior - CVE-2022-32546 * SECURITY UPDATE: fix undefined behavior - debian/patches/CVE-2022-32547.patch: fix loading misaligned address - CVE-2022-32547 * SECURITY UPDATE: outside of range issue - debian/patches/CVE-2022-32545.patch: fix outside the range value of type 'unsigned int' at coders/psd.c - CVE-2022-32545 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix undefined behavior - debian/patches/CVE-2022-32546.patch: fix outside of range value type convertion leading to undefined behavior - CVE-2022-32546 * SECURITY UPDATE: fix undefined behavior - debian/patches/CVE-2022-32547.patch: fix loading misaligned address - CVE-2022-32547 * SECURITY UPDATE: outside of range issue - debian/patches/CVE-2022-32545.patch: fix outside the range value of type 'unsigned int' at coders/psd.c - CVE-2022-32545

0 cloudlinux-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb ee3eaba35df0ccc574b426d7aa3c418f7d88e99e imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 5f33905228159b67dee06534d9136c37b45b11eb imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb bba571bbdff4221ad04ca2c7fa358b2428759600 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 2d536dd8c1fb0cfb6fc023347e558735e25646b9 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 436423c88b311135c022077e537ac661d3498df2 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 1dd7d90213c797a5d88d77268c5005361e77d1c8 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 73d37ec65b27498c7a873e87b53bfb4d025496a0 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 0716556fb210b500f93b90b2eedef32ad4cde9c3 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb d36c7f072d89aba4667ab187f3c1ecdc20a4ba3c libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb ac57014b742984ce2a5b6fe3f90a837199b2b0e3 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb ee0a075016d2899bd705336388a8cc1764d3a08f libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 856eb081dd3cc7b5b66b6e8b81911b55708de1eb libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 8a5ea1212753f9adbb35e4c7ab1f8d700c0a44b4 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 45985e2c60864f91554eeafa9ef438f39ead89b3 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 08caa0bb6fa47bd7b3983bf4a83b3342cd76f6a8 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 58cc5be39280c6f4ea73bb6a8664c642cdd2a06b libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb fcc42e6bf1f75a95b1b2fd9811364bee6561d4cc libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 1a15c848c5a54c25f44ac8cf02d6cff3043bd0e5 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els4_amd64.deb 74f924bed9884dfbf8bde8c317a78f748f9e485d libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 8c84cce840a00e9acd8b9df12220e46e4f1fd8a9 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els4_all.deb 32cb8088315cfcb1ba466017c7e934851c3fd0e3 CLSA-2022:1657815972 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: signature forgery via injection into the status line - debian/patches/CVE-2022-34903.patch: Fix garbled status messages in NOTATION_DATA in g10/cpr.c. - CVE-2022-34903 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: signature forgery via injection into the status line - debian/patches/CVE-2022-34903.patch: Fix garbled status messages in NOTATION_DATA in g10/cpr.c. - CVE-2022-34903

0 cloudlinux-ubuntu16.04-els dirmngr_2.1.11-6ubuntu2.1+tuxcare.els1_amd64.deb 6b3adad58cf1e3261474b9d6c51d6dae7f062153 gnupg-agent_2.1.11-6ubuntu2.1+tuxcare.els1_amd64.deb 2eef909dbf0ab9aea93900ffd8225ac4e45c0f9e gnupg2_2.1.11-6ubuntu2.1+tuxcare.els1_amd64.deb 86180f645fa023e8e86ccd79e5e982528ce3122b gpgsm_2.1.11-6ubuntu2.1+tuxcare.els1_amd64.deb 031264cccfff960cd1dfa2e07c0fbadc22f43d2b gpgv2_2.1.11-6ubuntu2.1+tuxcare.els1_amd64.deb f1b8b55aebcded145ff750f4af527da61cc7fd78 scdaemon_2.1.11-6ubuntu2.1+tuxcare.els1_amd64.deb 84b6913a54a9e22c8b3f3f61092ed804feea40cd CLSA-2022:1658172105 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Update to 5.7.37 to fix security issues - CVE-2022-21245, CVE-2022-21270, CVE-2022-21303, CVE-2022-21304 CVE-2022-21344, CVE-2022-21367 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.37 to fix security issues - CVE-2022-21245, CVE-2022-21270, CVE-2022-21303, CVE-2022-21304 CVE-2022-21344, CVE-2022-21367

0 cloudlinux-ubuntu16.04-els libmysqlclient-dev_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb fe0416ca85b5a4353da0d4758d8a5b78d81897cd libmysqlclient20_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb d55841ea1e8122784eda6557c40ba67bee4e0d38 libmysqld-dev_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 1aed793dbb259ec14841655624fe453ccebd9a75 mysql-client_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_all.deb 7b50f32dc9e0d1ee89c32e868357e825cbabd1d7 mysql-client-5.7_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 48c81541ae195edf8b19602e26e030abeeb2bfe5 mysql-client-core-5.7_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb f06cac79d3c71bba4ebfde8724a8ea5012ad6924 mysql-common_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_all.deb 1ca5a6c0011323e205460e70dfb0a279693bd4d9 mysql-server_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_all.deb d434a00f2fb06f2e5545b9ca6c1a6304f54b5477 mysql-server-5.7_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb e9dcede3002eb71434715ee54dc4b1d48eb4391e mysql-server-core-5.7_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 752e1dbc9059d9d10312c2113a03ca33e08ed3c6 mysql-source-5.7_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 87f3d0e2bf531e753ac42f8aefb2ac535cade596 mysql-testsuite_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_all.deb fd88c0845f4a461ce680a756f15c3b7f62875943 mysql-testsuite-5.7_5.7.37-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 8dda16361af5c0128f4d2a6baaf107cf91fb82ac CLSA-2022:1658172267 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Out-of-bound read in function msg_outtrans_attr - debian/patches/CVE-2022-2206.patch: Adjust cmdline_row and msg_row to the value of Rows. - CVE-2022-2206 * SECURITY UPDATE: Heap-based buffer overflow in function utfc_ptr2len - debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a window. - CVE-2022-2284 * SECURITY UPDATE: Integer overflow in function del_typebuf - debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead - CVE-2022-2285 * SECURITY UPDATE: Out-of-bounds read in function ins_bytes - debian/patches/CVE-2022-2286.patch: Check the length of the string - CVE-2022-2286 * SECURITY UPDATE: Out-of-bound read data in function suggest_trie_walk() abusing array byts - debian/patches/CVE-2022-2287.patch: Disallow adding a word with control characters or a trailing slash. - CVE-2022-2287 * SECURITY UPDATE: Heap-based buffer overflow in function inc on put command - debian/patches/CVE-2022-2264.patch: Adjust the end mark position. - CVE-2022-2264 * SECURITY UPDATE: Out-of-bound read in function msg_outtrans_special - debian/patches/CVE-2022-2257.patch: check for NUL in str2special - CVE-2022-2257 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out-of-bound read in function msg_outtrans_attr - debian/patches/CVE-2022-2206.patch: Adjust cmdline_row and msg_row to the value of Rows. - CVE-2022-2206 * SECURITY UPDATE: Heap-based buffer overflow in function utfc_ptr2len - debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a window. - CVE-2022-2284 * SECURITY UPDATE: Integer overflow in function del_typebuf - debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead - CVE-2022-2285 * SECURITY UPDATE: Out-of-bounds read in function ins_bytes - debian/patches/CVE-2022-2286.patch: Check the length of the string - CVE-2022-2286 * SECURITY UPDATE: Out-of-bound read data in function suggest_trie_walk() abusing array byts - debian/patches/CVE-2022-2287.patch: Disallow adding a word with control characters or a trailing slash. - CVE-2022-2287 * SECURITY UPDATE: Heap-based buffer overflow in function inc on put command - debian/patches/CVE-2022-2264.patch: Adjust the end mark position. - CVE-2022-2264 * SECURITY UPDATE: Out-of-bound read in function msg_outtrans_special - debian/patches/CVE-2022-2257.patch: check for NUL in str2special - CVE-2022-2257

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 0c8297dce2f4ca20768ba629179324b19e0a9d2a vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb a0aedb5faf4a4598cd89400c078c214c9c78b39f vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 1e47de904354d9934eab2a58f93a9c30723c98cf vim-common_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 36b5c8ab377aa9598cd34c66b723bd6188c4dd22 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els23_all.deb d5727016ba4080cdad98cb5ea860bf3cdaa163b8 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 6512ee157dcbccdf9087dfa68048e5003bfafb18 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb f60cf225b30bba06ebb78e9ea0c708d372caa3f4 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb cfad898b0f187cf93491d0318bb1c2ce527e6207 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 5798e24e202c5763be09240a3746d53717e2ff0f vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 4a4847e3fa3e3bd89f008fb8f7f1d566e2eb2a2f vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb c8dfc65d6bc8411e589c39ffef975fafe723ef0b vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els23_all.deb ef49a621a582b2562866e32f2b6d2712f216804a vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb e202ce6f2f8dff9bf4519e511cebb2ac37ed831c vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb ccbf3971a50d291ed4d9383931c9dc2902cc31b0 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els23_all.deb 0af588ef232b0b616d6b1c2425747c8a193eeba2 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb 65fad051c60e05f930c7b2bac12d2387c3fbc82b CLSA-2022:1658345239 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Update to 5.7.38 to fix security issues - CVE-2022-21417, CVE-2022-21427, CVE-2022-21444, CVE-2022-21451, CVE-2022-21454, CVE-2022-21460 - debian/rules,debian/tests/upstream: disable newly-failing main.slow_log test. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.38 to fix security issues - CVE-2022-21417, CVE-2022-21427, CVE-2022-21444, CVE-2022-21451, CVE-2022-21454, CVE-2022-21460 - debian/rules,debian/tests/upstream: disable newly-failing main.slow_log test.

0 cloudlinux-ubuntu16.04-els libmysqlclient-dev_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a270d8879954d52d224844ad7a28e0ca2a59057b libmysqlclient20_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb fc58de9b5c8ced7b06757d74a5efcac94b9be186 libmysqld-dev_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb b2f8b853aade1783ea4a16c8243f8413c08e9c2c mysql-client_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_all.deb 606627c89356bc1ddd1b471a7a7ee0475302d888 mysql-client-5.7_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 07b0dfe0adb98e69a820f0c0634dfcbc8ae1f488 mysql-client-core-5.7_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 053cbe50ec187ee583a7aa3e2ecd82804cb7ad63 mysql-common_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_all.deb 08f9aad329992a1d43d07ef54ee477e95d2cff8d mysql-server_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_all.deb 39ab945385e74606b90befd3d814e8431a9d4c23 mysql-server-5.7_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 1a0fa33c3ec0bfc655b2ac95fa8ce64aac20480b mysql-server-core-5.7_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 7b5b07af3cee3e69eaf6ac4374ba9178300630f7 mysql-source-5.7_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb e5b32a912801ef5e2e1525ca64d507d3e6e8afe1 mysql-testsuite_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_all.deb d27bfd0646d737b3267113bd2564e8a0881477ba mysql-testsuite-5.7_5.7.38-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 4eb41b171c5a9ccbb98bfabcee72da91c3d62a26 CLSA-2022:1658346144 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Injection vulnerability - debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe filenames/types/param in Lib/mailcap.py. - CVE-2015-20107 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Injection vulnerability - debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe filenames/types/param in Lib/mailcap.py. - CVE-2015-20107

0 cloudlinux-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_all.deb 9cf8aeab6adf8c184f971ac2abd66cb848e126ba libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 8ff6a7c9e407044110062c9dde23844c08ed5f27 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 2ab9a36cc27dc9fe0b76e66891edb605b072ea2c libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 49151c7dc3a90b52189bb996b3a7b232b1040de5 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 9971595384498a4aad5d0052593c079dad3f6083 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_all.deb f3001449409cf310d0dcd48a7f7b7f23c49c967c python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 78e66c1206e8f3b84083842c56cedfe0ded9d04b python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 5171d087b2499cc81e3d5ac94f0ad17cf258a6d9 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_all.deb 6efbac08efdba234bde709df77d5b641734c4ee2 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_all.deb 6c4c89cca67719f03c73e2db23894cfecd043259 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 6b06a2492f239a7c48409f17cb908ccb266513ee python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els5_amd64.deb 3b9a612d08f6ca197d2b3a18548969f1bf1db109 CLSA-2022:1658346794 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Injection vulnerability - debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe filenames/types/param in Lib/mailcap.py. - CVE-2015-20107 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Injection vulnerability - debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe filenames/types/param in Lib/mailcap.py. - CVE-2015-20107

0 cloudlinux-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_all.deb 3962d2273660daf693336d9df5cea960ba99dfd6 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb 09219cb6e5706bcbcdb10671669c3ab73bc04451 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb 07dbaa8610ccb483679b47b2764ba209f58f812f libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb 1d0f6eab40d1d3b44ca93d92d7e27de1519a989a libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb 1ed6afe2d61c6a05d67db057dbf9be0394412e0e libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_all.deb 82e2811dda4ac40ebfdc0e7aefbc674075b5b5ef python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb a40876013d4672d1c30a5170b8ad8298d723ca27 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb 75253a5492a1bde79e6e851b494eeb8d65f1aa96 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_all.deb b71cd7706971b4ad74e7a0ccada21a68cbad44f4 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_all.deb 39ee4151feb170ee0ddb1a14e3d41c999f380e00 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els4_amd64.deb d65df49eb282d0e687284fadbabc1dbe5a483f33 CLSA-2022:1658856539 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Accessing freed memory with diff put - debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no longer valid - CVE-2022-2289 * SECURITY UPDATE: Spell dump may go beyond end of an array - debian/patches/CVE-2022-2304.patch: Limit the word length - CVE-2022-2304 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Accessing freed memory with diff put - debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no longer valid - CVE-2022-2289 * SECURITY UPDATE: Spell dump may go beyond end of an array - debian/patches/CVE-2022-2304.patch: Limit the word length - CVE-2022-2304

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb a284537814f443826a1a2515f4cd9a042549d4a2 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb f928d44cd9184d694c6de912d705042c5763049b vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb bab4a6f4693f3f1933564084bbb54883bba7271c vim-common_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb b5a00f8ca38cb5912eb11da4b90bfe423448e672 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els24_all.deb 1d4c0589a0d28b8bce42c93c5aba40d3b5968652 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb 61fea1f372ad10d76d36c4473bf52f9cc860049e vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb 09c2fedcd72f15383d01b52946ab0f54193315fb vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb 98133545a3ec0bc6caa5b20daa80cd1c3f3f503d vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb fd319e6aefe7b2157d66be1847adbc3757eb89e5 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb d4482e064aa4cb1d716e1d23c000c5567836e5e1 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb d115a56a40fb8bbe162f6bfe473856dbf11c0e22 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els24_all.deb 669223db67d58f8bde16d90317f7d02fa4c2241e vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb 74cb64283bcd43176a31a58193022a4247a890c0 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb 7c1760c87d3aae20bac6aa93021402dbedaa2999 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els24_all.deb f20db692f145421727f7f90a93537e7db26e7025 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els24_amd64.deb 04bba7eb6fd521a0d4b18fd4d3c573e75cc15c0d CLSA-2022:1659636455 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: New microcode data file 2022-05-10 - New microcodes: sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 - Updated microcodes: sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224 sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496 sig 0x000406f1, pf_mask 0xef, 2021-05-19, rev 0xb000040, size 35840 sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888 sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568 sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264 sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912 sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776 sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776 sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640 sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280 sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400 sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472 sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472 sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480 sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544 sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472 sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448 sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280 sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256 sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424 - Removed microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 - CVE-2021-0146, INTEL-SA-00528 - CVE-2021-0127, INTEL-SA-00532 - CVE-2021-0145, INTEL-SA-00561 - CVE-2021-33117, INTEL-SA-00586 - CVE-2021-33120, INTEL-SA-00589 - CVE-2022-21123, INTEL-SA-00615 - CVE-2022-21125, INTEL-SA-00615 - CVE-2022-21127, INTEL-SA-00615 - CVE-2022-21166, INTEL-SA-00615 - CVE-2022-21151, INTEL-SA-00617 * source: update symlinks to reflect id of the latest release, 20220510 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2022-05-10 - New microcodes: sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 - Updated microcodes: sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224 sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496 sig 0x000406f1, pf_mask 0xef, 2021-05-19, rev 0xb000040, size 35840 sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888 sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568 sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264 sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912 sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776 sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776 sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640 sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280 sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400 sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472 sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472 sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480 sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544 sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472 sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448 sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280 sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256 sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424 - Removed microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 - CVE-2021-0146, INTEL-SA-00528 - CVE-2021-0127, INTEL-SA-00532 - CVE-2021-0145, INTEL-SA-00561 - CVE-2021-33117, INTEL-SA-00586 - CVE-2021-33120, INTEL-SA-00589 - CVE-2022-21123, INTEL-SA-00615 - CVE-2022-21125, INTEL-SA-00615 - CVE-2022-21127, INTEL-SA-00615 - CVE-2022-21166, INTEL-SA-00615 - CVE-2022-21151, INTEL-SA-00617 * source: update symlinks to reflect id of the latest release, 20220510

0 cloudlinux-ubuntu16.04-els intel-microcode_3.20220510.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 53d2d0e6f5b7b0fab6035548ae829c39c173c510 CLSA-2022:1659636700 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Update to 5.7.39 to fix security issues - CVE-2022-21515 - debian/patches/disable_tests.patch: added new failing test with 5.7.39 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.39 to fix security issues - CVE-2022-21515 - debian/patches/disable_tests.patch: added new failing test with 5.7.39

0 cloudlinux-ubuntu16.04-els libmysqlclient-dev_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb ddb9212ebcafba3e45152b15077e9c3cd820e960 libmysqlclient20_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 6c3fb84fe3700860a60f406903e70bafc67a9f8f libmysqld-dev_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 3ba8f47d552f5bf9b5347a562ba59efc75fd0568 mysql-client_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_all.deb 205c27479804085a0e6d1b1a5f2e9a71b50382d3 mysql-client-5.7_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb efcee95c4b4ece67bcee103bdc90e3b84dd47bcf mysql-client-core-5.7_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 6a2005893601a597a74159fbacf12c73c1da3c7c mysql-common_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_all.deb 5e8e57958ca844aa717a3445ba817d2c482348d9 mysql-server_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_all.deb a418b2588c252bc56e502629325ecf7fcc5bc98b mysql-server-5.7_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 81312f03443e22ee10ada009ac105e1e0db84d92 mysql-server-core-5.7_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a4e857d7335ac79cdf22fa47023a215357d6a305 mysql-source-5.7_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 44dcaec5763c1912a9f45ab010a4d2938111f867 mysql-testsuite_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_all.deb ce533ea5ece2b5d19bae79f278715a4d0b62d0fc mysql-testsuite-5.7_5.7.39-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb d0b97fd448b2ed925aa59d02f140cefb7579cba2 CLSA-2022:1659636773 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Using freed memory with recursive substitute - debian/patches/CVE-2022-2345.patch: Always make a copy for reg_prev_sub - CVE-2022-2345 * SECURITY UPDATE: Reading past end of completion with duplicate match - debian/patches/CVE-2022-2344.patch: Check string length - CVE-2022-2344 * SECURITY UPDATE: Reading past end of completion with a long line and 'infercase' set - debian/patches/CVE-2022-2343.patch: Allocate the string if needed - CVE-2022-2343 * SECURITY UPDATE: Accessing uninitialized memory when completing long line - debian/patches/CVE-2022-2522.patch: Terminate string with NUL. - CVE-2022-2522 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using freed memory with recursive substitute - debian/patches/CVE-2022-2345.patch: Always make a copy for reg_prev_sub - CVE-2022-2345 * SECURITY UPDATE: Reading past end of completion with duplicate match - debian/patches/CVE-2022-2344.patch: Check string length - CVE-2022-2344 * SECURITY UPDATE: Reading past end of completion with a long line and 'infercase' set - debian/patches/CVE-2022-2343.patch: Allocate the string if needed - CVE-2022-2343 * SECURITY UPDATE: Accessing uninitialized memory when completing long line - debian/patches/CVE-2022-2522.patch: Terminate string with NUL. - CVE-2022-2522

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb db88bc56f049dc4b2c11bf30a62030d546124258 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 3257ba26b6deacdce7e1695f0c50df334c49b096 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 98df29cd9a3210ca3f17773b4b0dbb7d8cef8212 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb c7223c8e89c7db5a19e7444bed00112ccddc2a54 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els25_all.deb 8898350f32e6df87845fbd4ec74bc212a271e462 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 21eb37e7d1938781361f21df0d426b072dadadfe vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb ea792dd47dc613c2528193b3e756a8bcbe221a13 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb b79d5e4324b898fa40e020c507b8ba8592e39a4f vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 971224e4c6fa83d595e30fbb51fc89fed44976e7 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 7887473255dee4cf5843eda28a90e42cf525812c vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb d213a6fe33e7cc5847eb6752b8655d0a383410ee vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els25_all.deb 179eee0bac6c4b76db9c62e581026a1835d2abc7 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 2ab861cd71f195d0135e57c1e4243ddf699cbb60 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb 9bf129652fa0d41244d5a8519f9f981091140ff9 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els25_all.deb e2926ebaf38c20ed0575ab64fc2456972c098084 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els25_amd64.deb af10c5db95acf701539b1ff13a1424e83dcd5ed1 CLSA-2022:1660064066 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Integer overflows - debian/patches/CVE-2022-29824.patch: Fix integer overflows in xmlBuf and xmlBuffer in tree.c, buf.c - CVE-2022-29824 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflows - debian/patches/CVE-2022-29824.patch: Fix integer overflows in xmlBuf and xmlBuffer in tree.c, buf.c - CVE-2022-29824

0 cloudlinux-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els3_amd64.deb 366987a417d87ac0204a467758e0cb60522d069d libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els3_amd64.deb a5be220c88e5687395f96b1253b54012485d6e1e libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els3_all.deb 42046e685f023f59ceaf131c02bc0b09f2dce50a libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els3_amd64.deb 84ba3be06317b4be54341653ad394880d4379180 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els3_amd64.deb 7a5a97b6c71494668312dcfbcded6f86886dfd44 CLSA-2022:1660064148 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2020-17525.patch: Add missing NULL check. - CVE-2020-17525 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service - debian/patches/CVE-2020-17525.patch: Add missing NULL check. - CVE-2020-17525

0 cloudlinux-ubuntu16.04-els libapache2-mod-svn_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb a582c848cfc98945f42cc8f916eb52d7778a10b6 libapache2-svn_1.9.3-2ubuntu1.3+tuxcare.els1_all.deb cdfacee59a2ddd47f6864a7a6805f77a3bbea0a8 libsvn-dev_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb b1ec9c93e372cbb7b7dce739dab7dba06be8f961 libsvn-doc_1.9.3-2ubuntu1.3+tuxcare.els1_all.deb 909a4225ae1144fd966e9e0dd7ffad34365d7e95 libsvn-java_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb 5a46aa1f498f0cbc27638df016a85d5f1c197693 libsvn-perl_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb 9bf849dbbb0b51a771d7bb7c621f5cd1a9b25624 libsvn-ruby1.8_1.9.3-2ubuntu1.3+tuxcare.els1_all.deb 9352d80b9b0a3395ab22b677f55dfffbeeba5055 libsvn1_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb 21a059cadd7fb4435fa6bbf991cbfd76eee48b31 python-subversion_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb 98a209cd769ed6edfc1aeae3aee4568bf0d5b644 ruby-svn_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb e34d5668406ebf97ea8ae4e0bf862a7de6aca962 subversion_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb d1addc7beea7b54391d2ca06220899970e236ae4 subversion-tools_1.9.3-2ubuntu1.3+tuxcare.els1_amd64.deb bc45e14a054f8b3ecc5e91f725d51911310bb2db CLSA-2022:1660064249 Copyright 2021 Cloud Linux Inc 0 * Backport upstream releases 8u342 and 8u332 to 16.04 LTS * Security fixes in 8u342: - JDK-8272243: Improve DER parsing - JDK-8272249: Better properties of loaded Properties - JDK-8277608: Address IP Addressing - JDK-8281859, CVE-2022-21540: Improve class compilation - JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations - JDK-8283190: Improve MIDI processing - JDK-8284370: Improve zlib usage - JDK-8285407, CVE-2022-34169: Improve Xalan supports * Security fixes in 8u332: - JDK-8269938: Enhance XML processing passes redux - JDK-8270504, CVE-2022-21426: Better XPath expression handling - JDK-8272255: Completely handle MIDI files - JDK-8272261: Improve JFR recording file processing - JDK-8272594: Better record of recordings - JDK-8274221: More definite BER encodings - JDK-8275151, CVE-2022-21443: Improved Object Identification - JDK-8277227: Better identification of OIDs - JDK-8277672, CVE-2022-21434: Better invocation handler handling - JDK-8278008, CVE-2022-21476: Improve Santuario processing - JDK-8278356: Improve file creation - JDK-8278449: Improve keychain support - JDK-8278805: Enhance BMP image loading - JDK-8278972, CVE-2022-21496: Improve URL supports - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream releases 8u342 and 8u332 to 16.04 LTS * Security fixes in 8u342: - JDK-8272243: Improve DER parsing - JDK-8272249: Better properties of loaded Properties - JDK-8277608: Address IP Addressing - JDK-8281859, CVE-2022-21540: Improve class compilation - JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations - JDK-8283190: Improve MIDI processing - JDK-8284370: Improve zlib usage - JDK-8285407, CVE-2022-34169: Improve Xalan supports * Security fixes in 8u332: - JDK-8269938: Enhance XML processing passes redux - JDK-8270504, CVE-2022-21426: Better XPath expression handling - JDK-8272255: Completely handle MIDI files - JDK-8272261: Improve JFR recording file processing - JDK-8272594: Better record of recordings - JDK-8274221: More definite BER encodings - JDK-8275151, CVE-2022-21443: Improved Object Identification - JDK-8277227: Better identification of OIDs - JDK-8277672, CVE-2022-21434: Better invocation handler handling - JDK-8278008, CVE-2022-21476: Improve Santuario processing - JDK-8278356: Improve file creation - JDK-8278449: Improve keychain support - JDK-8278805: Enhance BMP image loading - JDK-8278972, CVE-2022-21496: Improve URL supports - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo

0 cloudlinux-ubuntu16.04-els openjdk-8-demo_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 016d4780c01045d1c3d7b72f2189f5f205d5141a openjdk-8-doc_8u342-b07-0ubuntu1~16.04+tuxcare.els1_all.deb aac2ce7d83538c0eeebcfd05ec6e44b2934632ed openjdk-8-jdk_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 9a30c834fe268ead95ff2e6169e129170e60092a openjdk-8-jdk-headless_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 473f5fe5bb12cc4511f4ae9b2b6aaac4262f89b6 openjdk-8-jre_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 8532b4ae48c7a2191791e7caef6a6afab08a660f openjdk-8-jre-headless_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 2c17005d6f605cb6a1b3a2c4ef25439578597b21 openjdk-8-jre-jamvm_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 79a62feb0467c81fef4d849e3b2df460b215a59a openjdk-8-jre-zero_8u342-b07-0ubuntu1~16.04+tuxcare.els1_amd64.deb 4e99979f882bc6b654a7591469cdec2d2b87b5d9 openjdk-8-source_8u342-b07-0ubuntu1~16.04+tuxcare.els1_all.deb fe8eb2c13007860e3fba32b64c95be482d413556 CLSA-2022:1660760293 Copyright 2021 Cloud Linux Inc 0 * Security fixes: - JDK-8148005: One byte may be corrupted by get_datetime_string() Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Security fixes: - JDK-8148005: One byte may be corrupted by get_datetime_string()

0 cloudlinux-ubuntu16.04-els openjdk-8-demo_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb 78f5ec1cb68041a4af2a5bbc332f99df2235db59 openjdk-8-doc_8u342-b07-0ubuntu1~16.04+tuxcare.els2_all.deb 171043fb9091e62a2b54da6c9a00503d05bc59c8 openjdk-8-jdk_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb 3a0bd3e0eacaa0fc3d58af7a48f8144daccd487d openjdk-8-jdk-headless_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb b6434b382321339686094bcf76c54c22084d7433 openjdk-8-jre_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb ee57cfe542cf736a8d616605a94949065d5c9aef openjdk-8-jre-headless_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb e1ea5b18202e34dccf5eb2a488d1a48b58ede1d6 openjdk-8-jre-jamvm_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb 8e2654d9c9ab62bf8fe0e4dd2f824dcc19160660 openjdk-8-jre-zero_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb aa09004154072ba01df3fedfed583a5cc3da1400 openjdk-8-source_8u342-b07-0ubuntu1~16.04+tuxcare.els2_all.deb 088574aff9ec65c83af8daa78b073b17caeb390b CLSA-2022:1660760405 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: possible buffer overflow when getting a gzip header extra field with inflate() - debian/patches/CVE-2022-37434.patch: ensure that space the user provided with inflateGetHeader() is enough when multiple calls of inflate() delivers an extra header data. - CVE-2022-37434 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible buffer overflow when getting a gzip header extra field with inflate() - debian/patches/CVE-2022-37434.patch: ensure that space the user provided with inflateGetHeader() is enough when multiple calls of inflate() delivers an extra header data. - CVE-2022-37434

0 cloudlinux-ubuntu16.04-els lib32z1_1.2.8.dfsg-2ubuntu4.3+tuxcare.els2_amd64.deb 9ba28de970590c14f7d14e489af8a3b8eeed5fa0 lib32z1-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els2_amd64.deb 2d00b6c1383fc6fd535156681b241b9ed06db390 libx32z1_1.2.8.dfsg-2ubuntu4.3+tuxcare.els2_amd64.deb 4369cbb9f0b0075686324af1b9b42b9e2099fe51 libx32z1-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els2_amd64.deb eb31687a6e5666254272b8e4169d981ae19b1002 zlib1g_1.2.8.dfsg-2ubuntu4.3+tuxcare.els2_amd64.deb d31336540951508539260290fb35fc6942eb16d3 zlib1g-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els2_amd64.deb 8fdcd5a6aece2bf6fe8f23b5344974b3796bd973 CLSA-2022:1660760528 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * fix tests adding XCS definition - debian/patches/fix_test_xcs.patch: in tests/runtests.c. * SECURITY UPDATE: Realloc misbehavior - debian/patches/CVE-2021-45960.patch: detect and prevent troublesome left shifts in function storeAtts in lib/xmlparse.c. - CVE-2021-45960 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-46143.patch: prevent integer overflow on m_groupSize in function doProlog in lib/xmlparse.c. - CVE-2021-46143 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-22822-to-CVE-2022-22827.patch: prevent integer overflow in multiple places in lib/xmlparse.c. - CVE-2022-22822 - CVE-2022-22823 - CVE-2022-22824 - CVE-2022-22825 - CVE-2022-22826 - CVE-2022-22827 * SECURITY UPDATE: Signed integer overflow - debian/patches/CVE-2022-23852-*.patch: detect and prevent integer overflow in XML_GetBuffer in expat/lib/xmlparse.c and adds test to cover it in tests/runtests.c. - CVE-2022-23852 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-23990.patch: prevent integer overflow in doProlog in lib/xmlparse.c. - CVE-2022-23990 * SECURITY UPDATE: Incomplete validation encoding - debian/patches/CVE-2022-25235-*.patch: adds missing validation and adds tests in expat/lib/xmltok_impl.c, expat/tests/runtests.c. - CVE-2022-25235 * SECURITY UPDATE: Namespace-separator insertions - debian/patches/CVE-2022-25236-*.patch: Protect against malicious namespace declarations in expat/lib/xmlparse.c, expat/tests/runtests.c. - CVE-2022-25236 * debian/patches/fixing_tests.patch: fixing tests in order to it work in xenial and oldest releases. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Stack exhaustion - debian/patches/CVE-2022-25313.patch: prevent stack exhaustion in build_model in expat/lib/xmlparse.c. - debian/patches/fix-build_model-regression.patch: fix build_model regression in expat/lib/xmlparse.c. - CVE-2022-25313 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-25315.patch: prevent integer overflow in storeRawNames in expat/lib/xmlparse.c. - CVE-2022-25315 * SECURITY UPDATE: relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters and possibly regressions - debian/patches/CVE-2022-25236-3.patch: add a note on namespace URI validation in expat/doc/reference.html, expat/lib/expat.h. - debian/patches/CVE-2022-25236-4.patch: document namespace separator effect right in header expat/lib/expat.h. - debian/patches/CVE-2022-25236-5.patch: cover relaxed fix in tests. - debian/patches/CVE-2022-25236-6.patch: relax fix with regard to RFC 3986 URI characters in expat/lib/xmlparse.c. (LP: #1963903) * fix tests adding XCS definition - debian/patches/fix_test_xcs.patch: in tests/runtests.c. * SECURITY UPDATE: Realloc misbehavior - debian/patches/CVE-2021-45960.patch: detect and prevent troublesome left shifts in function storeAtts in lib/xmlparse.c. - CVE-2021-45960 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-46143.patch: prevent integer overflow on m_groupSize in function doProlog in lib/xmlparse.c. - CVE-2021-46143 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-22822-to-CVE-2022-22827.patch: prevent integer overflow in multiple places in lib/xmlparse.c. - CVE-2022-22822 - CVE-2022-22823 - CVE-2022-22824 - CVE-2022-22825 - CVE-2022-22826 - CVE-2022-22827 * SECURITY UPDATE: Signed integer overflow - debian/patches/CVE-2022-23852-*.patch: detect and prevent integer overflow in XML_GetBuffer in expat/lib/xmlparse.c and adds test to cover it in tests/runtests.c. - CVE-2022-23852 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-23990.patch: prevent integer overflow in doProlog in lib/xmlparse.c. - CVE-2022-23990 * SECURITY UPDATE: Incomplete validation encoding - debian/patches/CVE-2022-25235-*.patch: adds missing validation and adds tests in expat/lib/xmltok_impl.c, expat/tests/runtests.c. - CVE-2022-25235 * SECURITY UPDATE: Namespace-separator insertions - debian/patches/CVE-2022-25236-*.patch: Protect against malicious namespace declarations in expat/lib/xmlparse.c, expat/tests/runtests.c. - CVE-2022-25236 * debian/patches/fixing_tests.patch: fixing tests in order to it work in xenial and oldest releases.

0 cloudlinux-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els1_amd64.deb fd77e7030215cf639d20351c8ca91702cb02157f libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els1_amd64.deb 41d791dc54424146a30212bfc8df456c69e79ed5 libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els1_amd64.deb 1e303d969aee0a45eb9f1ea00e0a3761c1670d66 CLSA-2022:1660761395 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: arbitrary file write vulnerability via malicious rysnc server (MITM attack) - debian/patches/CVE-2022-29154.patch: add extra file-list safety checks. - CVE-2022-29154 * Fix noatime patch to build the testsuite and enable it in debian/rules Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: arbitrary file write vulnerability via malicious rysnc server (MITM attack) - debian/patches/CVE-2022-29154.patch: add extra file-list safety checks. - CVE-2022-29154 * Fix noatime patch to build the testsuite and enable it in debian/rules

0 cloudlinux-ubuntu16.04-els rsync_3.1.1-3ubuntu1.3+tuxcare.els2_amd64.deb ecc358140c054c995b4d287b811bba9233502eaf CLSA-2022:1660761469 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Illegal memory access when pattern starts with illegal byte - debian/patches/CVE-2022-2581.patch: Do not match a character with an illegal byte - CVE-2022-2581 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Illegal memory access when pattern starts with illegal byte - debian/patches/CVE-2022-2581.patch: Do not match a character with an illegal byte - CVE-2022-2581

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 263b6b5a6870144d7c95a49b493f43f33cb57c08 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb a05ac45ac2194bf7ae50ad830367b61b84f45fe1 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb c9caec443ac3d1cb0f3d72c31fd04e0877353332 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 4181ccb5916d7ec338c4753c3b36c0fdac2a3f9a vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els26_all.deb c142992d80fafd9e74b6343dcdc694f6af9f1798 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 2155f222e7a15f0e2180702b3061d1bb19e68de1 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb e23167bdffabe9bb8ebd570c2e64d973568e33d8 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 946775b502e9435322c2463c2ae5cb08c8fd78a9 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 6a905f15fc81164ebd2c5b96c5bde743260527e7 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb f3989a49587af0384a223980f421afc1771bca9c vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb cffce0845caf8fc61a9f39f0124ae873c3b723fc vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els26_all.deb 014478ca20f535079783a6f8a748d2b4f5151929 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 6fdcfc90d0ee901664ffb634c1ca2292e6b6c1ce vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 61a2d20caccad06b3abe9cbf16f1d5c121f8feaf vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els26_all.deb a08770da29c66db1e202e3acd89b13a7822b8f5a vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els26_amd64.deb 812e9914726175a2060a1c530f4b5e92192e2960 CLSA-2022:1660810242 Copyright 2021 Cloud Linux Inc 0 * Security fixes: - JDK-8148005: One byte may be corrupted by get_datetime_string() Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Security fixes: - JDK-8148005: One byte may be corrupted by get_datetime_string()

0 cloudlinux-ubuntu16.04-els openjdk-8-demo_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb 78f5ec1cb68041a4af2a5bbc332f99df2235db59 openjdk-8-doc_8u342-b07-0ubuntu1~16.04+tuxcare.els2_all.deb 171043fb9091e62a2b54da6c9a00503d05bc59c8 openjdk-8-jdk_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb 3a0bd3e0eacaa0fc3d58af7a48f8144daccd487d openjdk-8-jdk-headless_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb b6434b382321339686094bcf76c54c22084d7433 openjdk-8-jre_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb ee57cfe542cf736a8d616605a94949065d5c9aef openjdk-8-jre-headless_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb e1ea5b18202e34dccf5eb2a488d1a48b58ede1d6 openjdk-8-jre-jamvm_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb 8e2654d9c9ab62bf8fe0e4dd2f824dcc19160660 openjdk-8-jre-zero_8u342-b07-0ubuntu1~16.04+tuxcare.els2_amd64.deb aa09004154072ba01df3fedfed583a5cc3da1400 openjdk-8-source_8u342-b07-0ubuntu1~16.04+tuxcare.els2_all.deb 088574aff9ec65c83af8daa78b073b17caeb390b CLSA-2022:1661173301 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: When curl less than 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. - debian/patches/CVE-2022-32208.patch: krb5: return error properly on decode errors - CVE-2022-32208 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: When curl less than 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. - debian/patches/CVE-2022-32208.patch: krb5: return error properly on decode errors - CVE-2022-32208

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb 7103491c09de2f6d86e98330d3f3834213a238ed libcurl3_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb e002be08a2d0eaa86ea4e7ab5cd4bb77bee51086 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb bb06512efd3f9bfc8be0f29be63f0c90a86c8dae libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb 522ff9a9c44095e4b7e8b4cf9a76f69057d51eed libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els4_all.deb e0eb38e33d834f230fe165d50385015f1374bd24 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb 697c85b1e2d46db30e346f3b29b6ad78f73cd831 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb 4abfc42bb7843ea220aa732a4a27e9af0f3111f1 libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els4_amd64.deb 03c2f215d39635d95c424584009b98872f98a71a CLSA-2022:1661173443 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: exim heap overflow in host_name_lookup() - debian/patches/CVE-2022-37452.patch: fix host_name_lookup - CVE-2022-37452 * SECURITY UPDATE: invalid free in pam_converse in auths/call_pam.c - debian/patches/CVE-2022-37451.patch: fix PAM auth - CVE-2022-37451 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: exim heap overflow in host_name_lookup() - debian/patches/CVE-2022-37452.patch: fix host_name_lookup - CVE-2022-37452 * SECURITY UPDATE: invalid free in pam_converse in auths/call_pam.c - debian/patches/CVE-2022-37451.patch: fix PAM auth - CVE-2022-37451

0 cloudlinux-ubuntu16.04-els exim4_4.86.2-2ubuntu2.6+tuxcare.els2_all.deb 573f0c5f965a48b74e6b6b3ad29e5dc69ac6ff0b exim4-base_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb 77fb07b63247d6d14e4b1eba2254c36f18344422 exim4-config_4.86.2-2ubuntu2.6+tuxcare.els2_all.deb aea28b7cd6bc8d59fc04d3c47ea2f1bc4d1761f0 exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb a99a8047cf208d03e499703898d976746453b9dc exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb c3d35a9fea47f160f5113488e667c835e741451d exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb fbc17040059153dc2b808872657abf838e7b231d eximon4_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb 64c95dcbe8dba148966f83055788cdbcbd0ae9cd CLSA-2022:1662658118 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: arbitrary file write vulnerability via malicious rsync server (MITM attack), refactoring - debian/patches/CVE-2022-29154-0.patch: prepare for CVE-2022-29154 patch - debian/patches/CVE-2022-29154-1.patch: add extra file-list safety checks - CVE-2022-29154 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: arbitrary file write vulnerability via malicious rsync server (MITM attack), refactoring - debian/patches/CVE-2022-29154-0.patch: prepare for CVE-2022-29154 patch - debian/patches/CVE-2022-29154-1.patch: add extra file-list safety checks - CVE-2022-29154

0 cloudlinux-ubuntu16.04-els rsync_3.1.1-3ubuntu1.3+tuxcare.els4_amd64.deb 34107c96cb87c3f80596c0d6aa4abffca13a1e58 CLSA-2022:1663184406 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Redirection vulnerability in http.server - debian/patches/CVE-2021-28861.patch: Fix an open redirection vulnerability in the `http.server` module when an URI path starts with `//`. - CVE-2021-28861 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Redirection vulnerability in http.server - debian/patches/CVE-2021-28861.patch: Fix an open redirection vulnerability in the `http.server` module when an URI path starts with `//`. - CVE-2021-28861

0 cloudlinux-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_all.deb fc5a0ecfc45d5340320d44f78488a339c7ab43af libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb 93b8dd06092b94ac8bf179891deb3b461485534d libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb 7f6e7fb77d8b9bec45ec3559b2a1545f988ab60f libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb 1088b350eb9e93fcc22d747839f396456af2d79d libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb 997501ea184d76489d4390d3a62bbb63a8c76fef libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_all.deb 30a754fe751803f804aa54a455ddea7b147a07c8 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb f9d853009e5642ee93ac88823aee77c4fffebd84 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb cbbc92464f8d7b8ebc277e3c2a287a5b0a667da8 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_all.deb c00405c9670c504449ec8a35660aa0ac9474c40f python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_all.deb 95fe345fe4b9c63bd7b133ab9eda3dabb50982a2 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb 2f77e6f0d0173c9b09025806fac6e07a7b69f4d2 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els6_amd64.deb 98a57154ea81efeb2a2b6895e82d26b096e77536 CLSA-2022:1663184487 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: When curl sends back to an HTTP(S) server cookies with control bytes, it might make the server return a 400 response - debian/patches/CVE-2022-35252.patch: reject cookies with control bytes 0x01-0x1f (except 0x09) plus 0x7f - CVE-2022-35252 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: When curl sends back to an HTTP(S) server cookies with control bytes, it might make the server return a 400 response - debian/patches/CVE-2022-35252.patch: reject cookies with control bytes 0x01-0x1f (except 0x09) plus 0x7f - CVE-2022-35252

0 cloudlinux-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb 6a8505214b0e0ac9679da0e7570f7217c6d11a4d libcurl3_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb 1875b2cbf45adb799a0eeb5ccab3f6b955bf4420 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb 5b35c1af719dd7fdf9f0b855f91ef1c023583285 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb 6ac2ed84a2a8718bef42be677ae5843422c04689 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els5_all.deb 6b19dbdb15519cd158e5ef3f4b33b1fd0974bcf9 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb 3dbb3d3709d36c485abd4a8e32c8deecd19e101e libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb 861b6488b06623ae46ca413184d089eb58d8190e libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els5_amd64.deb cea48e88ea3afa13dfca9b829bc0647feecccd21 CLSA-2022:1664192553 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Unsafe exiting internalEntityParser - debian/patches/CVE-2022-40674.patch: Ensure raw tagnames are safe exiting internalEntityParser - CVE-2022-40674 * tests were activated * some leaks fixed: - debian/patches/fix-leak-xmlparse.patch: tidy up attribute prefix bindings on error (fixes #17) - debian/patches/fix-tests-leak.patch: free the external entity parser in external_entity_loader_set_encoding() - debian/patches/fix-tests-leak2.patch: free the content model in dummy_element_decl_handler() - debian/patches/dispose-test-stuff.patch: removes some of the memory leaks discovered by AddressSanitizer in the test suite (Issue #23) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Unsafe exiting internalEntityParser - debian/patches/CVE-2022-40674.patch: Ensure raw tagnames are safe exiting internalEntityParser - CVE-2022-40674 * tests were activated * some leaks fixed: - debian/patches/fix-leak-xmlparse.patch: tidy up attribute prefix bindings on error (fixes #17) - debian/patches/fix-tests-leak.patch: free the external entity parser in external_entity_loader_set_encoding() - debian/patches/fix-tests-leak2.patch: free the content model in dummy_element_decl_handler() - debian/patches/dispose-test-stuff.patch: removes some of the memory leaks discovered by AddressSanitizer in the test suite (Issue #23)

0 cloudlinux-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els2_amd64.deb eb4834174a039ca1bac8398ad2f992fb272469a6 libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els2_amd64.deb 2cad8402d84e8381b68993a92991a8ad9ec3c240 libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els2_amd64.deb 63ed6fd400ef8b8c0d432151f7bc2b1d27bb6b7c CLSA-2022:1664475166 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: degrade resolver performance - debian/patches/CVE-2022-2795.patch: adds limits in fctx_getaddresses to avoid spending excessive amounts of time on processing large delegations in resolver code in lib/dns/resolver.c. - CVE-2022-2795 * SECURITY UPDATE: memory leak - debian/patches/CVE-2022-38177.patch: avoid return DST_RET when there is a signature length mismatch in lib/dns/opensslecdsa_link.c. - CVE-2022-38177 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: degrade resolver performance - debian/patches/CVE-2022-2795.patch: adds limits in fctx_getaddresses to avoid spending excessive amounts of time on processing large delegations in resolver code in lib/dns/resolver.c. - CVE-2022-2795 * SECURITY UPDATE: memory leak - debian/patches/CVE-2022-38177.patch: avoid return DST_RET when there is a signature length mismatch in lib/dns/opensslecdsa_link.c. - CVE-2022-38177

0 cloudlinux-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 3138adc7bd13de0fdededd7110032ed095ba9cc7 bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_all.deb 02900a816de49551c8e4f0a3049e2f29efee91f3 bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb e02a746dc7e78a69d156bad84091a974db987423 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 570b673addf5a6eeaed1144bac324ecff93442c7 dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 62bfda5227783a2b027a46e90f2797179c765aea host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_all.deb 49e0c43c9ceb5c7aa396ff0c289da4018f27e77c libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 04be1c4cbd0eacec5afc1e42006b1a11f2fc955c libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 7a40e2fd5c5da36b966e68cedb3f8ae486cfbc01 libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 6821fc7f77f07cff6435b6f74360f235d3c833c7 libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 3e527374eacc38073e1313e2704f220b75dce9c0 libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 618d14fecfbfa1ecb6c637f5c666dbba64f3a12d libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb e230a4e9ea854ddad416f61419fc82bafc352ff1 libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb c593522aa50e43e76f907ebc38eb44810c4f764e libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 36ce1924741eac7278136b89e61d4799a5482713 libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 2ba0d573201b46bee457091793f29ad1651be81b libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 5b2a189a099ff66ce2deb1e213b2944f43793f2c libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 8d4b718aa66cf8355ac5976df450fe31a60083fa libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb a9262e963fe73f594fdcbf07ecae58dba4563119 libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 3bcc7691ede99d0a72a4d3f6e478e163abb77eee liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb ac4298f72617911e12a51e86b33e4869a5b0300e lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb 65104cef374938a2fb0e289ebd0384629961e7a4 CLSA-2022:1664475299 Copyright 2021 Cloud Linux Inc 0 * SECURITY_UPDATE: Using freed memory when autocmd changes mark - debian/patches/CVE-2022-3256.patch: Copy the mark before editing another buffer - CVE-2022-3256 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY_UPDATE: Using freed memory when autocmd changes mark - debian/patches/CVE-2022-3256.patch: Copy the mark before editing another buffer - CVE-2022-3256

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb a09e12a3a07184c599fca7bd39716f9a58fd9fb4 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb 52720fc4a989f01ced37d76f3a8b10b03f0667b5 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb fc0533f599f71adcb152de7e06792e4cce2c5dc3 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb f5bce2c64baafc0b8cfe65d68a24d6148103372d vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els31_all.deb f07f1414467dc2612cc7dd9f109ce56f3fb17a96 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb 63b587f20ea82c398cb99e0d5a47582238bec8e2 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb ed5e547056d4d9b9fd7fa69be0a7f32d6198838a vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb b41a0cb4cf530c60277c0390d0bba471a1a01d22 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb 14a6c30e1af09b6d7f763c3f3224feda6ed20bc5 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb f533956c0fd7b529b32f9d0a996912c1616ac587 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb 52a8a90232d27f8371fe1fff8a0e367382e6e3b8 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els31_all.deb 7335d95ebb3ca18926511b9e372fecc7d07ef775 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb fa660978df228468f99cb6df26ed913c4e733fef vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb f1b928ef7a87ae3e016692dc2b6cb6fd4c57bafc vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els31_all.deb c2460088ba5de0ee7762295281e1c3c3f012ae2e vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els31_amd64.deb c3f6d71f11ca8391d0106b9d6c9a43d09312a7bb CLSA-2022:1664799239 Copyright 2021 Cloud Linux Inc 0 * Bump epoch * Disable ESM notification after installation: - remove ESM hook for apt-system - remove ESM infra/apps repositories from apt sources list * Automatically mark some pytest to skip if FIPS kernel is running in a disabled state (they always fail in this mode) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump epoch * Disable ESM notification after installation: - remove ESM hook for apt-system - remove ESM infra/apps repositories from apt sources list * Automatically mark some pytest to skip if FIPS kernel is running in a disabled state (they always fail in this mode)

0 cloudlinux-ubuntu16.04-els ubuntu-advantage-pro_27.10.1~16.04.1+tuxcare.els1_all.deb 70da1c82991ddb36b9070a198e9bc6576b8ad85b ubuntu-advantage-tools_27.10.1~16.04.1+tuxcare.els1_amd64.deb fc54498f8d1ccb5d3d85be162d767131d60d39ce CLSA-2022:1665428667 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Buffer overrun from integer overflow - debian/patches/CVE-2021-32027.patch: Prevent integer overflows in array subscripting calculations - CVE-2021-32027 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overrun from integer overflow - debian/patches/CVE-2021-32027.patch: Prevent integer overflows in array subscripting calculations - CVE-2021-32027

0 cloudlinux-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb f765e7e5ae107d08c3b9829e243eacef249019d0 libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb d667760448586d92ab4802994c9b8a9a9a98baea libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb 862deb9d531566f3bc0369528458af4bff69c83b libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb 362067e7d8eb1f3b145eab5f40d4dbe2b8154228 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb fddecfaa79653501bc5d2a2a4d22eb6825d90fe7 libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb eb26dd0e037b28a3772c783fb1f77f54cb2381d8 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb 39e50ee30e079232d87fad6702c79ad3c331fd96 postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb df56b655d3e4f9414f4f4128f23560d2b9f6600f postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb b6e3aef4044d98ef0e7432526b27f790fdde65cb postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_all.deb 900b6a37a6a3b1b8d523eb2a236f68d0979ab794 postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb dc3923b7e147bf0d90317e799abcbdbcfecfe0be postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb 3d251d327f8f1f1bb251433c0032f627200fc578 postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb e2ebf51d56423343643eddbd8f1bd42367ef8043 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb 2ea40a47e186b008eacd7d74b1faf6d539d42197 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els2_amd64.deb 72ab09e03dcf537f6753aa6d0c855c4de6815bc1 CLSA-2022:1665428733 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: segfault in sqlite3ExprCodeTarget - debian/patches/CVE-2020-13435.patch: tries to prevent a recurrence of problems. - CVE-2020-13425 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: segfault in sqlite3ExprCodeTarget - debian/patches/CVE-2020-13435.patch: tries to prevent a recurrence of problems. - CVE-2020-13425

0 cloudlinux-ubuntu16.04-els lemon_3.11.0-1ubuntu1.5+tuxcare.els2_amd64.deb b7b5ac8ecb7c303cc49ed529d4ac7f7de8cc84ed libsqlite3-0_3.11.0-1ubuntu1.5+tuxcare.els2_amd64.deb 055920f8e88e69b587c311dd565f37fbb30c1e3b libsqlite3-dev_3.11.0-1ubuntu1.5+tuxcare.els2_amd64.deb b41a4898c6b6e9dec5aa4d1eab19eafd2582a5ee libsqlite3-tcl_3.11.0-1ubuntu1.5+tuxcare.els2_amd64.deb c16399d59b8c0dbefd91c2104befc941e3251791 sqlite3_3.11.0-1ubuntu1.5+tuxcare.els2_amd64.deb 45d8e69b2696c9107e8a30d13c25e0913bfbf5ea sqlite3-doc_3.11.0-1ubuntu1.5+tuxcare.els2_all.deb 55e32187cf49363c8e89b1278253ab30e5970582 CLSA-2022:1665502073 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: buffer-over-read in SSPI and SMB authentication - debian/patches/CVE-2022-41318.patch: improve debugs and checks sequence to clarify cases and ensure that all are handled correctly in lib/ntlmauth/ntlmauth.cc - CVE-2022-41318 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer-over-read in SSPI and SMB authentication - debian/patches/CVE-2022-41318.patch: improve debugs and checks sequence to clarify cases and ensure that all are handled correctly in lib/ntlmauth/ntlmauth.cc - CVE-2022-41318

0 cloudlinux-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els2_amd64.deb 315784fe26259feef7ce21e907f03fb686c59da2 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els2_amd64.deb a49d94cc09f8980fb5efe17c4d99d04cb3a1bc21 squid-common_3.5.12-1ubuntu7.17+tuxcare.els2_all.deb 543db0f46cec9786b962206b50e7a20debae1aab squid-purge_3.5.12-1ubuntu7.17+tuxcare.els2_amd64.deb 83fa07e01f1504167ef91fb846445be7ad72e59a squid3_3.5.12-1ubuntu7.17+tuxcare.els2_all.deb 46d916e0c53bdd853b2d5c4a20ca183a168e5df5 squidclient_3.5.12-1ubuntu7.17+tuxcare.els2_amd64.deb 8cdcff5e630def64dde3dbf64206756f818a9226 CLSA-2022:1665680932 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Buffer underflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: Check CSF_TRY can be found - CVE-2022-3296 * SECURITY UPDATE: Using negative array index with negative width window - debian/patches/CVE-2022-3324.patch: Make sure the window width does not become negative - CVE-2022-3324 * Fix Makefile: - debian/patches/fix-tests.patch: add some tests Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer underflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: Check CSF_TRY can be found - CVE-2022-3296 * SECURITY UPDATE: Using negative array index with negative width window - debian/patches/CVE-2022-3324.patch: Make sure the window width does not become negative - CVE-2022-3324 * Fix Makefile: - debian/patches/fix-tests.patch: add some tests

0 cloudlinux-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 398f9ad37344e7d686ec742e1305a1a26936e5d6 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb afd11194c2095fb513c7d3e06bdfea61a2e9220d vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 5fe911b9ced16df547e27ae03c4426e3bfb14788 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 49bf065a3cbbd71b93c21fdbbe6cad2d48b4c40e vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els32_all.deb 49d0fadcdf482aa8d9a9e65b26f708eb722606e8 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb d098c05499e3174d9cf1b313c2f7525900a2e3b0 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 53824bb02bd15733e913638a7ddf1e47b72cd276 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb ff4a0e1d4f95e7d84f6a6971cafa1ccf4f69e984 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 2a2570bd79d820b21719017023d1a20bc4601551 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 9d9d66f13afc229d6e92dc95df516d096e9dfdda vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 94faed7cc805de59b221407a2f5f0c4e998f3130 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els32_all.deb 8d8372d12d012046edd0b9db13bc1affe2b3859b vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 214c4ef77794d0c7492d14107343c3099ddb0346 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 0100a21b7a7cac14f9c20625ccf7c93ad6444beb vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els32_all.deb 2426f1548cf09edd58d8513ab3f6e5b4955fb255 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els32_amd64.deb 2ee52b7714b5fb87d7fb27349807957c46d57d7a CLSA-2022:1665681071 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Exposed sensitive information - debian/patches/CVE-2022-2806.patch: filter out all password keys in sos/report/plugins/ovirt.py - CVE-2022-2806 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Exposed sensitive information - debian/patches/CVE-2022-2806.patch: filter out all password keys in sos/report/plugins/ovirt.py - CVE-2022-2806

0 cloudlinux-ubuntu16.04-els sosreport_3.9.1-1ubuntu0.16.04.2+tuxcare.els1_amd64.deb 95679282e26ebdca6b0642c2d35a85453964c54a CLSA-2022:1666011324 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2017-17122-pre1.patch: change bfd_get_size/bfd_get_file_size to ufile_ptr. - debian/patches/CVE-2017-17122.patch: stop objdump from attempting to allocate a huge chunk of memory when parsing relocs in a corrupt file. - CVE-2017-17122 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2019-1010204.patch: check start parameter before computing number of bytes to read. - CVE-2019-1010204 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow - debian/patches/CVE-2017-17122-pre1.patch: change bfd_get_size/bfd_get_file_size to ufile_ptr. - debian/patches/CVE-2017-17122.patch: stop objdump from attempting to allocate a huge chunk of memory when parsing relocs in a corrupt file. - CVE-2017-17122 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2019-1010204.patch: check start parameter before computing number of bytes to read. - CVE-2019-1010204

0 cloudlinux-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 902f1378b4ca0c819d3be09e2d39e8c37949efb3 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 799020ed256d4e7c6194c1dcd55279437b3c356b binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb ac1b7ff9e53ddffc3a7d831efe8d2af1a604e288 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 3105a500707509b0a26a1504aee32aaaeb087751 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb bc1eeb38efa111ce46711949919bec76d02994a1 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 2cd5463ee5c091f4c149226ff61b47a06caf8e9d binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_all.deb 223b8d7ce8f6a85f4ada498c87e461d553f4d44a binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 3a9bb53ba7817a47e99e802ee42b060537806611 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 7e8efc459a7afbc0b55ebe359b02894a71f6a7a2 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 2f3448fd93a82df36516986595eee2c1254a72a3 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 78ca8fc9ba62bafe3ecf38a619baa807b7c2d0a3 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 84d79b7503db62874604b30de2a9fc2480709d96 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb f8f3e610de228c0cfac066b6b2442d0930267f74 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 434f4848b712b4e17f4b5b35f904daa0ba6fdc3f binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 2172382a8accbfd150dd3b320607b030ea8c510b binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb c044c4b198c653d84ab8f91519bd48289315322e binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 0a77f53a703e99238bfe1f75d5b7c7cb4fd433a8 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 4071c4f7aff9e68ee5c06e82c28e25e05e0c9a72 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 07ab61859e44c0ddbd2768b90e20dcc930257ba9 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 61051c4328f27721b8558e51ae86081119e7e30e binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 43a9e3f3e2d566890b866d893d314217a2d22c25 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb 8483b3551c22215345dc71cbf301d1af8f01b054 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_all.deb 87d3e0b96abf20f2b0d1e151b2905b5fab73d9b2 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els4_amd64.deb a3c6213835c3f79f3b8884cbfce5cef885043b50 CLSA-2022:1666192732 Copyright 2021 Cloud Linux Inc 0 * SECURITY UPDATE: Privileged arbitrary SQL function execution - debian/patches/CVE-2022-1552-1.patch: Make relation-enumerating operations be security-restricted operations - debian/patches/CVE-2022-1552-2.patch: In REFRESH MATERIALIZED VIEW, set user ID before running user code - CVE-2022-1552 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Privileged arbitrary SQL function execution - debian/patches/CVE-2022-1552-1.patch: Make relation-enumerating operations be security-restricted operations - debian/patches/CVE-2022-1552-2.patch: In REFRESH MATERIALIZED VIEW, set user ID before running user code - CVE-2022-1552

0 cloudlinux-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 22ad8b19efea1803f3678f588d7149e0ead166a2 libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 2c7f43fa794c1b67c72071b49a7abed64430d5af libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 730d4225f6660520bb9dcfaede1105c285b60071 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb b7c7cf5431dddb517e7c2ba00881d164db2e3384 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 78d3d1e75c20b5cb997c83d862a5484860ca6d83 libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 3d913c503d810f58b474e0f7b2392644e3290d20 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb e7b75d1e4813917f8db6b6f431d0b4b97acf74d8 postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 8a026160b294f2eddba7d562d9771582b55e683d postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 48fb9c0981fc2fb636d882b2a6835e20393438ec postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_all.deb e451b29e82f219d672062d88d72862083731fc6b postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb e80de868f8e7ecd74b36799608bb60da0fcf93e7 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb aba74fa6c795dca3d0f233fbc387589b81e362ee postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb f766b89b1bbb0a49f97bb6a78898e4327b3104ff postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb 9ebc4443d9cf0a42fb99caf6a42abd1330c30897 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els3_amd64.deb a452e945aaa6459883bc3eeb82c7033bc0910180 CLSA-2022:1667412749 TuxCare License Agreement 0 * SECURITY UPDATE: Fix overeager DTD destruction - debian/patches/CVE-2022-43680: Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations - CVE-2022-43680 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix overeager DTD destruction - debian/patches/CVE-2022-43680: Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations - CVE-2022-43680

0 tuxcare-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els3_amd64.deb 1710c697eb6e83cb9cfed37ef4e7cb97584d534f libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els3_amd64.deb a7d027ab2e203d03ef0a8e20e44a6df43d9911c4 libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els3_amd64.deb 0afab4787cd146a4d85ec16b196b13365f0eb8bc CLSA-2022:1667414297 TuxCare License Agreement 0 * CVE-2021-44879 - [ELSCVE-3342] f2fs: fix to do sanity check on inode type during garbage collection Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2021-44879 - [ELSCVE-3342] f2fs: fix to do sanity check on inode type during garbage collection

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb e6a2338ba6f52b0fb8c70b44673b6a6ac40fd709 linux-buildinfo-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 7a19853e9fa53d86da9ac27e9bb2e17bc783f1e6 linux-cloud-tools-4.4.0-235-tuxcare.els6_4.4.0-235.269_amd64.deb 67425944d6d2974176b5bc0d88cf5573dee9f43f linux-cloud-tools-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 7b68d05c1947c7ed7f434ca8cf3502c822a42b13 linux-cloud-tools-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 86b45c05a1a02127827c76b8ca2f6a5f8bceea3a linux-cloud-tools-common_4.4.0-235.269_all.deb f840360be396dd893bc7a74945baccb40b0797b4 linux-cloud-tools-generic_4.4.0.235.269_amd64.deb 758731b30a9348e7d6a73eb3621e37e766605eea linux-cloud-tools-lowlatency_4.4.0.235.269_amd64.deb d6233c9a968cb9ec6fde41a93cb19625d375c9dc linux-crashdump_4.4.0.235.269_amd64.deb 5a3af12be07d85093b20259bd79d14c19f8470e7 linux-doc_4.4.0-235.269_all.deb 4e7517b2a5f779c3fc356df4e4099bfae43ec198 linux-generic_4.4.0.235.269_amd64.deb 7469438ee1737b4bc210d5f03831ddbf0cb98c32 linux-headers-4.4.0-235-tuxcare.els6_4.4.0-235.269_all.deb a2fa45350d9df54edf15008af5d74e76dd397622 linux-headers-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb e184d404d561ff6f95dbe8e76b9641bb2c77d0f3 linux-headers-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb be9521ff382de64b3e2c5e17957c63d7659dd61f linux-headers-generic_4.4.0.235.269_amd64.deb 1aa30fba6ada62794560e08ab4297f8acb3cab13 linux-headers-lowlatency_4.4.0.235.269_amd64.deb f95c55a6ba2959819f863bb650d9e689607f3755 linux-image-generic_4.4.0.235.269_amd64.deb 7b13f7fec9597336bf42cb6294427433306abcc0 linux-image-lowlatency_4.4.0.235.269_amd64.deb d83e3f84c4df73657033a2d70ee766f967308281 linux-image-unsigned-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb a35091094748a8ac62d415ab910e53b6547f45b6 linux-image-unsigned-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 9c0ad627160b90d5fe7665d5a36a5fe1abf14bc9 linux-libc-dev_4.4.0-235.269_amd64.deb 9069b20be47d7174776f44ff3bb5b9507bcec07d linux-lowlatency_4.4.0.235.269_amd64.deb de617a8e6b693914a8eb476e3218b34be87ed4a3 linux-modules-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 70442f852af6fd48a48aecca38295f9e30bf89db linux-modules-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 32ab4257729bbc8b79d56a8755bd031d7d69806c linux-modules-extra-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 327efa5a39f6f1a7d5e1c623d37a011298165c88 linux-source_4.4.0.235.269_all.deb ac54ccc228fb37552cd73ec07b5fdab7df8a9cf9 linux-source-4.4.0_4.4.0-235.269_all.deb 4fa7eab0341ffa31d08840d7a3151419d911d26c linux-tools-4.4.0-235-tuxcare.els6_4.4.0-235.269_amd64.deb 914e268d615eff2daf2dc4a0fd1d02bdae787f52 linux-tools-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 3f91f0d3baf53dd72b1a4e2338522376391bae14 linux-tools-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 5918dad46920ed26a99e9aa32751d6b0dc739b0e linux-tools-common_4.4.0-235.269_all.deb da10506e845932f469436a6ef6757074a2d410d3 linux-tools-generic_4.4.0.235.269_amd64.deb 8dc0191868d81021a8e46ff77b226a57220ef139 linux-tools-host_4.4.0-235.269_all.deb 7cded94d410a8a79fb8a3396cf1258e7f2ca04b3 linux-tools-lowlatency_4.4.0.235.269_amd64.deb 54f6272be6742eafc53d3c12cd869d343e2009ab CLSA-2022:1667416255 TuxCare License Agreement 0 * CVE-2021-44879 - [ELSCVE-3342] f2fs: fix to do sanity check on inode type during garbage collection Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2021-44879 - [ELSCVE-3342] f2fs: fix to do sanity check on inode type during garbage collection

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb e6a2338ba6f52b0fb8c70b44673b6a6ac40fd709 linux-buildinfo-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 7a19853e9fa53d86da9ac27e9bb2e17bc783f1e6 linux-cloud-tools-4.4.0-235-tuxcare.els6_4.4.0-235.269_amd64.deb 67425944d6d2974176b5bc0d88cf5573dee9f43f linux-cloud-tools-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 7b68d05c1947c7ed7f434ca8cf3502c822a42b13 linux-cloud-tools-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 86b45c05a1a02127827c76b8ca2f6a5f8bceea3a linux-cloud-tools-common_4.4.0-235.269_all.deb f840360be396dd893bc7a74945baccb40b0797b4 linux-cloud-tools-generic_4.4.0.235.269_amd64.deb 758731b30a9348e7d6a73eb3621e37e766605eea linux-cloud-tools-lowlatency_4.4.0.235.269_amd64.deb d6233c9a968cb9ec6fde41a93cb19625d375c9dc linux-crashdump_4.4.0.235.269_amd64.deb 5a3af12be07d85093b20259bd79d14c19f8470e7 linux-doc_4.4.0-235.269_all.deb 4e7517b2a5f779c3fc356df4e4099bfae43ec198 linux-generic_4.4.0.235.269_amd64.deb 7469438ee1737b4bc210d5f03831ddbf0cb98c32 linux-headers-4.4.0-235-tuxcare.els6_4.4.0-235.269_all.deb a2fa45350d9df54edf15008af5d74e76dd397622 linux-headers-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb e184d404d561ff6f95dbe8e76b9641bb2c77d0f3 linux-headers-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb be9521ff382de64b3e2c5e17957c63d7659dd61f linux-headers-generic_4.4.0.235.269_amd64.deb 1aa30fba6ada62794560e08ab4297f8acb3cab13 linux-headers-lowlatency_4.4.0.235.269_amd64.deb f95c55a6ba2959819f863bb650d9e689607f3755 linux-image-generic_4.4.0.235.269_amd64.deb 7b13f7fec9597336bf42cb6294427433306abcc0 linux-image-lowlatency_4.4.0.235.269_amd64.deb d83e3f84c4df73657033a2d70ee766f967308281 linux-image-unsigned-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb a35091094748a8ac62d415ab910e53b6547f45b6 linux-image-unsigned-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 9c0ad627160b90d5fe7665d5a36a5fe1abf14bc9 linux-libc-dev_4.4.0-235.269_amd64.deb 9069b20be47d7174776f44ff3bb5b9507bcec07d linux-lowlatency_4.4.0.235.269_amd64.deb de617a8e6b693914a8eb476e3218b34be87ed4a3 linux-modules-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 70442f852af6fd48a48aecca38295f9e30bf89db linux-modules-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 32ab4257729bbc8b79d56a8755bd031d7d69806c linux-modules-extra-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 327efa5a39f6f1a7d5e1c623d37a011298165c88 linux-source_4.4.0.235.269_all.deb ac54ccc228fb37552cd73ec07b5fdab7df8a9cf9 linux-source-4.4.0_4.4.0-235.269_all.deb 4fa7eab0341ffa31d08840d7a3151419d911d26c linux-tools-4.4.0-235-tuxcare.els6_4.4.0-235.269_amd64.deb 914e268d615eff2daf2dc4a0fd1d02bdae787f52 linux-tools-4.4.0-235-tuxcare.els6-generic_4.4.0-235.269_amd64.deb 3f91f0d3baf53dd72b1a4e2338522376391bae14 linux-tools-4.4.0-235-tuxcare.els6-lowlatency_4.4.0-235.269_amd64.deb 5918dad46920ed26a99e9aa32751d6b0dc739b0e linux-tools-common_4.4.0-235.269_all.deb da10506e845932f469436a6ef6757074a2d410d3 linux-tools-generic_4.4.0.235.269_amd64.deb 8dc0191868d81021a8e46ff77b226a57220ef139 linux-tools-host_4.4.0-235.269_all.deb 7cded94d410a8a79fb8a3396cf1258e7f2ca04b3 linux-tools-lowlatency_4.4.0.235.269_amd64.deb 54f6272be6742eafc53d3c12cd869d343e2009ab CLSA-2022:1667512639 TuxCare License Agreement 0 * SECURITY UPDATE: Possible cross-site scripting vulnerability in libxml2 - debian/patches/CVE-2016-3709.patch: Revert commit 960f0e27 that has some problems - CVE-2016-3709 * Fix parser termination from "Double hyphen within comment" error Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Possible cross-site scripting vulnerability in libxml2 - debian/patches/CVE-2016-3709.patch: Revert commit 960f0e27 that has some problems - CVE-2016-3709 * Fix parser termination from "Double hyphen within comment" error

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4_amd64.deb 86ae2f0dc9f6f1178cf06eb12135434974d9cc3d libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4_amd64.deb a1f835df5b01e69f2c26b6c8c4e203775d811982 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4_all.deb 06858456b81443ec613143b34e90b97d664eafab libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4_amd64.deb 4cb271dab9a7502b13c55f68e15904d9cdd0b34f python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els4_amd64.deb 0d56e45731c4d586c449e331e90a4d3722d24cf6 CLSA-2022:1667515188 TuxCare License Agreement 0 * SECURITY UPDATE: POST following PUT confusion - debian/patches/CVE-2022-32221.patch: when POST is set, reset the 'upload' field - CVE-2022-32221 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: POST following PUT confusion - debian/patches/CVE-2022-32221.patch: when POST is set, reset the 'upload' field - CVE-2022-32221

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb 28eaff62176523e7287d010ea453e6dd136aa2f8 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb 9fbf6f1593e2afbdf6abb89e5c9e0c12aa907790 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb 40f43c8feb06e8954eca9984605b0ae36d7b6fae libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb 0eb377a918e4e4aef70e52d7cf7f60c8e5e6c801 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els6_all.deb 633d95c05f0422aaeb347db6e9d8622ce7fc1f50 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb d52d1c2a3f7ae36c8656e5a055e592ca22036c6d libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb 45cb0114ce92892b8f492a92c82ce7885d94189d libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els6_amd64.deb 96cbefaae4798b3b817b2cadfa143b6ac59e32aa CLSA-2022:1668117586 TuxCare License Agreement 0 * SECURITY UPDATE: After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones - debian/patches/CVE-2019-2386.patch: Validate unique User ID on UserCache hit - CVE-2019-2386 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones - debian/patches/CVE-2019-2386.patch: Validate unique User ID on UserCache hit - CVE-2019-2386

0 tuxcare-ubuntu16.04-els mongodb_2.6.10-0ubuntu1+tuxcare.els2_amd64.deb 04ba97902d555e3c32aeca20b3d5b775b2560f96 mongodb-clients_2.6.10-0ubuntu1+tuxcare.els2_amd64.deb 49d56f142e7429cd160f5f2dec8a239e7c458ab2 mongodb-server_2.6.10-0ubuntu1+tuxcare.els2_amd64.deb 624827ca61a4cb9d2873340046e86fb01d3e6a1b CLSA-2022:1668118023 TuxCare License Agreement 0 * SECURITY UPDATE: array-bounds overflow if billions of bytes are used in a string argument to a C API - debian/patches/CVE-2022-35737.patch: increase the size of loop variables in the printf() implementation to avoid overflow. - CVE-2022-35737 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: array-bounds overflow if billions of bytes are used in a string argument to a C API - debian/patches/CVE-2022-35737.patch: increase the size of loop variables in the printf() implementation to avoid overflow. - CVE-2022-35737

0 tuxcare-ubuntu16.04-els lemon_3.11.0-1ubuntu1.5+tuxcare.els3_amd64.deb 043d1488ce344c5afbcebd38c70cf84fbfc1a48f libsqlite3-0_3.11.0-1ubuntu1.5+tuxcare.els3_amd64.deb a7310463d024b90b64e3509a250c49078af2250a libsqlite3-dev_3.11.0-1ubuntu1.5+tuxcare.els3_amd64.deb bd4da8fc489309946c1a4c5cc44dfe9696e40bfe libsqlite3-tcl_3.11.0-1ubuntu1.5+tuxcare.els3_amd64.deb 7da54e30dbbe101cf74dc19474f414cb0a6e860c sqlite3_3.11.0-1ubuntu1.5+tuxcare.els3_amd64.deb 71fb471191538bffdb84b312b2759f493198a81c sqlite3-doc_3.11.0-1ubuntu1.5+tuxcare.els3_all.deb 928e8e3df00faf1fbfb5fd16b802cbfd6f20bc67 CLSA-2022:1668118081 TuxCare License Agreement 0 * SECURITY UPDATE: Signature verification bypass - debian/patches/fixes/CVE-2020-16156.patch: recognize CANNOT_VERIFY signature verification type, add two new failure modes based on 'cpan_path' and improve interaction with external 'gpg' executable. - CVE-2020-16156 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Signature verification bypass - debian/patches/fixes/CVE-2020-16156.patch: recognize CANNOT_VERIFY signature verification type, add two new failure modes based on 'cpan_path' and improve interaction with external 'gpg' executable. - CVE-2020-16156

0 tuxcare-ubuntu16.04-els libperl-dev_5.22.1-9ubuntu0.9+tuxcare.els1_amd64.deb f1996425ff8096b5e5b5bbb2ca37f111969e1961 libperl5.22_5.22.1-9ubuntu0.9+tuxcare.els1_amd64.deb 4c85255ab6cf819c1d68abc2778326d9b28c41b4 perl_5.22.1-9ubuntu0.9+tuxcare.els1_amd64.deb ba6eec60ff084f8fabf2b901b9641840bcb0c83c perl-base_5.22.1-9ubuntu0.9+tuxcare.els1_amd64.deb 5d95610265c7891913f9e9a1bd20adbf57cbbabd perl-debug_5.22.1-9ubuntu0.9+tuxcare.els1_amd64.deb 770ad122c919ce0b6553e6a07e8f0e9c15d39f29 perl-doc_5.22.1-9ubuntu0.9+tuxcare.els1_all.deb 4925ed52265a4acf0c0741c87bbe40ea2d3b4dcc perl-modules-5.22_5.22.1-9ubuntu0.9+tuxcare.els1_all.deb 1f4cc902caeb7c510eaa0fb623139cf5884822b6 CLSA-2022:1669065608 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption and disclosure in MP4 streaming module - debian/patches/CVE-2022-41741-CVE-2022-41742.patch: disable duplicated atoms and ensure that (the most of them) appeared once in a container. - CVE-2022-41741 - CVE-2022-41742 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption and disclosure in MP4 streaming module - debian/patches/CVE-2022-41741-CVE-2022-41742.patch: disable duplicated atoms and ensure that (the most of them) appeared once in a container. - CVE-2022-41741 - CVE-2022-41742

0 tuxcare-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_all.deb 1d23658d824f19c77f5ed914f1adc5a544a34887 nginx-common_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_all.deb 826db7145bcb98bf916b033c1a2a9e74459950d7 nginx-core_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_amd64.deb ad5193766113066f8ce2baeca52606588f18193a nginx-doc_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_all.deb 7a126fb1a9c6b9ce489282e608aa54b8d8f1ae07 nginx-extras_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_amd64.deb 15790b901bf43acbe3c0668cb06ee0505e7bd176 nginx-full_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_amd64.deb 9cf9cc82899de04a7288c62694bb0f6d63d48e4e nginx-light_1.10.3-0ubuntu0.16.04.8+tuxcare.els3_amd64.deb fc3f4ddb7b2b6e7fffd93a7c0888390081b55b7d CLSA-2022:1669240747 TuxCare License Agreement 0 * SECURITY UPDATE: Update to 5.7.40 to fix security issues - CVE-2022-21589, CVE-2022-21592, CVE-2022-21608, CVE-2022-21617 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.40 to fix security issues - CVE-2022-21589, CVE-2022-21592, CVE-2022-21608, CVE-2022-21617

0 tuxcare-ubuntu16.04-els libmysqlclient-dev_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 706a8ab100c96effd2a902d175a3bf035a1b2eee libmysqlclient20_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb b444fc9becac7728c81ad0b9fdb4be265a7b84b9 libmysqld-dev_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 40816c42f538c32a4f484fc0940982f7eaa303bf mysql-client_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_all.deb 85ac2bbd7b01015dc05b6b8167f26697b5cd9e45 mysql-client-5.7_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 4c65f9eca6f0ece7396fe95bde2cac5ef47d95de mysql-client-core-5.7_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb bc8eb1a5903f5a2f6f9cf4be9199fee88aa19ff0 mysql-common_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_all.deb 62a6d6dcfc8f7df10f51adfaa6dfa48daff1c173 mysql-server_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_all.deb c1cdbef44ba240d56179906455b45e99317dd875 mysql-server-5.7_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 282c9243e67d85e45fc73b62b1c50ed3ce7ad670 mysql-server-core-5.7_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb d154d3fb852651eaeebde927813782f0e252f6ed mysql-source-5.7_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 80aa9d0ef8f3a9997f2f20a897cc1ad9f7a79378 mysql-testsuite_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_all.deb 5eac6d61de5585472f2e18ec59cdc6d2a7aa6e81 mysql-testsuite-5.7_5.7.40-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb cf5d5d10874ce6d83b87b6408812ba30dc2eb149 CLSA-2022:1669241032 TuxCare License Agreement 0 * SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061-v2.7.patch: Fix quadratic time idna decoding - CVE-2022-45061 * Make tests to be compatible with expat 2.1.0 from tuxcare.els: - debian/patches/expat-regression-v2.7.patch: Make test suite support Expat >=2.4.5 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061-v2.7.patch: Fix quadratic time idna decoding - CVE-2022-45061 * Make tests to be compatible with expat 2.1.0 from tuxcare.els: - debian/patches/expat-regression-v2.7.patch: Make test suite support Expat >=2.4.5

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_all.deb c030d580ed134bc6cd60258f71d71ea25c6d4fd2 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb 479f5ec401305c62cb3d24c57bc8645ee7c5ec84 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb 30bf9a7139da041eb255742c96f837ee4fb3d614 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb f010b22cd4b260d204f87c522e18ef3352bac4f9 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb 445de355e0b5e497b56d4f9d17752afc46db9575 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_all.deb deacddf04aa1108cbba293d9529e3f1aef1b215e python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb 9a5a560ead28d17d4ab6f955fbeaddf7d7f6ef21 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb e4c8be576f1fe35063f6e215fd3472776637738c python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_all.deb ff412f4acfee1ecb8ccae7c794bdb2385eb36535 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_all.deb 141374d267eca4d6d201c8ae10199d60241d924d python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els5_amd64.deb 25491214b2fa7e215ed46d7d1afd6d1c5df46e57 CLSA-2022:1669241224 TuxCare License Agreement 0 * SECURITY UPDATE: Use-after-free in access control-related hash tables - debian/patches/CVE-2020-35512.patch: use reference counting for DBusUserInfo and DBusGroupInfo structures. - CVE-2020-35512 * SECURITY UPDATE: Crash or incorrect parsing a signature with wrongly nested '()' and '{}' - debian/patches/CVE-2022-42010.patch: add extra checking for brackets. - CVE-2022-42010 * SECURITY UPDATE: Out-of-bounds accesses during processing of arrays made up of an integer number of items - debian/patches/CVE-2022-42011.patch: validate length of arrays of fixed-length items. - CVE-2022-42011 * SECURITY UPDATE: Crash when message type and the pointer into its contents goes out of sync - debian/patches/CVE-2022-42012.patch: byte-swap Unix fd indexes if needed. - CVE-2022-42012 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use-after-free in access control-related hash tables - debian/patches/CVE-2020-35512.patch: use reference counting for DBusUserInfo and DBusGroupInfo structures. - CVE-2020-35512 * SECURITY UPDATE: Crash or incorrect parsing a signature with wrongly nested '()' and '{}' - debian/patches/CVE-2022-42010.patch: add extra checking for brackets. - CVE-2022-42010 * SECURITY UPDATE: Out-of-bounds accesses during processing of arrays made up of an integer number of items - debian/patches/CVE-2022-42011.patch: validate length of arrays of fixed-length items. - CVE-2022-42011 * SECURITY UPDATE: Crash when message type and the pointer into its contents goes out of sync - debian/patches/CVE-2022-42012.patch: byte-swap Unix fd indexes if needed. - CVE-2022-42012

0 tuxcare-ubuntu16.04-els dbus_1.10.6-1ubuntu3.6+tuxcare.els1_amd64.deb 437523132711f68f6c5009dc821f5020bcca60ed dbus-1-doc_1.10.6-1ubuntu3.6+tuxcare.els1_all.deb 283cfce996aa3ba8777b7672e4bbf6f32df65d3e dbus-tests_1.10.6-1ubuntu3.6+tuxcare.els1_amd64.deb ab835376b5e7b9445165965c7b7848d7ab6c88d7 dbus-user-session_1.10.6-1ubuntu3.6+tuxcare.els1_all.deb 6054362549ae7dd6e077028655103772fbecad54 dbus-x11_1.10.6-1ubuntu3.6+tuxcare.els1_amd64.deb 611dc5edc1e2c0a6a7859f4be56f186a28a9b8be libdbus-1-3_1.10.6-1ubuntu3.6+tuxcare.els1_amd64.deb 09e5723b9fcff178715768ca2bc02ae2bef05b99 libdbus-1-dev_1.10.6-1ubuntu3.6+tuxcare.els1_amd64.deb abeff74cdaa3e711b30b9856d7edd23a9a6c58cb CLSA-2022:1669241475 TuxCare License Agreement 0 * SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061.patch: Fix quadratic time idna decoding - CVE-2022-45061 * Fix the tests: Certificates were expired - debian/patches/update-test-certs-and-keys.patch: Update test certs and keys Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061.patch: Fix quadratic time idna decoding - CVE-2022-45061 * Fix the tests: Certificates were expired - debian/patches/update-test-certs-and-keys.patch: Update test certs and keys

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_all.deb 2cbc7b1f23a9ee42ec8d54992fc958feaebb283d libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb 4e8292471bc19230b095534cc3618c5dc7554ac5 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb b44fccba9a95f5790cc844cfe5a2b7f8fb89b77b libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb af0e89a7d029dd0f8dc854a116e6fd688bd8863e libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb b61a0fc67ebd66bae680a70c1b6c664af0cd13e3 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_all.deb f615ec629047bdba452ebb1a433c219968dde8f7 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb 33adcffeb1227a048684f4236c14d2ddcb4e2187 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb cf1fc206369eeb53e7d23ce0a83f3f5b117e4c3f python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_all.deb a669482cd375694a1b75398f294f93f283fb35bc python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_all.deb 024c4b978812c58756a1d1125c717254ac400818 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb 5d4ff4e05ad1e82f14503e81fe95b17f503fcd28 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els7_amd64.deb 5fc4b1412e2cc6f646c4423d305b22562798494f CLSA-2022:1669241675 TuxCare License Agreement 0 * SECURITY UPDATE: option refcount overflow - debian/patches/CVE-2022-2928.patch: fix work with reference counter 'refcount' - CVE-2022-2928 * SECURITY UPDATE: DHCP memory leak - debian/patches/CVE-2022-2929.patch: free memory when incorrect 'fqdn' labels are used - CVE-2022-2929 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: option refcount overflow - debian/patches/CVE-2022-2928.patch: fix work with reference counter 'refcount' - CVE-2022-2928 * SECURITY UPDATE: DHCP memory leak - debian/patches/CVE-2022-2929.patch: free memory when incorrect 'fqdn' labels are used - CVE-2022-2929

0 tuxcare-ubuntu16.04-els isc-dhcp-client_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb cb2ede82b7fbd186b547e0f4e15bf0ad0f4c1c30 isc-dhcp-client-ddns_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb cfb4f22cf36f88ddc593fcff1586f543fad03d37 isc-dhcp-common_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb 0dc0dbb2e5309b2627b66481ff459a3b64409099 isc-dhcp-dev_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb 8ea1a597e8a5f81a116fdfb32bb82c79182c265d isc-dhcp-relay_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb f185c6594231cdcbec1bb474a72a61abb4749973 isc-dhcp-server_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb 9eb6ce98f5dea468bc3399610958b19009c3ac96 isc-dhcp-server-ldap_4.3.3-5ubuntu12.11+tuxcare.els2_amd64.deb b372950f9979bef3d1b09540c4031fb472e02fa6 CLSA-2022:1669242003 TuxCare License Agreement 0 * SECURITY UPDATE: possible RCE when using OSC 50 sequence - debian/patches/CVE-2022-45063.patch: Improve error recovery when setting a bitmap font for the VT100 window, e.g., in case OSC 50 failed, restoring the most recent valid font so that a subsequent OSC 50 reports this correctly. - CVE-2022-45063 - debian/patches/extra_safety_to_string_comparison_functions.patch: Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error recovery for a missing font. Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible RCE when using OSC 50 sequence - debian/patches/CVE-2022-45063.patch: Improve error recovery when setting a bitmap font for the VT100 window, e.g., in case OSC 50 failed, restoring the most recent valid font so that a subsequent OSC 50 reports this correctly. - CVE-2022-45063 - debian/patches/extra_safety_to_string_comparison_functions.patch: Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error recovery for a missing font.

0 tuxcare-ubuntu16.04-els xterm_322-1ubuntu1.2+tuxcare.els1_amd64.deb e077d40b5a7043c83f57c4a680a817c31768ae4b CLSA-2022:1669309108 TuxCare License Agreement 0 * Backport upstream releases 8u352 to 16.04 LTS * Security fixes in 8u352: - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526, CVE-2022-21619: Improve NTLM support - JDK-8286533, CVE-2022-21626: Key X509 usages - JDK-8286910, CVE-2022-21624: Improve JNDI lookups - JDK-8286918, CVE-2022-21628: Better HttpServer service - JDK-8288508: Enhance ECDSA usage * Drop applied patch pr88.diff Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream releases 8u352 to 16.04 LTS * Security fixes in 8u352: - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526, CVE-2022-21619: Improve NTLM support - JDK-8286533, CVE-2022-21626: Key X509 usages - JDK-8286910, CVE-2022-21624: Improve JNDI lookups - JDK-8286918, CVE-2022-21628: Better HttpServer service - JDK-8288508: Enhance ECDSA usage * Drop applied patch pr88.diff

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 28b0f9df016bc594463851dc78efcab30969b53d openjdk-8-doc_8u352-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 7164fec1d4f90b62c420af91debb6615386a332e openjdk-8-jdk_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb ea89e5de5f447b36e2f5ecb5d3b053560ee7581a openjdk-8-jdk-headless_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 2b7eea79414897a3496055702670b3064441fa94 openjdk-8-jre_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb f9b234d7ac8bafc6b73e153d6a5108cfbd2ee6ae openjdk-8-jre-headless_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb a308d61742a3ab671adae14a0e7d645ba12629c7 openjdk-8-jre-jamvm_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb b79f66b34ed5c545ebfe5e2fe833ccdf3386086a openjdk-8-jre-zero_8u352-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb b670944a6534006496f78784ad3f8bf32c5938c6 openjdk-8-source_8u352-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 6eb0e07920d358e91f11ad02ea8272627e5f0543 CLSA-2022:1669309294 TuxCare License Agreement 0 * SECURITY UPDATE: Use After Free in vim - debian/patches/CVE-2022-3352.patch: Disallow deleting the current buffer to avoid using freed memory - CVE-2022-3352 * SECURITY UPDATE: Crash when matching buffer with invalid pattern - debian/patches/CVE-2022-1674.patch: Check for NULL regprog - CVE-2022-1674 * SECURITY UPDATE: Using NULL regexp program - debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL in more places - CVE-2022-1725 * Fix: CI crashes when running out of memory, NULL pointer dereference - debian/patches/fix-addstate.patch: Apply 'maxmempattern' also to new regexp engine, check NULL pointers inside addstate() function Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use After Free in vim - debian/patches/CVE-2022-3352.patch: Disallow deleting the current buffer to avoid using freed memory - CVE-2022-3352 * SECURITY UPDATE: Crash when matching buffer with invalid pattern - debian/patches/CVE-2022-1674.patch: Check for NULL regprog - CVE-2022-1674 * SECURITY UPDATE: Using NULL regexp program - debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL in more places - CVE-2022-1725 * Fix: CI crashes when running out of memory, NULL pointer dereference - debian/patches/fix-addstate.patch: Apply 'maxmempattern' also to new regexp engine, check NULL pointers inside addstate() function

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb aa9417a2001a3904564cd99c23d57d967c18043d vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 30fd554dd0eff316bbf9b936d1d3a274bc075aab vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb c03e3fddac0848e59e293d39f6c54b8c312c9503 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 0d8e459410aef275a60dc963b18e44a2700042a8 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els33_all.deb 9199c3ed4e5bf6b6c8b31bbee9ce125300a1a98e vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 22ded8a7e119fd2394ef88d41255d9f2c67daa87 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 5005bf44dded15cc8a7f8371623646af44cbda06 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 5bfa23d23a000a7d1d6d72bd3ca0e8fbeb897281 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 47b454a75c4211f5ccebd745e8426042c46a56f7 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 91456081434dad8fe579ddd6efb7e78bb83e648b vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 7e054ebf6407590252da4322df566b8a747e7684 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els33_all.deb de42576935335ade42e70ff8a8fcf4224ea0c03c vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb a4022978c16e9d49358d61f8139d185812dba140 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 20d4585ddc097480cf7a574c4dcf9fde527adf58 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els33_all.deb 5d6e8e205854a59d6b81ccf52263eff2df60e6e1 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb 024d48e14c3645fd162e63567775bbb031b12f26 CLSA-2022:1670260858 TuxCare License Agreement 0 * SECURITY UPDATE: Race condition when copying and removing directory trees - debian/patches/CVE-2013-4235.patch: fix races in chown_tree(), remove_tree() and copy_tree() - CVE-2013-4235 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Race condition when copying and removing directory trees - debian/patches/CVE-2013-4235.patch: fix races in chown_tree(), remove_tree() and copy_tree() - CVE-2013-4235

0 tuxcare-ubuntu16.04-els login_4.2-3.1ubuntu5.5+tuxcare.els2_amd64.deb f5a341180eeb4b6daf3d9803c6040cffb07c8b00 passwd_4.2-3.1ubuntu5.5+tuxcare.els2_amd64.deb a0f8618bc28569bb0b49dd266df58240027b099e uidmap_4.2-3.1ubuntu5.5+tuxcare.els2_amd64.deb 8902e5ad7add6170a69e5d97ba4b6978e6c609ea CLSA-2022:1670261781 TuxCare License Agreement 0 * CVE-2022-42703 - mm/rmap.c: don't reuse anon_vma if we just want a copy - mm: rmap: explicitly reset vma->anon_vma in unlink_anon_vmas() - mm, rmap: handle anon_vma_prepare() common case inline - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * CVE-2022-3565 - mISDN: fix use-after-free bugs in l1oip timer handlers * CVE-2022-43750 - usb: mon: make mmapped memory read only * CVE-2022-3566 - tcp: Fix data races around icsk->icsk_af_ops. * CVE-2022-3567 - ipv6: annotate some data-races around sk->sk_prot - ipv6: Fix data races around sk->sk_prot. * CVE-2022-3621 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() * CVE-2022-3564 - Bluetooth: remove unneeded variable in l2cap_stream_rx - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu * CVE-2022-3524 - tcp/udp: Fix memory leak in ipv6_renew_options(). * CVE-2022-3635 - atm: idt77252: fix use-after-free bugs caused by tst_timer * CVE-2022-40768 - scsi: stex: Properly zero out the passthrough command structure * CVE-2022-3239 - media: em28xx: initialize refcount before kref_get * CVE-2022-3649 - nilfs2: fix use-after-free bug of struct nilfs_root * CVE-2022-3594 - r8152: Rate limit overflow messages Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-42703 - mm/rmap.c: don't reuse anon_vma if we just want a copy - mm: rmap: explicitly reset vma->anon_vma in unlink_anon_vmas() - mm, rmap: handle anon_vma_prepare() common case inline - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * CVE-2022-3565 - mISDN: fix use-after-free bugs in l1oip timer handlers * CVE-2022-43750 - usb: mon: make mmapped memory read only * CVE-2022-3566 - tcp: Fix data races around icsk->icsk_af_ops. * CVE-2022-3567 - ipv6: annotate some data-races around sk->sk_prot - ipv6: Fix data races around sk->sk_prot. * CVE-2022-3621 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() * CVE-2022-3564 - Bluetooth: remove unneeded variable in l2cap_stream_rx - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu * CVE-2022-3524 - tcp/udp: Fix memory leak in ipv6_renew_options(). * CVE-2022-3635 - atm: idt77252: fix use-after-free bugs caused by tst_timer * CVE-2022-40768 - scsi: stex: Properly zero out the passthrough command structure * CVE-2022-3239 - media: em28xx: initialize refcount before kref_get * CVE-2022-3649 - nilfs2: fix use-after-free bug of struct nilfs_root * CVE-2022-3594 - r8152: Rate limit overflow messages

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb 7a1041eaf846658cee7692146367415074934b59 linux-buildinfo-4.4.0-236-tuxcare.els7-lowlatency_4.4.0-236.270_amd64.deb 46a09e6a01059ce5d2c06b5c04245142a3f42304 linux-cloud-tools-4.4.0-236-tuxcare.els7_4.4.0-236.270_amd64.deb d85e4fc42ab0b1f4a2f3122bf0876486e98dcf26 linux-cloud-tools-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb b8c2a4b8960652e6d7ab05c16d0a7e59e1efeecb linux-cloud-tools-4.4.0-236-tuxcare.els7-lowlatency_4.4.0-236.270_amd64.deb c7749bbbbe45eb1777caa4fd294bc35445837b06 linux-cloud-tools-common_4.4.0-236.270_all.deb 56aa0dda6415107ea0e48fc9919a1584e74b7375 linux-cloud-tools-generic_4.4.0.236.270_amd64.deb c13ef95fc7d69df7c5c8b930331ed574fa752f40 linux-cloud-tools-lowlatency_4.4.0.236.270_amd64.deb 02b7d94716aa95f209d99a94942948f7c62b3623 linux-crashdump_4.4.0.236.270_amd64.deb a3d158d2b32a414f10e6b0db1b2921b89314943b linux-doc_4.4.0-236.270_all.deb e386bb8b742238bd8545f5f05c5d40d9d6d6d6f0 linux-generic_4.4.0.236.270_amd64.deb 176a270e1b77a96d0216836e48038ef4ea2786df linux-headers-4.4.0-236-tuxcare.els7_4.4.0-236.270_all.deb 1159d0a9765b30d42b476b8bd009a6994d2dcae5 linux-headers-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb c9b5a616502e6e0b59c1aeb8ab13cf2582a6a9a7 linux-headers-4.4.0-236-tuxcare.els7-lowlatency_4.4.0-236.270_amd64.deb 79a5793c782c00bac466101ed20046ff4c6cf06d linux-headers-generic_4.4.0.236.270_amd64.deb b0dead42e9ec6ba21fe664d2265e6952ed43d57b linux-headers-lowlatency_4.4.0.236.270_amd64.deb ea6095ae07dc73d623a00ecacae7284e37a3b088 linux-image-generic_4.4.0.236.270_amd64.deb 2b31b1dd62fc9325146fee8779ef4dcbac102e42 linux-image-lowlatency_4.4.0.236.270_amd64.deb 6d77de82190b669f586242d2b9dc767813ac9c2a linux-image-unsigned-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb b9c7bc6c10e416445e05b041f49dd1f2c6275633 linux-image-unsigned-4.4.0-236-tuxcare.els7-lowlatency_4.4.0-236.270_amd64.deb 35c4ea27df218e20e200963112fa2f431d80c3e1 linux-libc-dev_4.4.0-236.270_amd64.deb 72d5e20ac9a5f7544557bc7ebc6f22097e5367ae linux-lowlatency_4.4.0.236.270_amd64.deb de55f255b131d9055ee05ac86c9792c222144022 linux-modules-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb bcd95386315a67b6ffa1512749e744ff2fcd931b linux-modules-4.4.0-236-tuxcare.els7-lowlatency_4.4.0-236.270_amd64.deb ed727935c230403bc2872ea6b6b513839c4c6126 linux-modules-extra-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb 0eb36de219a82c3dd3d71f09969a69b3df4bff04 linux-source_4.4.0.236.270_all.deb 5e604f6aedb1c5d515355a1c76b1f77eb96107a5 linux-source-4.4.0_4.4.0-236.270_all.deb 7a6ccb3b37311656cb1f30a1969affa8c39c55a1 linux-tools-4.4.0-236-tuxcare.els7_4.4.0-236.270_amd64.deb 4641282e39e8469ce77948c02ce3e44ba99802e4 linux-tools-4.4.0-236-tuxcare.els7-generic_4.4.0-236.270_amd64.deb 5a775045a8dc036f758cc76f12e1fc97804a96be linux-tools-4.4.0-236-tuxcare.els7-lowlatency_4.4.0-236.270_amd64.deb bb7b529f23679bef9277420e4a4d05d2604bb38e linux-tools-common_4.4.0-236.270_all.deb 61057bb120976c2fa1f562eba61a484ebecd3ce5 linux-tools-generic_4.4.0.236.270_amd64.deb 4f1bef7de8deec8819754ae47624785b021b2cb2 linux-tools-host_4.4.0-236.270_all.deb fbc467c0ae928417d8cc740676d89b07e847e45a linux-tools-lowlatency_4.4.0.236.270_amd64.deb 242798dbc1b31e03cd2c2c072d011ce5fc6c48a5 CLSA-2022:1670518262 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflows with XML_PARSE_HUGE - debian/patches/CVE-2022-40303.patch: Impose size limits when XML_PARSE_HUGE is set and add length checks to core parser functions - CVE-2022-40303 * SECURITY UPDATE: Dict corruption caused by entity reference cycles - debian/patches/CVE-2022-40304.patch: Stop storing entity content, orig, ExternalID and SystemID in a dict since these values are unlikely to occur multiple times in a document, so they shouldn't have been stored in a dict in the first place - CVE-2022-40304 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflows with XML_PARSE_HUGE - debian/patches/CVE-2022-40303.patch: Impose size limits when XML_PARSE_HUGE is set and add length checks to core parser functions - CVE-2022-40303 * SECURITY UPDATE: Dict corruption caused by entity reference cycles - debian/patches/CVE-2022-40304.patch: Stop storing entity content, orig, ExternalID and SystemID in a dict since these values are unlikely to occur multiple times in a document, so they shouldn't have been stored in a dict in the first place - CVE-2022-40304

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5_amd64.deb 88b767edc0aa8d5a9cdfd77e20b07589e37d18a7 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5_amd64.deb 2e676f39d6a646f2734c38fdf2f0ceab0f7b8be3 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5_all.deb 07e5d57508e66610959dd307e482c889d472f3cc libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5_amd64.deb e08697ff4c425559ae7745b3450683329d3b8b0d python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els5_amd64.deb 314c1509a8e2e2ae033ae527e02a59a6d19b5906 CLSA-2022:1670518357 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-20224.patch: fix outside the range of representable values of type 'unsigned char' - CVE-2021-20224 * Fix internal test system: - debian/patches/fix-validation-suite.patch: fix validate suite - debian/patches/fix-improper-image-header-xbm.patch: fix 'improper image header' for XBM tests * debian/rules: - fix several install issues - script termination when a subcommand fails Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-20224.patch: fix outside the range of representable values of type 'unsigned char' - CVE-2021-20224 * Fix internal test system: - debian/patches/fix-validation-suite.patch: fix validate suite - debian/patches/fix-improper-image-header-xbm.patch: fix 'improper image header' for XBM tests * debian/rules: - fix several install issues - script termination when a subcommand fails

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb 238ddadbe7fcb2c90d19e9760861d6c3a0195439 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb d0935cc1024561150d3a9b6009e00e17c2f6dcbd imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb f0bda987b1afb5f62b311c280ec1e094f134ea7a imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 214eb3cfe4b5d8a88d795ea86f8569de88771f31 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 331737402adbc52053de74b86f9db22bff6da9df libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb d8712cb1df3ecaf490e0e77a3292ef56084133a6 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 152b5cf46f09693b1d164c36abeadf1ddd6e0272 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb 89371b54945dbfc5f2b3d16f4a0f956663aa6d1a libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb bc62b9d44a17956857939f3e5c6ef269fbc5ad89 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 6fdfa30df2fbc071c94783dc9981106b21181485 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb b82cc07684572c672909d912dfe69f312c1b135d libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 2164ea5674ddac74085feb14829d94962fd3468b libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb 1c58bdc90d56b208c255eae683e7a18f16ea861e libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb 11e0c91cd39b01e8e0191931b68bc6a386ad66ad libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb b597f2b77ceb9acf9d1576d4f08282f354a3cecc libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 36567a1d2a4385f7c0a5c20a2ea636d5d935bde4 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 9cbda56f20b28bc4080237addb7d34396e094698 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb 188a7cc5f56843164fd82192756b6ea897797de6 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els5_amd64.deb 8b515c22f31e569e06717fdb42ad3a0054463e7f libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 49aaa75a290666c49e667a7cfc7cf86bfed360fe perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els5_all.deb 14ec3459dc09ed90c8db939388c15be6c198b6cd CLSA-2022:1670518442 TuxCare License Agreement 0 * SECURITY UPDATE: degrade resolver performance and possibly DoS - debian/patches/CVE-2016-2775.patch: fix possible infinite loop in lwresd due to a long query name - CVE-2016-2775 * SECURITY UPDATE: improper restriction of zone size limit - debian/patches/CVE-2016-6170.patch: allow the maximum number of records in a zone to be specified - CVE-2016-6170 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: degrade resolver performance and possibly DoS - debian/patches/CVE-2016-2775.patch: fix possible infinite loop in lwresd due to a long query name - CVE-2016-2775 * SECURITY UPDATE: improper restriction of zone size limit - debian/patches/CVE-2016-6170.patch: allow the maximum number of records in a zone to be specified - CVE-2016-6170

0 tuxcare-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 902a4101975bec3aea609897eae900b4644a17ae bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_all.deb b8a66a172a7e19c2ab47f2f4854e0cbd9fc264ed bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb ca44e3604c305a695f1be7a3888803a23789db84 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 4df89743710b3a4aaf1bd1d7fb24f459e848f43e dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb c7a55fa6f74f61e4d0af2bdc9ca73417df4ea587 host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_all.deb 77f57ef3bf6830e7ae9783222df0d6b7d332a70e libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 429552bc5fcd894883fd73b3624394fcf6eb8d6f libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 3957614de0438bf5743c7399a66791f491d9dc09 libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb ef0de5e45c1c1fe65f30a7be2dcfe37890bbe94e libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 81e046fa472112763a4c735e4935bd0966b4487a libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 1f615a03d18656df6956c97408e228a1a5ed95e1 libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 0a2eef661d02808547f7ee77096fc2a1d887e33f libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 65530b7a8f007aa05bdec0bbc44a620fe3ac84b8 libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 8ffacf6460a16c932bf33fae5492ae6837d2721f libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 11960af2c71c3f3b57a2a1b0f75e15fa95ec8296 libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb f1d8b7d3eb79b191e724115fb873d8b245415f99 libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb b0087a45d66aba134b163c36d8dbb05ac032d9c2 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 5922ae7981fc6ab603fff3ba29cac7e7e3ecf028 libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb d3bfe8ff0ead3a0617376a3b272c9bbaa1383480 liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb ffec283e44193af9afdb19a8ad378497987c22d0 lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els4_amd64.deb 304973cb2c6e9e1be5b58a1795599f0457136d36 CLSA-2022:1670606482 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2022-38533.patch: fix possibly heap-based buffer overflow in bfd/coffcode.h. - CVE-2022-38533 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2022-38533.patch: fix possibly heap-based buffer overflow in bfd/coffcode.h. - CVE-2022-38533

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb ad5e0092b667f32516fe02d19e36b1b6472ad7b5 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb ced0e92b9fbb21a6165654edea3415ed471cd5b6 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 5490f27367d9790a72b9fcc8186ebdce425df783 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb bdb0430f8872efb85c128bd32fe85283b4d85f18 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 3764348a9fa9e26984211fc385bbdd16bd992791 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 8663dcc2378f13cc6ebe672b3cdeb6f89371aa68 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_all.deb 1c37cf2b57b42d0a9b79f6b3e4b2c3274887082f binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb af7010af36003be72bfbb57dfd0abdc78dfea9c1 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 4c3aec52c2d7b180d85ddd13f7cb523a2cee9664 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 991b7d633d8c2f87d3bc611c1c06ddcf99ba3e7c binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb f04967fa0011d100e7920866da6e978b2aca96cd binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 9b6b41864ccdbe663bb5c3d93f79c43247a3353f binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb f7f70ec5126b767dacb16800400696567a915add binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 21082dc046d741edfa2f015497a4a039e1b7beae binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 21f6bb9e72bcb6978fa2c6dd51de26301f671f32 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb dad67378bcb350607cb069d9c25ed0248f0acf88 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb c3988d8f10bf7c1e7530c0291d9929e9ee28808f binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 9c34c37170f2078e2419c4efd4e45e51ff572c93 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 343b7b2c67d4af279cb563b02777f352c57803df binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb b5071d4f306776ad7585c1731c22d730b222aa06 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 85165d7a8ac6f231310bab2068df75c9c6e64da1 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb 3b95371e28c9391ad25d9aaad985e94e333c0aa0 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_all.deb 3c508361c7377f040b6738490fd9b9c880652eff binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els5_amd64.deb d7b1cded6876a1a1210121984f121fdefe22fcc6 CLSA-2022:1670606563 TuxCare License Agreement 0 * SECURITY UPDATE: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. - debian/patches/CVE-2019-0221.patch: Escape debug output to aid readability - CVE-2019-0221 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. - debian/patches/CVE-2019-0221.patch: Escape debug output to aid readability - CVE-2019-0221

0 tuxcare-ubuntu16.04-els libservlet3.0-java_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb dbbb22e1c0524e710f4de60833e0e7a17f85a639 libservlet3.0-java-doc_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 9092142407fb948004c56fd8917bfcf2af5de38f libtomcat7-java_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 0c1db601d999ddbf4a8a6536333b8d1e0228438e tomcat7_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 5d55ccd44e03d1f21ddcc3ba4b5e2434d158973e tomcat7-admin_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 50c56d74ae8832199c7e1fb5fbe7fd564dc90b47 tomcat7-common_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb c915380ce2c6a5ecbff57d20b274e6892a45602e tomcat7-docs_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 493cc480cf4ea041821478f5018e7bee8bbcf284 tomcat7-examples_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 2bdfb678388cd3f606b6044f656d2126b3f8fab4 tomcat7-user_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb 381b5ca3b43b3d89d2a109f9c9a0fbec0d9bca74 CLSA-2022:1670874310 TuxCare License Agreement 0 * SECURITY UPDATE: With a Visual block a put command column may go negative - debian/patches/CVE-2022-3520.patch: Check that the column does not become negative - CVE-2022-3520 * SECURITY UPDATE: Invalid memory access in substitute with function that goes to another file - debian/patches/CVE-2022-4141.patch: Check for text locked in CTRL-W gf - CVE-2022-4141 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: With a Visual block a put command column may go negative - debian/patches/CVE-2022-3520.patch: Check that the column does not become negative - CVE-2022-3520 * SECURITY UPDATE: Invalid memory access in substitute with function that goes to another file - debian/patches/CVE-2022-4141.patch: Check for text locked in CTRL-W gf - CVE-2022-4141

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 6a99cef35836bc2fb78f4d7dd9350af7f8acd9ca vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 9d9f824429c7a59f95d542e40ef1a78c84c0c8e1 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 8da260dceea1fa939f503ac25ad8df706c6d42f2 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 152f86af17d2bf38cb36f23f037470a50309d996 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els34_all.deb 067b78b1d9d79320769d514fc88f66c4a67fd2b8 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 52903be64a266a3d88cef40cbe2222a1332b795d vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb d0250eeb8e3ff5ef89cc19e35f7eb0caddb7fae9 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 841795950c91113c9af557f050b508d4c03bbdd1 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb be2a7569e19edb6700daafef0389f2b41ec66799 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb b4485ee7b45aae567419c348268d09aedc80f93f vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 7343744bf18101a9101f047b89710992c9fab428 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els34_all.deb 0302c3810384e29dfd96a9e5d7622448f246f531 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb efe0aca65751a215074f21be1451b3206b48581d vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 624c8e57fe0025a56fc60a9ddd362c7eded429b9 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els34_all.deb 87b5e637a000908c945f917c7446e3a7da3d58e8 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els34_amd64.deb 9f0a89196e38df7f504f102249af62a1a5c1f90b CLSA-2022:1671124508 TuxCare License Agreement 0 * SECURITY UPDATE: A man-in-the-middle attacker can inject false responses - debian/patches/CVE-2021-23222.patch: libpq: reject extraneous data after SSL or GSS encryption handshake - CVE-2021-23222 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A man-in-the-middle attacker can inject false responses - debian/patches/CVE-2021-23222.patch: libpq: reject extraneous data after SSL or GSS encryption handshake - CVE-2021-23222

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb a3b545611157c525b38b9a6b851b391ee043b65b libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb ca5325ff5cfab57e29febd651dfb406900c7d922 libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 7d90d7d786f73dae685c1dfff27da8fe5e073643 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 5f9b2cf9e060b86bd75f69c708330db095a9bece libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 5ba0273e7778f6fa8f15b290aea1eb5b49c968eb libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 4c74e254ba1b9788cbfa2f7e8d5e629c4acfd7ee postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb fdd90ba598b15b7ef9e798c13ad38d1ff9b62c44 postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb ae4ebc73016a15a976ac737c884788ee431bb5fa postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 6d203486b572fe461df08701b5e350fc83b34b8d postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_all.deb 348bcaa0b54642781c50096cf17012d704fa954c postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb b71e40c9e1e843e012382f5cc5e0f2d7a0a40dc4 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb dbf15f5a8fc3337bbf7856f56d51affd98e917ec postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb a821e5a11ac3cc232fd3ec85db26b842d3565054 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 697edb928da26f51de201b82a9548adad98ac21b postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els4_amd64.deb 65f905289a5cb8e933807799679c2032fe5d9ccb CLSA-2022:1671124583 TuxCare License Agreement 0 * SECURITY UPDATE: Using freed memory after SpellFileMissing autocmd uses bwipe - debian/patches/CVE-2022-4292.patch: Bail out if the window no longer exists - CVE-2022-4292 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Using freed memory after SpellFileMissing autocmd uses bwipe - debian/patches/CVE-2022-4292.patch: Bail out if the window no longer exists - CVE-2022-4292

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 93aeb64132d834d9aa5ba84a0ba4034b9171707d vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb fe44f1dc9cc4c2dc8b718b001646c338876688ce vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 8e29ed7c703878d4262802a8bc006c695c600fce vim-common_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb d6ca1d4f139e760c54d77808f48ceb80bbf8c034 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els35_all.deb 7d80c818d6eadd4a5ce3ceafdb4ad9bdf7ff4e9c vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 9e4d1e41443ab16bf16bb4505e55e8de5df26c18 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 2a4ae7ebe36648e8d9ffcbbc083d272346ab4280 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb ba7386e2e4f09db0d122c368d3826e6dd540aa18 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 7dd30ff6553ff6476241edf0f83eeb26e367555a vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 670c0b425f21d6c20a8e0525eafe510e455a6790 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb af5337f363857e4bea1550f76147ce4e7581ce50 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els35_all.deb b28fda7e8f9d1f6922ca12ad2d18df61c808955d vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb d897d748fd4900715756d12e88fcb6fe95c3a10f vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 6948cede88c9bee928f592b4519f41f0dcb75bae vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els35_all.deb 1f2d5988c16c00ced2ec301daac079f545af2e90 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els35_amd64.deb 40df1f87663ab324538f782462a5244c7b7662d3 CLSA-2022:1671124649 TuxCare License Agreement 0 * SECURITY UPDATE: Dummy buffer ends up in a window - debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy buffer - CVE-2022-3591 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Dummy buffer ends up in a window - debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy buffer - CVE-2022-3591

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb c0ca996473777f43efce4fac27a190d77505da35 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 93b6f5931db041cecee5ecc80db00b2f58311861 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 5872ae178d5aa6fa34f053a8e56bf1617fa2635c vim-common_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb be840ec6dd27aba8e9461a21161c892d3f8e751e vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els36_all.deb db1aac8b5f7c7efad41187c7b9e28b7cc4f9d6e5 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb b04285e97a1abf96a077195c29a9b02eaf7b935f vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb ddd1c698cb17c88fc915d05716ec952ca4777cb9 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 0b6efc031830c0a4c29ffb37d9c71162d5e22208 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb bfa899db136018fe02cea22162404a60e9445c0b vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 3fac2b4ba64b204fbd58cda1711fe78bca8efe4c vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb c99e77ea88690dad86409f3a69840a3c39cceb37 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els36_all.deb c1b449a8b0e843a4230049415ff56d3ffda7aa40 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 0db7edbba0477da78f796855de92a293ed271881 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 720a0c02ee5a2b2249852552b06c299c552dca35 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els36_all.deb 41c718728dfb9172cf2f1eae9e937c4c7d1674b3 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els36_amd64.deb 6eadf21d2ae2602b59e4b06befac08fbeb29402e CLSA-2022:1671481209 TuxCare License Agreement 0 * SECURITY UPDATE: buffer overrun in EUC-KR conversion module - debian/patches/any/CVE-2019-25013: skip two bytes when told to skip over the unknown designation, potentially running over the buffer end - CVE-2019-25013 * SECURITY UPDATE: hang in the iconv program - debian/patches/any/CVE-2020-27618: adjust the converter to accept redundant shift sequences in IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets - CVE-2020-27618 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overrun in EUC-KR conversion module - debian/patches/any/CVE-2019-25013: skip two bytes when told to skip over the unknown designation, potentially running over the buffer end - CVE-2019-25013 * SECURITY UPDATE: hang in the iconv program - debian/patches/any/CVE-2020-27618: adjust the converter to accept redundant shift sequences in IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets - CVE-2020-27618

0 tuxcare-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els5_all.deb 092163f8309f2255244dbad20dcb43b815aabfda glibc-source_2.23-0ubuntu11.5+tuxcare.els5_all.deb b0c452d52d40fbd7d5f3b5b7857704b4b84318d1 libc-bin_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb 0fec32c872ff8928a1a2cbc0b7ae9f9aafd292b8 libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb a6e74646f7c836f64653bfba91c2a8629bcc88ae libc6_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb aa9fab47a33e659dbdb7c609b21c7c1acc054353 libc6-dev_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb f5f0ffea6291c3b908f2e8511c09295c2c46f07b libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb 004a3e1113932e5ecf19b1943b099e1c9deaa82a libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb 88f7c9e309103e77002717d0de83b847fea04d6f libc6-i386_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb e60711a081d545a2a164d2fe7d4752beaa4c87a0 libc6-pic_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb d1b72b624deef4d7b6e118f79251e9b4f6ba40e6 libc6-x32_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb 2f4346be2d367aad9fa87c13ab584aa06fe962e9 locales_2.23-0ubuntu11.5+tuxcare.els5_all.deb e522511474e96984a90d418ccf14d211c69a686e locales-all_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb a17ff2ba71508844499ecbcee092ba33c0c96f3a multiarch-support_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb 0daa3d745a6560b7fac5357c59e557c5eda3bc36 nscd_2.23-0ubuntu11.5+tuxcare.els5_amd64.deb f549a1b05b47cde09c8a307b8ed1428ea0de20ba CLSA-2023:1673905718 TuxCare License Agreement 0 * SECURITY UPDATE: Extended partition loop in MBR partition table leads to DoS - debian/patches/CVE-2016-5011-1.patch: ignore MBR extended partition at zero offset - debian/patches/CVE-2016-5011-2.patch: avoid non-empty recursion in EBR - CVE-2016-5011 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Extended partition loop in MBR partition table leads to DoS - debian/patches/CVE-2016-5011-1.patch: ignore MBR extended partition at zero offset - debian/patches/CVE-2016-5011-2.patch: avoid non-empty recursion in EBR - CVE-2016-5011

0 tuxcare-ubuntu16.04-els bsdutils_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb a8f36a25f06da35187b7f7a8d8dc0e9ef620a7a7 libblkid-dev_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 844b97113c8ef2f182a953d183b457d0a3609e4e libblkid1_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 0cdc97eb047d87ffa77710ac0da0f78d8f352696 libfdisk-dev_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 3d2b2aa2facbc863a36aeaacf3476b4478277543 libfdisk1_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 9723fd44c88181cb5621ad8a3e5a77dc4955f1e7 libmount-dev_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 90e0fdc7a8dc532cdb419da68af33ce706b9229d libmount1_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 269b87a3ecfb7b4fb02356d41bfbef0dac408a3d libsmartcols-dev_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 61a1109eb0a9d46d3a5a905318c7f0922156bbea libsmartcols1_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 6e09cde8447e15274784c0d297707f18477c8192 libuuid1_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb c0de44352bfc2a7d3a0a558d2d2c3cff870f2f57 mount_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb ca55d55d032183104e41be661923cbee06de3adb util-linux_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb f63a25fca5fd4723f7808f84f3761672bb088013 util-linux-locales_2.27.1-6ubuntu3.10+tuxcare.els1_all.deb 0839ee8ecc4259c7a3c6aa0cf746cec8eb3d7a0e uuid-dev_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 1cd10be3ddcab167808b07b57def517a17de1b7f uuid-runtime_2.27.1-6ubuntu3.10+tuxcare.els1_amd64.deb 28f6e0de2e0cd449d9a5fd08f5078f173fcf12d1 CLSA-2023:1673905845 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflows that may lead to remote code execution - debian/patches/CVE-2022-42898.patch: add several tests to prevent integer overflow in pac parsing - CVE-2022-42898 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflows that may lead to remote code execution - debian/patches/CVE-2022-42898.patch: add several tests to prevent integer overflow in pac parsing - CVE-2022-42898

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 1b48c83226dbfb18c9f10dc6ed7ac51ac75a5b93 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb b81b4b5bb6e9914074c71fadbf1387ccb4abdaf6 libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 7a9e364cb454df34b0e3f8232cbb79405b2e4849 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 8d69eeb16c8cb0e42cf436f6ce586dd5f4b0374d libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 8b8d7d8a838d3e5154a3d8b2e9c7c1d16b63fd8f libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb a181139d5b2fa75f5bc04ea1a95a976e4844d2f8 libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 61e401ef4e01e2e97c4a5c3dae97b7b5f60cc5ad libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 87a3ff7c3de1c2cc4e7171977d50b531ebe0d92e python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 89d1d2285b45be9544a91317568341ef0d851a03 registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 51038770c8dd31c610fa4583633305b5bc654ee5 samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb cf182a4d8cf2955634fc80fa28dbe18758a6479b samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_all.deb 66b2d1d7d35969718a795f4af608bde8301b0f55 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 6a4d58ee9ab1fe62f9c2b3f36fab899a5ded84fe samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb b498036cc67f2dd27d917c4aa9e9b02d93a8db40 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb ef825b31420b98c22e3d00f4f8c60917c67a284a samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb fb5e5e9e80136d6eff9288a5ca0d3023a213b6dc samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 340577a2031efa1683e82344cbcc5799ab5342fc samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 6eef8d9c63ac4cfdfb63ca0cc7955fd22a88ae57 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb bad9ffe8b839556c7b8b27f46301dde821ce0e0c winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els2_amd64.deb 1f27459e493fd4e3cc8a97cdd86c474ce073376a CLSA-2023:1674203970 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflows - debian/patches/CVE-2022-42898.patch: fix integer overflows in PAC parsing - CVE-2022-42898 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflows - debian/patches/CVE-2022-42898.patch: fix integer overflows in PAC parsing - CVE-2022-42898

0 tuxcare-ubuntu16.04-els krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 1228085b9c4b487c6ae9bc3e607ef0b607c8915d krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_all.deb 90a6fd08a7a9fcbd6de1f5c9cccb6d3ab6c44069 krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 6ee8c39ab3d4499f73c031a673a7cb5446678d6f krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 13864cccb118eaeb7a7497e083c8de473f3cb4f4 krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 4e3a8f4b5788bb93a0439aeaff1143d797f80d5d krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 8ccc2c2a7b1a5828c1848f908c23348e320c5dee krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_all.deb 8d4bf0e4d96a204f3b2dda55036444310cdb5675 krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 121319eb7eea58379ededb3b4fc8d7e019772721 krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb a5b8e3c5560a6af17fc2aad3332211e2b4b31794 krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 052c2f826b0fede0a0af591b838574870aed27e7 krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb dbe1633560bef69a210ac7107f241801b3e577db libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb eec82393add126d0fdd06f2bdff8e6555f032cb2 libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 83c5f9fa13bfe43748f7641b0a1e0e48544ace65 libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb be26b0d1c4760d0de0cbd77f84d58051b51d8440 libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 6f6d7caf69c75bfbb96368550cf2988665e87d4c libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb a0c7164d20eebd653cbcfea2eaf05a96767e71b9 libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 83e0af004cb8c6818fd6853215ecfb2218b74e2b libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 4be81fc5340dcc85852d53993a2335074a7dc846 libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 13bed3d0a0d67800009dab6fb3771b85ccf93b2e libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 985992721823e1e916560f3953cf496c18754466 libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 0cb3c544edd8b1590d7e5894fffa9c5236808560 libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els1_amd64.deb 35c05699533bc3192aa68adbfc194b7d6bb19df2 CLSA-2023:1674814283 TuxCare License Agreement 0 * SECURITY UPDATE: Out-of-bounds read in function build_stl_str_hl - debian/patches/CVE-2023-0049: Stop reading from buffer at "%0" - CVE-2023-0049 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out-of-bounds read in function build_stl_str_hl - debian/patches/CVE-2023-0049: Stop reading from buffer at "%0" - CVE-2023-0049

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb b4b13c69eb88fef3b6301cc664af70e3830bc328 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb f6af0d2b5631ca9e89d4a5109f2df1fb2f94b6fb vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 1e1c0b692ac4d30c27e041f3729743cbc1845919 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 77ba10d81dea837c56d7afc6e63bea87c90b610c vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els37_all.deb 1c7237fe8b3b4bf74ad5c92ee0c6b618a3d3dd02 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 9f6d52372e4c67e7edc0ab7ba89ad2b85ef43c7d vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb f3bb415ac8e91917a8ecc46991ef8d4d85480a5c vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb adea7d6c231c81dda260531934bd6faada2d3967 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 950f957b28c1f25c729d1b37e3548abc48b12ca3 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb c991117d801fca4828ead1bc656e2449da9e93a7 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 30dbefbc2dbf3fb67f32c98f38f58bfb9d80b538 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els37_all.deb fb081d5f36fe48a9f713344446081cc27c5e58b4 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 7ed36fa99ff742d543f8a8ee8068965f64b085a4 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb c2cbe4cc80e70199fd3bc294ccb581638dcb102c vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els37_all.deb 86130303f1271be12f555665b794546a334740fd vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els37_amd64.deb 6b134bdda8971982b1a2a082068cb29b53c01f61 CLSA-2023:1675111190 TuxCare License Agreement 0 * SECURITY UPDATE: access denial bypass in pam_access.so - debian/patches-applied/CVE-2022-28321.patch: properly use getnameinfo() and getaddrinfo() to handle hostnames in access.conf, add freeaddrinfo() to avoid memory leaks on return from network_netmask_match() as well - CVE-2022-28321 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: access denial bypass in pam_access.so - debian/patches-applied/CVE-2022-28321.patch: properly use getnameinfo() and getaddrinfo() to handle hostnames in access.conf, add freeaddrinfo() to avoid memory leaks on return from network_netmask_match() as well - CVE-2022-28321

0 tuxcare-ubuntu16.04-els libpam-cracklib_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb bf25ea57efb48a43c157172c0b8cff37c3615ad7 libpam-doc_1.1.8-3.2ubuntu2.3+tuxcare.els1_all.deb fd5983bbba2a24c2d8b5de21c5430c1438fe9e89 libpam-modules_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb 333fb54b9406c188c0842c7a50e5501a4d7c620e libpam-modules-bin_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb d979bfd87d27b2712e36db5e2cab633d35c3664e libpam-runtime_1.1.8-3.2ubuntu2.3+tuxcare.els1_all.deb cc7635baafe8966cc37b77f707b8eb216dba1a34 libpam0g_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb f310d249d431e8a4e7ce13e48b6b013bef01c557 libpam0g-dev_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb 37c0e6ecf6eaa7b3159c2e18d94c161060a13eb2 CLSA-2023:1675111279 TuxCare License Agreement 0 * SECURITY UPDATE: possible HTTP request smuggling in the mod_proxy_ajp - debian/patches/CVE-2022-36760.patch: ensure connection closure for an invalid Transfer-Encoding header, to prevent HTTP request smuggling attack with an AJP proxy - CVE-2022-36760 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible HTTP request smuggling in the mod_proxy_ajp - debian/patches/CVE-2022-36760.patch: ensure connection closure for an invalid Transfer-Encoding header, to prevent HTTP request smuggling attack with an AJP proxy - CVE-2022-36760

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb c79c166e7ea0124cb07f04d77b89f89bd4c12788 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb a64e03ee14cc065d5572af7c0812d6c3a895dcc1 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els8_all.deb 6924d231c6b911d3a5201251b0feeeace4618e22 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb 12a21147ff6f013678f3060a9b5a65aa17ff6044 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els8_all.deb 1de667ffe573d6aad1eca4505587a0cdfbda20a6 apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb 5641868a01893e6ebc1c4ee70aee0dc1816e3527 apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb b767e39c41497f960c581366545c25b4976c839e apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els8_amd64.deb 955d5199b39142dd60a50c19a13c49457ea4131f CLSA-2023:1675372413 TuxCare License Agreement 0 * SECURITY UPDATE: Reading past the end of a line when formatting text - debian/patches/CVE-2023-0433: Check for not going over the end of the line - CVE-2023-0433 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reading past the end of a line when formatting text - debian/patches/CVE-2023-0433: Check for not going over the end of the line - CVE-2023-0433

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb b629c77af89be774d14360cdb582fa1641f5f819 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb 96e98193c844f39f346b3e4694c1bc93bee3ef84 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb e1b89e9b1eef6de3508474a32170e60743b2352a vim-common_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb 29ce397b7e6125baf78cea6d6ceab22bf5915f45 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els38_all.deb 1f1ecfbe291b0410d23bde445ea675fe165ce7bc vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb fa99a29058438ce2d5e1b44edebcf8aee9c42121 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb ee0f30b573a4ee5ca14ea401010ef9b0ea3c21f2 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb 122cc8fa7233be1326ab3fc803833db85deddfe1 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb 5dea34c15af511450ed6c99a0f3cd8b4116df8f1 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb ea256a17d7e0a992d438342c83588fc5b3f11109 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb be0d62723e45eb289b34af5362b6a2c6924f4b31 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els38_all.deb b5f090841ed9e1e8459ea64ad92f26931e891f46 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb a0a95dc49822c8cd0e45fb5056cf584d827d8c87 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb 7d94416f3a535069e08aa62d3ddfe99d0e9f3c17 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els38_all.deb 9b104c81bae2fed19c93bdc36b037352f16c8fce vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els38_amd64.deb 8df8226656f68ee15e6ad1de7e3d3bfe1cd02053 CLSA-2023:1675372486 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflows in Heimdal ARC4 and DES3 - debian/patches/CVE-2022-3437.patch: add extra NULL pointer and buffer boundaries checks, fix undefined behaviour and input data length calculations, remove accidentally duplicated code in arcfour.c - CVE-2022-3437 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflows in Heimdal ARC4 and DES3 - debian/patches/CVE-2022-3437.patch: add extra NULL pointer and buffer boundaries checks, fix undefined behaviour and input data length calculations, remove accidentally duplicated code in arcfour.c - CVE-2022-3437

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb d675b7c75514a1f15b4e90dcdc179ce56e64a061 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 0eed3439ada330ea87af08625da0bc4ee027cb91 libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 14ebcf8b53eac7a98a9c8c301ebba1c6c512c762 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 709de93582ae199fbc3cb3740b90d4f866322ad5 libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 7fe0a3932f4865fd5759ffc5c3bab091ec086a02 libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb cadd140006892e7d72b42242a8dbb6ba64ec9b4b libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb a6ad339a2f15dbd8307c493966d588bef115d612 libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb a198655315b2f6d0536c87554bbc021672eac23a python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 9b1a1dc927b732c5dd9c452448838d3a061d1862 registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 3df42ceac763d6d4a9836d9b615f33a25d591a1b samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb dbc2262cf1a2745ac812938f0e7e4403e00240fe samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_all.deb fc38c18c5f8672c756447f2d576222ef5a4fd106 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb a36ac39621331a867ba35d7a3778bca6b5b878b0 samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 0adabf74d589b679620cde70580ec04a2f1c6a26 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb cbd7b24776eab6b4fdc9c320b520490e30c78230 samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 3bcc0550ece3df8209a7d457ac75448cc9a85605 samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb ca44c2c5b071f66be846c9e50c4072def09ff373 samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb 0168c0761bec828aab533cf75bf2d2609946eb33 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb bef8bc41e68da83808a84cd50ca06385383e1fb5 winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els3_amd64.deb ae8323ae4715654072a48eb611454ee3be46108d CLSA-2023:1675372579 TuxCare License Agreement 0 * SECURITY UPDATE: Update to 5.7.41 to fix security issues - CVE-2023-21840 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.41 to fix security issues - CVE-2023-21840

0 tuxcare-ubuntu16.04-els libmysqlclient-dev_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 7f4aebb06002413612e0335178f96a050f3988d3 libmysqlclient20_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb c0475016121812f275aa155439818f8c585a5970 libmysqld-dev_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb e3971bdf45954d0b11815c4bfd3505db677cc453 mysql-client_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_all.deb 65d5aa2781f2d47957b5ff3447f7f05fb67fb17f mysql-client-5.7_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb cbe1b158ada30832b8a274015618a7c15b68f8a6 mysql-client-core-5.7_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a943839b29d67c2580b03c2b3c5c9d46b74d9b18 mysql-common_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_all.deb 0c121154f3602b53db78bda967d7b05ca1d74d60 mysql-server_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_all.deb 4c93b714b4604bee051706b7751505c91a52d902 mysql-server-5.7_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 2f0c78088347e202f7082b52720dd245b6fa4b4d mysql-server-core-5.7_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a42751de8324a95ae2f01185ff85da48122dfae0 mysql-source-5.7_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 176113d8fd16c3f4f43e7f9a642e843c2706253f mysql-testsuite_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_all.deb d73481879522dbb3d83279d9ba4c0772a5cd9a7a mysql-testsuite-5.7_5.7.41-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb e0bec17c824f3c984f054e2a1b16f239477fa943 CLSA-2023:1675372649 TuxCare License Agreement 0 * SECURITY UPDATE: Possible KDC crash processing malformed S4U2Self request - debian/patches/CVE-2018-20217.patch: ignore password attributes for S4U2Self requests - CVE-2018-20217 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Possible KDC crash processing malformed S4U2Self request - debian/patches/CVE-2018-20217.patch: ignore password attributes for S4U2Self requests - CVE-2018-20217

0 tuxcare-ubuntu16.04-els krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb fced5543703ea9fca0edbec3d6df7ea4205ee33c krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_all.deb 6c3bd2c8ab2b7c0dbf6d5c7d1d8178809e2771e8 krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb ea9e535668ffe867eba29f9f63de797082971275 krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb e8a30fe20c1d445483d882ed175afe547c9e2dbe krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 5d050de24dcc0b6bddc44a3724afb21e1f743f2c krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 576c664329d03edfd91b1a675c7aad039f087b5d krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_all.deb 2a80a9b10108fdb0ab7de6fe21e0b6187039c69c krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb f5a5c1d37165f11fa8040296c378b201f8de6d13 krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 15d4eb98c450aa0ebbe3a20592de6311f0774275 krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 5713c9bba9a78b126c1be18e12b366f3f429f66d krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 9725f9458ce9dfd565fae1cc3bcdecae869659e6 libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 3da7d0614d41ce92dce098e34eeb1345b7938363 libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb dcb056e737be6c17c6d18276f5c396f290ceba46 libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb b5c323fac5a3fc4f65dc5066aee20357f30d24cc libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 030654e490d4167840ca24b5cd1ef7e5e937338d libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 2ca239bddd4223d75c9b414214f73290d56da9e7 libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 7d681ce9fa9c50e0cc97c8262c84427d72314f77 libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb fc145f5dc8170a0324733c0ff5028653b7ebd270 libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 22c4273fe473651a364b64ae7f42617c675b3414 libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb cf9955c61c25591b8c0cfe8b1c211cde234897e1 libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb 30c6e266fb25464643e6b6d09555c0305c09b2d0 libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els2_amd64.deb f35b9b4571adbbe10df13cf76c333fa79a6bb1ae CLSA-2023:1675985294 TuxCare License Agreement 0 * SECURITY UPDATE: mod_proxy may trigger HTTP response splitting - debian/patches/CVE-2022-37436.patch: fail on bad header - CVE-2022-37436 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_proxy may trigger HTTP response splitting - debian/patches/CVE-2022-37436.patch: fail on bad header - CVE-2022-37436

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els9_amd64.deb 9a7a3b1699e26c2252ad06906b310c14d8faba0b apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els9_amd64.deb fd93c215efd03ed6b81c0bfabdee8e50549f3609 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els9_all.deb b882d63af34e01cc52eed82c00fb6e56b0a305d3 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els9_amd64.deb 3219e7d72d62d9d1cce88297fccb9b4fd5acd659 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els9_all.deb 4057251651cfafedf8a1b4b9c79fbe2ef812e915 apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els9_amd64.deb a88f8d1ea726450b598c0488dfb9f611d2c398e3 apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els9_amd64.deb c4d90feb659bf9a632185caf491efd4887890834 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els9_amd64.deb 7cb6beec0cf9ebf580a5cdeb1ea9857d65b0b4de CLSA-2023:1675985375 TuxCare License Agreement 0 * SECURITY UPDATE: edit a file not permitted by the security policy - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include "--" - CVE-2023-22809 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: edit a file not permitted by the security policy - debian/patches/CVE-2023-22809.patch: do not permit editor arguments to include "--" - CVE-2023-22809

0 tuxcare-ubuntu16.04-els sudo_1.8.16-0ubuntu1.11+tuxcare.els1_amd64.deb 00cda837bec5a2024f19d1473b6aec117aa51039 sudo-ldap_1.8.16-0ubuntu1.11+tuxcare.els1_amd64.deb a179ac9aa6ae321fc4a68ee610dcc22f27a73f1d CLSA-2023:1676026057 TuxCare License Agreement 0 * SECURITY UPDATE: Use-after-free following BIO_new_NDEF - debian/patches/CVE-2023-0215.patch: fix a UAF resulting from a bug in BIO_new_NDEF in crypto/asn1/bio_ndef.c - CVE-2023-0215 * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for x400Address in crypto/x509/v3_genn.c - CVE-2023-0286 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use-after-free following BIO_new_NDEF - debian/patches/CVE-2023-0215.patch: fix a UAF resulting from a bug in BIO_new_NDEF in crypto/asn1/bio_ndef.c - CVE-2023-0215 * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for x400Address in crypto/x509/v3_genn.c - CVE-2023-0286

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els5_amd64.deb 0a7c241e174644656b30a604f43ca01e0a2ee90f libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els5_all.deb 66d1065ba8f1b66a20efb157f8efff362f19eb36 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els5_amd64.deb 9e29d5bb214abc317963fa69a07013ba9ee8dc0e openssl_1.0.2g-1ubuntu4.21+tuxcare.els5_amd64.deb 8b0da3d05aafe80c819d7adeee4b415089c34239 CLSA-2023:1676571424 TuxCare License Agreement 0 * Update ca-certificates database to 20221215: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.60. - The following certificate authorities were added: # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "ANF Secure Server Root CA" # Certificate "Certainly Root E1" # Certificate "Certainly Root R1" # Certificate "Certigna Root CA" # Certificate "certSIGN Root CA G2" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "D-TRUST Root CA 3 2013" # Certificate "emSign ECC Root CA - C3" # Certificate "emSign ECC Root CA - G3" # Certificate "emSign Root CA - C1" # Certificate "emSign Root CA - G1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "e-Szigno Root CA 2017" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "GDCA TrustAUTH R5 ROOT" # Certificate "GlobalSign Root CA - R6" # Certificate "GlobalSign Root E46" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GLOBALTRUST 2020" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "HARICA Client ECC Root CA 2021" # Certificate "HARICA Client RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HiPKI Root CA - G1" # Certificate "Hongkong Post Root CA 3" # Certificate "ISRG Root X2" # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "NAVER Global Root Certification Authority" # Certificate "OISTE WISeKey Global Root GC CA" # Certificate "Security Communication ECC RootCA1" # Certificate "Security Communication RootCA3" # Certificate "SSL.com EV Root Certification Authority ECC" # Certificate "SSL.com EV Root Certification Authority RSA R2" # Certificate "SSL.com Root Certification Authority ECC" # Certificate "SSL.com Root Certification Authority RSA" # Certificate "Telia Root CA v2" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1" # Certificate "TunTrust Root CA" # Certificate "UCA Extended Validation Root" # Certificate "UCA Global G2 Root" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" - The following certificate authorities were removed (-): # Certificate "ACEDICOM Root" # Certificate "AC Raiz Certicamara S.A." # Certificate "AddTrust External Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "AddTrust Public Services Root" # Certificate "AddTrust Qualified Certificates Root" # Certificate "ApplicationCA - Japanese Government" # Certificate "Bogus Global Trustee" # Certificate "Bogus GMail" # Certificate "Bogus Google" # Certificate "Bogus live.com" # Certificate "Bogus Mozilla Addons" # Certificate "Bogus Skype" # Certificate "Bogus Yahoo 1" # Certificate "Bogus Yahoo 2" # Certificate "Bogus Yahoo 3" # Certificate "CA Disig Root R1" # Certificate "Camerfirma Global Chambersign Root" # Certificate "CA WoSign ECC Root" # Certificate "Certification Authority of WoSign G2" # Certificate "Certinomis - Autorité Racine" # Certificate "Certinomis - Root CA" # Certificate "Certplus Class 2 Primary CA" # Certificate "Certplus Root CA G1" # Certificate "Certplus Root CA G2" # Certificate "China Internet Network Information Center EV Certificates Root" # Certificate "CNNIC ROOT" # Certificate "Comodo Secure Services root" # Certificate "Comodo Trusted Services root" # Certificate "ComSign CA" # Certificate "ComSign Secured CA" # Certificate "Cybertrust Global Root" # Certificate "Deutsche Telekom Root CA 2" # Certificate "DST ACES CA X6" # Certificate "DST Root CA X3" # Certificate "EC-ACC" # Certificate "EE Certification Centre Root CA" # Certificate "Explicitly Distrust DigiNotar Cyber CA" # Certificate "Explicitly Distrust DigiNotar Cyber CA 2nd" # Certificate "Explicitly Distrust DigiNotar Services 1024 CA" # Certificate "Explicitly Distrusted DigiNotar PKIoverheid" # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" # Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)" # Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)" # Certificate "Explicitly Distrusted MCSHOLDING CA" # Certificate "GeoTrust Global CA" # Certificate "GeoTrust Global CA 2" # Certificate "GeoTrust Primary Certification Authority" # Certificate "GeoTrust Primary Certification Authority - G2" # Certificate "GeoTrust Primary Certification Authority - G3" # Certificate "GeoTrust Universal CA" # Certificate "GeoTrust Universal CA 2" # Certificate "GlobalSign Root CA - R2" # Certificate "Hellenic Academic and Research Institutions RootCA 2011" # Certificate "LuxTrust Global Root 2" # Certificate "MD5 Collisions Forged Rogue CA 25c3" # Certificate "Microsec e-Szigno Root CA" # Certificate "Network Solutions Certificate Authority" # Certificate "OpenTrust Root CA G1" # Certificate "OpenTrust Root CA G2" # Certificate "OpenTrust Root CA G3" # Certificate "PSCProcert" # Certificate "QuoVadis Root CA" # Certificate "Security Communication EV RootCA1" # Certificate "Sonera Class 2 Root CA" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "StartCom Certification Authority" # Certificate "StartCom Certification Authority G2" # Certificate "S-TRUST Universal Root CA" # Certificate "Swisscom Root CA 1" # Certificate "Swisscom Root CA 2" # Certificate "Swisscom Root EV CA 2" # Certificate "SwissSign Platinum CA - G2" # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" # Certificate "Taiwan GRCA" # Certificate "TC TrustCenter Class 3 CA II" # Certificate "thawte Primary Root CA" # Certificate "thawte Primary Root CA - G2" # Certificate "thawte Primary Root CA - G3" # Certificate "Trustis FPS Root CA" # Certificate "TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3" # Certificate "TURKTRUST Certificate Services Provider Root 2007" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6" # Certificate "UTN USERFirst Email Root CA" # Certificate "UTN USERFirst Hardware Root CA" # Certificate "UTN USERFirst Object Root CA" # Certificate "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal" # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" # Certificate "VeriSign Universal Root Certification Authority" # Certificate "Visa eCommerce Root" # Certificate "WellsSecure Public Root Certificate Authority" # Certificate "WoSign" # Certificate "WoSign China" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20221215: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.60. - The following certificate authorities were added: # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "ANF Secure Server Root CA" # Certificate "Certainly Root E1" # Certificate "Certainly Root R1" # Certificate "Certigna Root CA" # Certificate "certSIGN Root CA G2" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "D-TRUST Root CA 3 2013" # Certificate "emSign ECC Root CA - C3" # Certificate "emSign ECC Root CA - G3" # Certificate "emSign Root CA - C1" # Certificate "emSign Root CA - G1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "e-Szigno Root CA 2017" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "GDCA TrustAUTH R5 ROOT" # Certificate "GlobalSign Root CA - R6" # Certificate "GlobalSign Root E46" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GLOBALTRUST 2020" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "HARICA Client ECC Root CA 2021" # Certificate "HARICA Client RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HiPKI Root CA - G1" # Certificate "Hongkong Post Root CA 3" # Certificate "ISRG Root X2" # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "NAVER Global Root Certification Authority" # Certificate "OISTE WISeKey Global Root GC CA" # Certificate "Security Communication ECC RootCA1" # Certificate "Security Communication RootCA3" # Certificate "SSL.com EV Root Certification Authority ECC" # Certificate "SSL.com EV Root Certification Authority RSA R2" # Certificate "SSL.com Root Certification Authority ECC" # Certificate "SSL.com Root Certification Authority RSA" # Certificate "Telia Root CA v2" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1" # Certificate "TunTrust Root CA" # Certificate "UCA Extended Validation Root" # Certificate "UCA Global G2 Root" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" - The following certificate authorities were removed (-): # Certificate "ACEDICOM Root" # Certificate "AC Raiz Certicamara S.A." # Certificate "AddTrust External Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "AddTrust Public Services Root" # Certificate "AddTrust Qualified Certificates Root" # Certificate "ApplicationCA - Japanese Government" # Certificate "Bogus Global Trustee" # Certificate "Bogus GMail" # Certificate "Bogus Google" # Certificate "Bogus live.com" # Certificate "Bogus Mozilla Addons" # Certificate "Bogus Skype" # Certificate "Bogus Yahoo 1" # Certificate "Bogus Yahoo 2" # Certificate "Bogus Yahoo 3" # Certificate "CA Disig Root R1" # Certificate "Camerfirma Global Chambersign Root" # Certificate "CA WoSign ECC Root" # Certificate "Certification Authority of WoSign G2" # Certificate "Certinomis - Autorité Racine" # Certificate "Certinomis - Root CA" # Certificate "Certplus Class 2 Primary CA" # Certificate "Certplus Root CA G1" # Certificate "Certplus Root CA G2" # Certificate "China Internet Network Information Center EV Certificates Root" # Certificate "CNNIC ROOT" # Certificate "Comodo Secure Services root" # Certificate "Comodo Trusted Services root" # Certificate "ComSign CA" # Certificate "ComSign Secured CA" # Certificate "Cybertrust Global Root" # Certificate "Deutsche Telekom Root CA 2" # Certificate "DST ACES CA X6" # Certificate "DST Root CA X3" # Certificate "EC-ACC" # Certificate "EE Certification Centre Root CA" # Certificate "Explicitly Distrust DigiNotar Cyber CA" # Certificate "Explicitly Distrust DigiNotar Cyber CA 2nd" # Certificate "Explicitly Distrust DigiNotar Services 1024 CA" # Certificate "Explicitly Distrusted DigiNotar PKIoverheid" # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" # Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)" # Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)" # Certificate "Explicitly Distrusted MCSHOLDING CA" # Certificate "GeoTrust Global CA" # Certificate "GeoTrust Global CA 2" # Certificate "GeoTrust Primary Certification Authority" # Certificate "GeoTrust Primary Certification Authority - G2" # Certificate "GeoTrust Primary Certification Authority - G3" # Certificate "GeoTrust Universal CA" # Certificate "GeoTrust Universal CA 2" # Certificate "GlobalSign Root CA - R2" # Certificate "Hellenic Academic and Research Institutions RootCA 2011" # Certificate "LuxTrust Global Root 2" # Certificate "MD5 Collisions Forged Rogue CA 25c3" # Certificate "Microsec e-Szigno Root CA" # Certificate "Network Solutions Certificate Authority" # Certificate "OpenTrust Root CA G1" # Certificate "OpenTrust Root CA G2" # Certificate "OpenTrust Root CA G3" # Certificate "PSCProcert" # Certificate "QuoVadis Root CA" # Certificate "Security Communication EV RootCA1" # Certificate "Sonera Class 2 Root CA" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "StartCom Certification Authority" # Certificate "StartCom Certification Authority G2" # Certificate "S-TRUST Universal Root CA" # Certificate "Swisscom Root CA 1" # Certificate "Swisscom Root CA 2" # Certificate "Swisscom Root EV CA 2" # Certificate "SwissSign Platinum CA - G2" # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" # Certificate "Taiwan GRCA" # Certificate "TC TrustCenter Class 3 CA II" # Certificate "thawte Primary Root CA" # Certificate "thawte Primary Root CA - G2" # Certificate "thawte Primary Root CA - G3" # Certificate "Trustis FPS Root CA" # Certificate "TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3" # Certificate "TURKTRUST Certificate Services Provider Root 2007" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6" # Certificate "UTN USERFirst Email Root CA" # Certificate "UTN USERFirst Hardware Root CA" # Certificate "UTN USERFirst Object Root CA" # Certificate "VeriSign-C3SSA-G2-temporary-intermediate-after-1024bit-removal" # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" # Certificate "VeriSign Universal Root Certification Authority" # Certificate "Visa eCommerce Root" # Certificate "WellsSecure Public Root Certificate Authority" # Certificate "WoSign" # Certificate "WoSign China"

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els3_amd64.deb f3096f91d2bad3fbb9deaa53863056f9f553df53 libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els3_amd64.deb 2c1f182ec2e5c2272008d4809ff87182fc0cbf0d libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els3_amd64.deb b40f8780346d166566f985eeeb690dc6f68dcb19 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els3_all.deb 7f29d38fbb4e4917a71314c2afcfd497920a12af libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els3_amd64.deb 7d6ab294fdcc05534cc2dc20c7fab72eb94df9da CLSA-2023:1676571485 TuxCare License Agreement 0 * Update ca-certificates database to 20221215: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.60. - The following certificate authorities were added (+): + "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" + "GlobalSign Secure Mail Root R45" + "GlobalSign Secure Mail Root E45" + "GlobalSign Root R46" + "GlobalSign Root E46" + "GLOBALTRUST 2020" + "ANF Secure Server Root CA" + "Certum EC-384 CA" + "Certum Trusted Root CA" + "TunTrust Root CA" + "HARICA TLS RSA Root CA 2021" + "HARICA TLS ECC Root CA 2021" + "HARICA Client RSA Root CA 2021" + "HARICA Client ECC Root CA 2021" + "Autoridad de Certificacion Firmaprofesional CIF A62634068" + "vTrus ECC Root CA" + "vTrus Root CA" + "ISRG Root X2" + "HiPKI Root CA - G1" + "Telia Root CA v2" + "D-TRUST BR Root CA 1 2020" + "D-TRUST EV Root CA 1 2020" + "DigiCert TLS ECC P384 Root G5" + "DigiCert TLS RSA4096 Root G5" + "DigiCert SMIME ECC P384 Root G5" + "DigiCert SMIME RSA4096 Root G5" + "Certainly Root R1" + "Certainly Root E1" + "E-Tugra Global Root CA RSA v3" + "E-Tugra Global Root CA ECC v3" + "DIGITALSIGN GLOBAL ROOT RSA CA" + "DIGITALSIGN GLOBAL ROOT ECDSA CA" + "Security Communication RootCA3" + "Security Communication ECC RootCA1" - The following certificate authorities were removed (-): - "GlobalSign Root CA - R2" - "QuoVadis Root CA" - "Sonera Class 2 Root CA" - "DST Root CA X3" - "Cybertrust Global Root" - "Explicitly Distrusted DigiNotar PKIoverheid G2" - "Trustis FPS Root CA" - "Staat der Nederlanden EV Root CA" - "Camerfirma Global Chambersign Root" - "VeriSign Universal Root Certification Authority" - "SwissSign Platinum CA - G2" - "Network Solutions Certificate Authority" - "Hellenic Academic and Research Institutions RootCA 2011" - "EC-ACC" - "GlobalSign ECC Root CA - R4" - "GTS Root R4" - "GTS Root R3" - "GTS Root R2" - "GTS Root R1" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20221215: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.60. - The following certificate authorities were added (+): + "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" + "GlobalSign Secure Mail Root R45" + "GlobalSign Secure Mail Root E45" + "GlobalSign Root R46" + "GlobalSign Root E46" + "GLOBALTRUST 2020" + "ANF Secure Server Root CA" + "Certum EC-384 CA" + "Certum Trusted Root CA" + "TunTrust Root CA" + "HARICA TLS RSA Root CA 2021" + "HARICA TLS ECC Root CA 2021" + "HARICA Client RSA Root CA 2021" + "HARICA Client ECC Root CA 2021" + "Autoridad de Certificacion Firmaprofesional CIF A62634068" + "vTrus ECC Root CA" + "vTrus Root CA" + "ISRG Root X2" + "HiPKI Root CA - G1" + "Telia Root CA v2" + "D-TRUST BR Root CA 1 2020" + "D-TRUST EV Root CA 1 2020" + "DigiCert TLS ECC P384 Root G5" + "DigiCert TLS RSA4096 Root G5" + "DigiCert SMIME ECC P384 Root G5" + "DigiCert SMIME RSA4096 Root G5" + "Certainly Root R1" + "Certainly Root E1" + "E-Tugra Global Root CA RSA v3" + "E-Tugra Global Root CA ECC v3" + "DIGITALSIGN GLOBAL ROOT RSA CA" + "DIGITALSIGN GLOBAL ROOT ECDSA CA" + "Security Communication RootCA3" + "Security Communication ECC RootCA1" - The following certificate authorities were removed (-): - "GlobalSign Root CA - R2" - "QuoVadis Root CA" - "Sonera Class 2 Root CA" - "DST Root CA X3" - "Cybertrust Global Root" - "Explicitly Distrusted DigiNotar PKIoverheid G2" - "Trustis FPS Root CA" - "Staat der Nederlanden EV Root CA" - "Camerfirma Global Chambersign Root" - "VeriSign Universal Root Certification Authority" - "SwissSign Platinum CA - G2" - "Network Solutions Certificate Authority" - "Hellenic Academic and Research Institutions RootCA 2011" - "EC-ACC" - "GlobalSign ECC Root CA - R4" - "GTS Root R4" - "GTS Root R3" - "GTS Root R2" - "GTS Root R1"

0 tuxcare-ubuntu16.04-els ca-certificates_20221215~16.04.1ubuntu0.1~tuxcare.els1_all.deb 7ef6d2968c86aba3cf68a86a2eacd3bbb8510ece CLSA-2023:1677096436 TuxCare License Agreement 0 * SECURITY UPDATE: Under certain circumstances the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. - debian/patches/0010-cve-2017-11671.diff: moves expansion out of the link. - CVE-2017-11671 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Under certain circumstances the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. - debian/patches/0010-cve-2017-11671.diff: moves expansion out of the link. - CVE-2017-11671

0 tuxcare-ubuntu16.04-els cpp-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 72e1d0f0035d6487c466c6758f9ab0daf74d55ee cpp-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb b7d37de22faea10a5caccff260d209ea0d5ff75e fixincludes_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 94c30ff641a985db08742deb19ce7de8b1f48bf6 g++-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 6f225d8417eba3ae2233616ed0f24fc6b8a4c148 g++-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 45ceda9930d35e52a5b80aa59a6b3c389481c74a gcc-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 018153378b0afce349f50ce0913d07124c5858fb gcc-5-base_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 39036c78fb293f102766accb9a80eed5f2bfe43f gcc-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb 2c6f124fe7456c559b2a200198392ce7d4527856 gcc-5-hppa64-linux-gnu_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 80befcfe24f30e21e525ba16a6bf56479541faf6 gcc-5-locales_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb 36fe29b909fd2fd7c7fc71c834278f621215efea gcc-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 4ab0157b319254655245252955110fd1bf74c9aa gcc-5-plugin-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 75536c040cf5ca053c33ab4d72df3bae0f0a6797 gcc-5-source_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb cc874d1553c789b1293e707f71c44c2f80a251dc gcc-5-test-results_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 554286b5166da4b95cf88e212a9444dbdfacb033 gccgo-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 7884a0eb9ba829ed842acef789e1d0905432fb4b gccgo-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb 4de6899f9071b9984c12cfc742471b40af222731 gccgo-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 59451c12af9954c37f4d39e26c55f18f49fac39b gcj-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 5e77b50888bfe1eba9f99b6306e4854c5d6e7c1e gcj-5-jdk_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb dc02e4eba332cff928737d764e11543a20c3d7d4 gcj-5-jre_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb e79f94818fb12665e82bfef927c739d1bacc3c5e gcj-5-jre-headless_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb a7300156598205852ee3b82255154e95b524dbd2 gcj-5-jre-lib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb 87dcae8dec18e6ebb993aa7e5c9c46feecc78006 gcj-5-source_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb d41a539c9e298817677a56f5532f39f559517607 gdc-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 7aa2b2b48a4e68ff12039ee632d913cd058f45f2 gdc-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 9b9ac8908587127bdef7aec528de95fcd02f85ce gfortran-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 4b3130336580fc91260e55186e57815887f3a0e8 gfortran-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb ec6da5ec9a30d4f36fe90523927826cf7e7360be gfortran-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb be9b71fc361d8a1fb040720e1f7d7d837f3b39ad gnat-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 537351f125c6f34e11e5baa27859c0e001026553 gnat-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb 161ce1b361fde779c3efa7414cd035a16ba3c8f5 gnat-5-sjlj_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 7a448216e343d3de1ae1568c4e592c2f3e3ca7d4 gobjc++-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 99dfb9c5e40e9e4e7754faf715e19d12551bd4f9 gobjc++-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 46bce31b2adeb4ea6f376cbb2ea00441d007b361 gobjc-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 1da90567aec2a56154a96c7d127e696c6897ec5f gobjc-5-multilib_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb ed443d8c8b7e5cd330c74c177ea56a9c290ad947 lib32asan2_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 2c0947c878c096332a83776be6b5ca449478b4ea lib32atomic1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb f9c8dfe29f688db3f96102eb015672df9f1d50d5 lib32cilkrts5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 14c04d9a9c24054621d32ee8c6e78f589ec02be3 lib32gcc-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 50464a2409ad4e9db8517582b23aa3ee07c67f9f lib32gfortran-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb b9101e43fa479ded1336d67ea7759062ffc35305 lib32gfortran3_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 2db1a11dc600cdb2f20adbe52de70ceed61efa26 lib32go7_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 5f1127cacbea93a7ce08a54f096c9d52883d75dd lib32gomp1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 5ef287c10f888f5fc2c447d9b14de1a4593ddddd lib32itm1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 6701cfd47dc51781141c4940ab6dd16b78c7854e lib32lsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 9703d96a82939d2b894d17066cd0149dcf5d72b0 lib32mpx0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb e7d0f08f1e5fcb0d5c1beb0049f01c7b0557acd8 lib32objc-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 41f921718321697c44df61da86f0db70f9315735 lib32objc4_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 0d4fc1fe825f15f0c4c247d45f27dcefc56bc2f5 lib32phobos-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 054a457518845b3b74a90e6e7d2e159e6fa39c65 lib32quadmath0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 9c67c91295cb635ab95c9badf69ed5227805460a lib32stdc++-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 708e4855f208fa508cd3aa4845d7eb438488e22c lib32stdc++6_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 7a1b72f4899342e4acdeefda96dacf68524eac4f lib32ubsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb aebe1ff37c1556f3e5d6b67c8f7448320ccf5cdb libasan2_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb de2e049e23ff2fd249d9ebadb1e0410ed03431d5 libatomic1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb fdd83c89e02c5b8ee89b2c75b0b7aa53355f4002 libcc1-0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb a09f9486f14772980989830b42c242fec16d1375 libcilkrts5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb fba9fa8119ea63d1392a24a551539efc6e5aabf3 libgcc-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 737de9554703bfaf7daf5e0f2187488e259ddc8f libgccjit-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb b7f3468462f576e1c3d1014467f6873f6e65b789 libgccjit-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb 1fee13d3a74379cd889124bcb0dca9d14067f5e8 libgccjit0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 64101a1c68aba68a1b67007abfc8058564acd8e2 libgcj-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb f68bbf28df6c3fc6214d29780eaf16e3ce7becc7 libgcj16_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb b5fdf5cf07236a49e0e47d8c7d4c1f24f516d881 libgcj16-awt_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 95791af21669e9a11213f8ce37e828f0ac506815 libgcj16-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb b78f9b55c015b09592c95b0cc7f752ae851d0815 libgfortran-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb a7e405885a7591f9fe7d242c52d10605b55f624a libgfortran3_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 9660055e14d58bb55113047e91080c60033d9f03 libgnat-5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 4a90efa9fd2c930b4ecf07504736a262b66dcc1b libgnatprj5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 6eb411e6884cad0433fa193762452571f8c81ea9 libgnatprj5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 4f2a54ac042faed6a1197018d420be252b575680 libgnatvsn5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 49f234eb79f711d775a3cea0c9567ad89f07f352 libgnatvsn5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb b11f98a4b49d65dfa8af7e434812a437f0351f11 libgo7_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb ecb7a6a362e30b5f5d3dad34b29db9251c2bc97a libgomp1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb ae14e656ec90d59b13ce482e3d6fec8fc88aca51 libitm1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 483e87d73ba8c82d532308a33bd501ceaf92a411 liblsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 5edd007f2b3d1ac6d9968f33ed90fb77bf2cff0d libmpx0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb db3036ff3c9f82c6129734b1a931b19fa18ac47a libobjc-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb b63acf740f3bad5a203333e178c63122f80e7c6f libobjc4_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 7210933002288a927a9a1e4fe234010cf980a141 libphobos-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb e9f8ceedb507cf9edebc4a1afe3b679c07783ff1 libquadmath0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 15e66b4efc25f573f56be1b2728a0d2995514c19 libstdc++-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb cb560fcf1e28132652572a6aee107b887f2c103f libstdc++-5-doc_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_all.deb ff29ce49d58d5e2029afe3294ad11f740bda70a3 libstdc++-5-pic_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 5ddff9d0b4084ad4bba9070a4d6e3ebceef32a25 libstdc++6_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb e1e36f675cb1d2f73062f51a25eb0f81ab0399ec libtsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 6a048aa8efe5c82667f359f85a03ab41112ed0a1 libubsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 6560b87f1b6a999248506ec06f644e8f9274620d libx32asan2_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb d7b84a0bed21af01c0a79d34c48bc71392cedb25 libx32atomic1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 486f5073888b1bf163be4360a577c8f2945e28ae libx32cilkrts5_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 2e922799d2886fa3726fb0761ddd4e07347d9fdc libx32gcc-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 257de27fe631ed54fd0ebacdbfeecc8b3e1d79e1 libx32gfortran-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 8f61a5aef6d81c6043b68998ed202458541390d2 libx32gfortran3_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb ea500f943ceebf81ffb32202645f6b052c61b7b3 libx32go7_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 075599946bc5a4053e964d78216405866ba925ce libx32gomp1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb bfdf4efea744bc8c4fff98d9a00ebab1949b9916 libx32itm1_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 0cad536b563b0805400f203d11cfcb7afe095bec libx32lsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb d06c2b86a3f20838107ac3fc7242835145f2a867 libx32objc-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 40416526814dae545c75166cf7cefefa6c94b29d libx32objc4_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb f407677cbc7ff3a50177ba1d7b96d97d0b1b418d libx32phobos-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 66ed991c158829f941a1998dc174e1fe85e7bdab libx32quadmath0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb ac9c968f90d789e8eee7d56f629a1d1f3f004d05 libx32stdc++-5-dev_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 23572b68a19344f01ea76ed333d2ae285445e3e9 libx32stdc++6_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb ba1fbbfa5901dbb31304864ef0e6b4050a77ac14 libx32ubsan0_5.4.0-6ubuntu1~16.04.12+tuxcare.els1_amd64.deb 7819f7b080e28aa17194e59b16da8dfc4646518b CLSA-2023:1677096675 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds write caused by integer overflow - debian/patches/CVE-2022-41903.patch: use 'size_t' instead of 'int' to track the string lengths and so allow >2GB input sizes. - CVE-2022-41903 - t-mark-submodule-clean-test-as-known-failure.patch: mark submodule clean test as known failure and so pass 'make test'. * SECURITY UPDATE: possible cross-protocol requests - debian/patches/CVE-2021-40330.patch: forbid newlines in host and path. - CVE-2021-40330 * SECURITY UPDATE: out-of-bounds write and possible RCE caused by integer overflow - debian/patches/CVE-2022-39260.patch: reject too long command line strings in split_cmdline(). - CVE-2022-39260 * SECURITY UPDATE: out-of-bounds write when reading an unreasonably large .gitattributes file - debian/patches/CVE-2021-23521.patch: implement line and overall size checks for .gitattributes files. - CVE-2021-23521 * SECURITY UPDATE: possible write outside of the repository's working directory - debian/patches/CVE-2023-23946.patch: prevent git-apply from writing behind newly created symbolic links. - CVE-2023-23946 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds write caused by integer overflow - debian/patches/CVE-2022-41903.patch: use 'size_t' instead of 'int' to track the string lengths and so allow >2GB input sizes. - CVE-2022-41903 - t-mark-submodule-clean-test-as-known-failure.patch: mark submodule clean test as known failure and so pass 'make test'. * SECURITY UPDATE: possible cross-protocol requests - debian/patches/CVE-2021-40330.patch: forbid newlines in host and path. - CVE-2021-40330 * SECURITY UPDATE: out-of-bounds write and possible RCE caused by integer overflow - debian/patches/CVE-2022-39260.patch: reject too long command line strings in split_cmdline(). - CVE-2022-39260 * SECURITY UPDATE: out-of-bounds write when reading an unreasonably large .gitattributes file - debian/patches/CVE-2021-23521.patch: implement line and overall size checks for .gitattributes files. - CVE-2021-23521 * SECURITY UPDATE: possible write outside of the repository's working directory - debian/patches/CVE-2023-23946.patch: prevent git-apply from writing behind newly created symbolic links. - CVE-2023-23946

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els1_amd64.deb 485f4aa4db3aedcc6901ae521c7402bbadceb018 git-all_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb e10bdf160064e0d67087071e32f35b668846c56b git-arch_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb f977584b18db46dbf75722f71294c40c2e68a1b0 git-core_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 7d7d0f2bca387bcd69bd0ecccd610581cd4d97df git-cvs_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb a618bcdd593b81821085703398792c2b462cf411 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 4081aa0f4299d037afd648ab9ccdd0a63a9e0fb1 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 8256722101a606bd3ef2880ea2e65803d38fe9af git-doc_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 0a719133c454b5d4e8ae097f9a8793229d840e46 git-el_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb c27efd86c7c5db8f887be46484f8069d0bcec7b1 git-email_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 5f078615e5359d62b7a5e3894efe4f13218d4229 git-gui_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 1278fddb0135b78af19f240f3e423abaa248ef2b git-man_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb e3e26f83213818445fa0c6e654b82d36e0318276 git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 2c3b74cefda16656269a97a60e3c24e5400c2df3 git-svn_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb e4c2e8c170b50ce220fd53d36772aad305e233cc gitk_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 0322d1cbe82c9774d61b6cf71291fc06f96a7ff7 gitweb_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb 66c441cc9983979cc894256b45b021f867ace896 CLSA-2023:1677784062 TuxCare License Agreement 0 * SECURITY UPDATE: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. - debian/patches/CVE-2022-34480.patch: avoid using uninitialized pointer - CVE-2022-34480 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. - debian/patches/CVE-2022-34480.patch: avoid using uninitialized pointer - CVE-2022-34480

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb 43e35f758829a003388bda34fa9c12ff9e6a06a2 libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb 4dd31be5cc5e88d35aab0e99e368b2fed4512878 libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb 4508a86ad926b29e38b7c53f0bc5abb50d5641e7 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_all.deb b9af9b63b976ebd43a6ba919d9d1d1eb63d12fd6 libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb 917869153a563ea3d075a3e3e481ea9aa7a4776b CLSA-2023:1677784124 TuxCare License Agreement 0 * SECURITY UPDATE: Invalid validation of BCrypt hashes - debian/patches/CVE-2023-0567.patch: Remove "PHP Hack" to fix validation of malformed BCrypt hashes - CVE-2023-0567 * SECURITY UPDATE: Unauthorized data access or modification - debian/patches/CVE-2023-0568.patch: Fix array overrun when appending slash to paths - CVE-2023-0568 * SECURITY UPDATE: DoS vulnerability when parsing multipart request body - debian/patches/CVE-2023-0662.patch: Introduce max_multipart_body_parts INI and fix repeated warning for file uploads limit exciding - CVE-2023-0662 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Invalid validation of BCrypt hashes - debian/patches/CVE-2023-0567.patch: Remove "PHP Hack" to fix validation of malformed BCrypt hashes - CVE-2023-0567 * SECURITY UPDATE: Unauthorized data access or modification - debian/patches/CVE-2023-0568.patch: Fix array overrun when appending slash to paths - CVE-2023-0568 * SECURITY UPDATE: DoS vulnerability when parsing multipart request body - debian/patches/CVE-2023-0662.patch: Introduce max_multipart_body_parts INI and fix repeated warning for file uploads limit exciding - CVE-2023-0662

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb eebebbccd68eac97121c3883fc313d10513ce41b libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 1d13f84ce44d69aeb03005898a033f146421af91 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_all.deb 76df586899da8cc7011fac70bfceacaac67287b2 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb b78f91b032d265dbbed29492a707cfeecea1045e php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb ef84946b1d3e159bb9cf2cfb462268b41afd1908 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb ee03f0af4f13d3e03ddf98181146119910baed47 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 9734033af02d08b003c8e66922add08f3681e00a php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb d71c88eb2b6cb67dc2470a30d9d526ca97a4837c php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb edda95e6d96781abf289715502603fc43da26f4b php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 7c26dab8c1883bbd0f3e69c422679088b29abec5 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 6c6b21207a759b1267f81240d4031a905f006181 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 9daf66816c27d53f0e7224387746d0b9a7494ca6 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 7a606be33bd5bd982355d3966299c5fa2c5b1c8f php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb c17ee75f8a7543688e2a128e515c4809e723c228 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 072b1e33bebac09a8b459a86f6ae14463fc4f609 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb c7db31e184d73ca9674e0c783af5a91e575ce1e3 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 32419ee4e9cecf93efc629fcd94d7f4c3ade330d php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb e5df2a9b852944dae739045a10876ed03e98ccf9 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 08b6ed0ea6ff6cb927cb2ccd53c5fb1c314a9e89 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb cfcdbd39c30b52adafb160f8e9dde125407db1b2 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb b79d900ead167da6ff8958ba9e182db36fb009b8 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 8f53d26fafa3bf5a6c4db2dcee9e313dcd03ad94 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 66e044ba55b23744993521544766ee663a828194 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb d45f083edb94c4e60b75b1f0fd04828bd1c8e5b3 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb e5c69ec0b82bad7145dc537df1c32f802ff8d6de php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 511e72d73514a2f948e3c8d4c959f1080cb548d2 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb e6783c54653b85c1a6db3b617b63bbb51051b4b5 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb f375f53370b3994ce4f8f6c33627a487aa807107 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb c9dea0026ddf0ec006fd675698fb824d70656ce8 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 61c8d5f48dea234dd4c56d06eb99d2b9370ebd9e php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 9b9242a87b713eba5b7d9167ff6efc486e94e81a php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 2a6a15ce0cc56f5c0bdc0f81bb3bc0318eeed990 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb d662f988aca76bfbf7d9d8d91b1046b5847d0b42 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 031604cde808b6a0db3c5ad1bd7c7dcf2a97ed6d php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 38721ffb3cf6dbdd8b0aefa0e18a2ab8c1af63df php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 6f6a65d0423a905135a049c8ea758fca3f31dab6 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb e7658e499600add9e4bdb46eccc2f95f684435f7 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_all.deb 89d7db0c8984f9d52f69308032407453abbc2cee php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb 3fb253d1c8d37962afcf8a8c638a3cea6bc86061 CLSA-2023:1677784249 TuxCare License Agreement 0 * SECURITY UPDATE: memory leak in read_header - debian/patches/CVE-2021-20193.patch: Don't return directly from the loop. Instead set the status and break. Return the status. - CVE-2021-20193.patch * SECURITY UPDATE: a heap buffer overflow - debian/patches/CVE-2022-48303.patch: Check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value. - CVE-2022-48303.patch * improve debian/rules to build the project by root Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory leak in read_header - debian/patches/CVE-2021-20193.patch: Don't return directly from the loop. Instead set the status and break. Return the status. - CVE-2021-20193.patch * SECURITY UPDATE: a heap buffer overflow - debian/patches/CVE-2022-48303.patch: Check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value. - CVE-2022-48303.patch * improve debian/rules to build the project by root

0 tuxcare-ubuntu16.04-els tar_1.28-2.1ubuntu0.2+tuxcare.els1_amd64.deb 81a1ad7a69d85bcc49ac67ab9f506592bd86c8c1 tar-scripts_1.28-2.1ubuntu0.2+tuxcare.els1_amd64.deb 7d04a9f7349527cf92b35b433076117e9fe113ff CLSA-2023:1678136704 TuxCare License Agreement 0 * SECURITY UPDATE: Improper input validation - debian/patches/CVE-2023-24329-v2.7.patch: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character - CVE-2023-24329 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper input validation - debian/patches/CVE-2023-24329-v2.7.patch: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character - CVE-2023-24329

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_all.deb 89f18b7f5d947c97c077c0116ab57564be08a766 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb 910660e5a50ef1fda2627fbddfcd564e8ebc9edc libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb 1e2c86dd8bdd8325988642c6c299d0485a488b8c libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb 75362574c993792093b53ce62b21a61613cd2a2f libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb a53401dbefd34601bacf9efe0fc0a9491e1450ac libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_all.deb 4c5763aaafe07dbc65c50bfa9c634a6f4988b973 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb 5850d58da650ce07c70435e8c57c275061fca8d7 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb 161b003f0e78b8e91ea41c111076ff8e5f807122 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_all.deb 1ff9dcb4800ac918f3ace5b3c567b13846fb1566 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_all.deb c4008f6c9b395c864299ada96af1becfc9a3278b python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els6_amd64.deb 71374a1d3e6116d108cc84891a9b0a198574b129 CLSA-2023:1678396353 TuxCare License Agreement 0 * SECURITY UPDATE: urllib.parse.urlparse does not enforce that a scheme must begin with an ASCII-character - debian/patches/CVE-2023-24329.patch: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character - CVE-2023-24329 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: urllib.parse.urlparse does not enforce that a scheme must begin with an ASCII-character - debian/patches/CVE-2023-24329.patch: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character - CVE-2023-24329

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_all.deb fb60d1ecc76b50e9a4dffbad5d100ff4108e81d1 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb b502b007eeac74757a54ad30d1ff6599ca678274 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb 63158ef86026de228be41c094177404fe2f1a023 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb 2f5c9f55d951433b21813940dd5582568cc3cfd7 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb 364c9c0a2d0ed552bc9726940b424c6d020fdd5b libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_all.deb 76c3341b668f387c6fcf18015d33b30e2af3cdad python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb 11003c23d7056d74b49f34720717711e3d7d2a69 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb d5f494816b271cdeb57d2f21b068ba6d49973676 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_all.deb 7b7f55932306a0d643cb15a37e84bd6968fec9d9 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_all.deb 10e510a59882af6e65a89911d1920b025a7c56d2 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb e93a4f75ce2a78b2c93fca554bb6d12200f29a79 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els8_amd64.deb eaa997013fa6d47792300c361dfd7ae2edb45f0a CLSA-2023:1678820123 TuxCare License Agreement 0 * SECURITY UPDATE: Illegal memory access when using virtual editing - debian/patches/CVE-2023-1175: Make sure "startspaces" is not negative - CVE-2023-1175 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Illegal memory access when using virtual editing - debian/patches/CVE-2023-1175: Make sure "startspaces" is not negative - CVE-2023-1175

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 87a688109cd71361f19054e6d2fb9fdf06f844aa vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 29d126f0cb8937b3e031aab70e479ebd441efbfe vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 2146d067f9c87cc2b2aad805548396e372651460 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb c621e85455df3bfbc36f039ed2b1411b26062ed1 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els39_all.deb 0b4136329f9f31433b75b10be553da4f97cada7b vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 6a92b51376b7632a815d6d47a245a71ba8c4f445 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 6d9357e6aff3a7d8415ea6fb0b2400d4e17e2315 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb c67d2612619a3e33ea4ef4b634bf445e6ac2008c vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb c9127b1efa6eff5d3b8382522a21be8ab9178ba1 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 3d318f51d3f44f8f0b6c07f5da1e3e7efd6551b3 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 3edb7b00d886cc41264ab86a413f732c5089c9b4 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els39_all.deb 170f4d4249f3157263a3215329b1c38d226fcbf1 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb e6c9405d1c5ef47edf547ad78f6165dafbef96d0 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 48a6cd199a92c39ce004f35abc7bd42958402583 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els39_all.deb d81cac9989473483c9bf3cd64e65c330ce988088 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els39_amd64.deb 71b2dc3e2bc0f9404901a4be66660bb21c68622e CLSA-2023:1678820199 TuxCare License Agreement 0 * SECURITY UPDATE: HTTP Proxy deny use-after-free - debian/patches/CVE-2022-43552.patch: + smb/telnet: do not free the protocol struct in *_done(). + conn: don't free easy handle data in handler->disconnect. - CVE-2022-43552 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: HTTP Proxy deny use-after-free - debian/patches/CVE-2022-43552.patch: + smb/telnet: do not free the protocol struct in *_done(). + conn: don't free easy handle data in handler->disconnect. - CVE-2022-43552

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb 778c87020e15f80dd8de33ecba2b66c9c4951fa3 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb 36f8e35b3e53498acf8aa6b3e4259265b45c5cb1 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb 278e055ea479278a62704e633ca29b39dc318295 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb a1732364f4f579029e33a3591ea4321649a486a9 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els7_all.deb 7da0e527f09baa39783c1ac9150f28bd58c86896 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb 9b1cbe39cae84929e74dfebd1a23eb0f47887e58 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb 6b6e6d66d0ac1a3050249afd3ba42b05b7127734 libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els7_amd64.deb 2123d29c17d75e42aec4958a114a2cf8318d0db0 CLSA-2023:1679000846 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-02-14 - New microcodes: sig 0x000606c1, pf_mask 0x10, 2022-09-23, rev 0x1000211, size 289792 sig 0x000806f4, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f4, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f5, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f5, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f6, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f6, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f7, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f8, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f8, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000b0671, pf_mask 0x32, 2022-12-19, rev 0x0112, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-08-30, rev 0x1000161, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-08-26, rev 0x4003303, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-08-26, rev 0x5003303, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-08-26, rev 0x7002503, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-10-09, rev 0xd000389, size 296960 sig 0x000706a1, pf_mask 0x01, 2022-09-16, rev 0x003e, size 75776 sig 0x000706a8, pf_mask 0x01, 2022-09-20, rev 0x0022, size 76800 sig 0x000706e5, pf_mask 0x80, 2022-08-31, rev 0x00b8, size 113664 sig 0x000806a1, pf_mask 0x10, 2022-09-07, rev 0x0032, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-06-28, rev 0x00a6, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-06-28, rev 0x0042, size 102400 sig 0x000806ec, pf_mask 0x94, 2022-07-31, rev 0x00f4, size 105472 sig 0x00090661, pf_mask 0x01, 2022-07-15, rev 0x0017, size 20480 sig 0x00090672, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x00090675, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x000906a3, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112 sig 0x000906c0, pf_mask 0x01, 2022-09-02, rev 0x24000024, size 20480 sig 0x000906ed, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0653, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-08-31, rev 0x0057, size 103424 sig 0x000b06f2, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 - CVE-2022-38090, INTEL-SA-00767 - CVE-2022-33196, INTEL-SA-00738 - CVE-2022-21216, INTEL-SA-00700 - CVE-2022-21233, INTEL-SA-00657 - CVE-2022-0005, INTEL-SA-00614 - CVE-2022-33972, INTEL-SA-00730 * source: update symlinks to reflect id of the latest release, 20230214 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-02-14 - New microcodes: sig 0x000606c1, pf_mask 0x10, 2022-09-23, rev 0x1000211, size 289792 sig 0x000806f4, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f4, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f5, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f5, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f6, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f6, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f7, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f8, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f8, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000b0671, pf_mask 0x32, 2022-12-19, rev 0x0112, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-08-30, rev 0x1000161, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-08-26, rev 0x4003303, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-08-26, rev 0x5003303, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-08-26, rev 0x7002503, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-10-09, rev 0xd000389, size 296960 sig 0x000706a1, pf_mask 0x01, 2022-09-16, rev 0x003e, size 75776 sig 0x000706a8, pf_mask 0x01, 2022-09-20, rev 0x0022, size 76800 sig 0x000706e5, pf_mask 0x80, 2022-08-31, rev 0x00b8, size 113664 sig 0x000806a1, pf_mask 0x10, 2022-09-07, rev 0x0032, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-06-28, rev 0x00a6, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-06-28, rev 0x0042, size 102400 sig 0x000806ec, pf_mask 0x94, 2022-07-31, rev 0x00f4, size 105472 sig 0x00090661, pf_mask 0x01, 2022-07-15, rev 0x0017, size 20480 sig 0x00090672, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x00090675, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x000906a3, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112 sig 0x000906c0, pf_mask 0x01, 2022-09-02, rev 0x24000024, size 20480 sig 0x000906ed, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0653, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-08-31, rev 0x0057, size 103424 sig 0x000b06f2, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136 - CVE-2022-38090, INTEL-SA-00767 - CVE-2022-33196, INTEL-SA-00738 - CVE-2022-21216, INTEL-SA-00700 - CVE-2022-21233, INTEL-SA-00657 - CVE-2022-0005, INTEL-SA-00614 - CVE-2022-33972, INTEL-SA-00730 * source: update symlinks to reflect id of the latest release, 20230214

0 tuxcare-ubuntu16.04-els intel-microcode_3.20230214.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 55a3845c92d1adfad540eb55a244c780000eda77 CLSA-2023:1679000956 TuxCare License Agreement 0 * SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 0cbad2007a342060ab089e8984ea07a86b5f36e3 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb e11402403c42df77d87f58f72799632d1a429f5f libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 6c504086fe7ee8c107e7b1dff5482b2959bd7c7d libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 79ac440b91e7391d8b71ea58f5436c817b707369 libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb ccd9164d2b2e5898cc03c471e305e71bb88f2d2e libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb bfa326d2128fe03aff4b2e5ef0c99e40bf104909 libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 0644e6485fa1f994346fd0412c0b46e0976693fb libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 28769167a03e4ebaa70ef1b4b62a03fbc158fe65 python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 3f159ddc7629e54b9175b6aedd568cfffe75821a registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 214c8cb38cea9098c93c20e2fcdfc86253cdc23a samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb c1511d3f3815b73e4eaa9c284100b22e208416f0 samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_all.deb cd9092a0a204b4ddc97c03d85dedc5e6532cc8d4 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 1cf3360c56a3acca3e4938669d75a1a132b28b53 samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb a3c07b59f2a496c33eb681f6ac94ac6ed2647ba7 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb c700f5b548ee4c8701c946069c569f1378a1e6c9 samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb d2525b31c460b9506a763ce748d9b330d57d6f1f samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 691f3482f8b7f8517a8f8e9db6f91584f629c0d7 samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb a816ae0b89ff9879f17cd4bf55e43af91ea7b51f smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 40282defc460e1aae08c5e19c34cfc63060ac92d winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els4_amd64.deb 991968b2646a8475564aac5bd29e0a3ba5ae1998 CLSA-2023:1679349729 TuxCare License Agreement 0 * SECURITY UPDATE: buffer overrun vulnerability in format_timespan() - debian/patches/CVE-2022-3821.patch: fix buffer-over-run - CVE-2022-3821 * SECURITY UPDATE: a local privelege escalation for some sudo configs was not blocked adequately - debian/patches/CVE-2023-26604.patch: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined - CVE-2023-26604 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overrun vulnerability in format_timespan() - debian/patches/CVE-2022-3821.patch: fix buffer-over-run - CVE-2022-3821 * SECURITY UPDATE: a local privelege escalation for some sudo configs was not blocked adequately - debian/patches/CVE-2023-26604.patch: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined - CVE-2023-26604

0 tuxcare-ubuntu16.04-els libnss-myhostname_229-4ubuntu21.33+tuxcare.els1_amd64.deb 25b0e61ab0127b506c57fc43d5f229ab78857af4 libnss-mymachines_229-4ubuntu21.33+tuxcare.els1_amd64.deb 011e5897ebb6f4759c3d7a887387d6f406eb74d7 libnss-resolve_229-4ubuntu21.33+tuxcare.els1_amd64.deb cde318897bae5f996b938ce4cc5942750e570610 libpam-systemd_229-4ubuntu21.33+tuxcare.els1_amd64.deb 85c135e532488ed3629352b4cba45087079a4c5e libsystemd-dev_229-4ubuntu21.33+tuxcare.els1_amd64.deb 4774fb9f3f3a4d5486499f6c7fbae2284f083d8d libsystemd0_229-4ubuntu21.33+tuxcare.els1_amd64.deb 105563acea80aec67e2681884cf70c55d7fdd8e0 libudev-dev_229-4ubuntu21.33+tuxcare.els1_amd64.deb 64736d11529092b7eb67051e808508bcc4f48b50 libudev1_229-4ubuntu21.33+tuxcare.els1_amd64.deb c97fd0343fd2b6b02aaca6d092aa5f9c90023742 systemd_229-4ubuntu21.33+tuxcare.els1_amd64.deb 29934591ba71bd8498bc6e6503a66dff0ca1147b systemd-container_229-4ubuntu21.33+tuxcare.els1_amd64.deb 89edc631d2b5d9ea957fac93a08f1fec5233cdcd systemd-coredump_229-4ubuntu21.33+tuxcare.els1_amd64.deb da9edf102249822d2b771f6f76d442dfa031d8e5 systemd-journal-remote_229-4ubuntu21.33+tuxcare.els1_amd64.deb 1355fcc0a1f921a24cb9071172eada1d6a351546 systemd-sysv_229-4ubuntu21.33+tuxcare.els1_amd64.deb f356ecb5742cc39de21f836e17cc32bca20bc59c udev_229-4ubuntu21.33+tuxcare.els1_amd64.deb 4a132cee7327403cbc3e093e9e5eaf1425b66392 CLSA-2023:1679925211 TuxCare License Agreement 0 * SECURITY UPDATE: Accessing invalid memory with put in Visual block mode - debian/patches/CVE-2023-1170: Adjust the cursor column if needed - CVE-2023-1170 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Accessing invalid memory with put in Visual block mode - debian/patches/CVE-2023-1170: Adjust the cursor column if needed - CVE-2023-1170

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb b8c1152528b4c3a83250818e0c33412be8243958 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb c3d703f388f0f2bfdca9e081078b36e4eefc6dad vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb 70d657b471d3d88dfb8a101eda19daa3ea0fce67 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb cc581f9227bb045bae35b19214cbdb061df3083f vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els40_all.deb 1620b60441cee964140d5e77d3845d7067929a51 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb 285b562c6ad1bf5db1e541f40eae37a2201dbaf9 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb 507fab99959bbe24c581a8247ba1b448c9b06d5f vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb c00b69cc0f4c76804bbbea2a3419b7fe67626341 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb c501a61618a5c288ab821897c0cbafbfa4cfd2f3 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb 5a1b7bfdafd4d597646234173b34c893621f90c5 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb dea7baeee486d37e830a5d3fd6992d6bb4e240af vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els40_all.deb 0ab3681e16832df5d9f77055f964fbfdf920fa4a vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb 4223fb7ddf213610fca6ae55f2ef1c18ea054203 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb faa6d9a7c00cfb18f4ab32aa74d608632b4649ad vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els40_all.deb f9f3b065ade31f2b53a217539a63eb82890e41df vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els40_amd64.deb dcf7fdc5c1d21f2d3a8e2346425c9a9819e118bf CLSA-2023:1679943745 TuxCare License Agreement 0 * SECURITY UPDATE: proxy configuration may trigger HTTP request smuggling attack - debian/patches/CVE-2023-25690.patch: don't forward invalid query strings - CVE-2023-25690 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: proxy configuration may trigger HTTP request smuggling attack - debian/patches/CVE-2023-25690.patch: don't forward invalid query strings - CVE-2023-25690

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els10_amd64.deb 158b168dcb23641e11ee7e5f72bbf36a2b183171 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els10_amd64.deb 8558a5eb432e4a96165dd597f03f92bdf43a2a4a apache2-data_2.4.18-2ubuntu3.17+tuxcare.els10_all.deb 3114cf640407bba26228bd5a793de9e07b16ab51 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els10_amd64.deb 5dd9640a125c2aedfa0c7ebea46bf42ee3dd5c75 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els10_all.deb b6a72797a54f63e7f2fd0092164a9cabfb1759dc apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els10_amd64.deb 5e5521c54f05f2ffa5b89a156ddfb93ef9209451 apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els10_amd64.deb ab053c3287f180d8fb88bdde2ff3c7a30e8f8149 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els10_amd64.deb 8d0d2bbfafe3ee8bd537d7a8ab2ab61eca213a2a CLSA-2023:1679944242 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2022-31628.patch: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31628 * SECURITY UPDATE: Cookie injection - debian/patches/CVE-2022-31629.patch: Add cookie integrity validation - CVE-2022-31629 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-31631.patch: Fix integer overflow that could cause PDO::quote() to return an improperly quoted string - CVE-2022-31631 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2022-31628.patch: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31628 * SECURITY UPDATE: Cookie injection - debian/patches/CVE-2022-31629.patch: Add cookie integrity validation - CVE-2022-31629 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-31631.patch: Fix integer overflow that could cause PDO::quote() to return an improperly quoted string - CVE-2022-31631

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 0ca2031f030b85e933011ec31a9609111e95cc6b libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 7ca1d33f803327c0302781f29bebba8665f0ea0d php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_all.deb f69bb8f54d9548388483bbeca894838c4d9821e9 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb abe7c194b2e38b0f76b51ac273b16686cd71fb30 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 86e851b0b052ff2b34d58f6243540188e2528e5e php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 8f54df9851b69fe3149b021c4887e27937283633 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 82354df4d1956b430338dcf757040fb0c4331ab5 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 2d7ec5188a8e7e62c5612708aa2bafde8605dd7e php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb e18435a33bb4c5a87a2642759737513f03552ffc php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 786b2096afd609c16436118c1270e9e5d2440c1e php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 1e8f3f177c4266e888129d93dd7efd15113cad13 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 8f81762e79a78bd2643057c1c62a18870899f336 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 1d55a538e9068d2aa7d3debec7e27b80744d8f37 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb a7c5da16cc770379547ef4c089abe021f46720c9 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 3ad90f7ab572eebab71a155cd41026bcf4ea3840 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 04111773122bfa3991f165371011ee109a289ffe php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb bfdc1b1aa8eff4952fade8145bcfe2c19962dc3b php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 84ecf61592ac89aecab23e083188b8b5f3c720f2 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb f59d56a74b7a90c80b81a5e8bdf734197c7616bf php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb afacebeaa213ba5bf980773b985b1185a15d381d php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb d4a9202a50755adf9f1229150d7110f106c58782 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 0131e7a5943eb2a83c5b0dd2c3fae7810ed5ab1f php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 81a5ae220f5285f6ee8129f914133706c4924b80 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 6491036aaa3a6933e0cd30901e5b753216e5a89f php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 9a1a512330d5bc56cd3f0ae93ede63e845b7bacb php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 69ff48890ef80bb2799625471a7785912fee010a php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb fb7133f91f04568677f02f41f7478e60328f3347 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 9d3265c3b2b22753f2f40d378182797e1755c9e7 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 732e196b2d3b5fcca615636edc582b7c9525b6fe php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb dba6bef58b2b6d16ea77c807eaa97adf31502639 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 788ca37e13588ae58d3c3f55ac7186458b972834 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb db2c8b1cc5ef55e47c1a8a0a8d2ceb6271d3bcf7 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 4417a43b9dde5a3391541ccca229f5394a0dba31 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb 6f0d9ea0861c0d670d35ff10feecadbcb135bed1 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb fd0b41efd364ed825512a3dd37e084a35e151529 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb f241e294c72f65d6bf37b36fa841b9dc10b8d2c5 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb e19341f6ba8e50cbdd3f69ae60045a0adcba1ffa php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_all.deb 27397214d0791cc7331688bd5ec159de262b54d3 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb ad561af1bc5589769806671992757279f5efbe38 CLSA-2023:1680210210 TuxCare License Agreement 0 * SECURITY UPDATE: No check if the return value of XCreateGC() is NULL - debian/patches/CVE-2022-47024: Only use the return value when it is not NULL. - CVE-2022-47024 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: No check if the return value of XCreateGC() is NULL - debian/patches/CVE-2022-47024: Only use the return value when it is not NULL. - CVE-2022-47024

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb bdd4d471bc3d013cf794b1907e7212e9baac4aec vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb da953334de1fbe206d4f548df7459c55aa14d3ab vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 6ddcdb1afecd56cc9cb4ad9a358b4a01bfaeaf5f vim-common_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 76e0c9417bd837bb9dcde5e7696e3bc138de95bb vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els41_all.deb c5df02425cd4464f25518d62c90c8d3abe47dfc3 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 6b40509b96dc5205eb15b2a37ca8baa830989453 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 642e321f86f6320190735862020a7f14c85e5ad8 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb c0d3d98dfc7fe52cd918c686bbb0a4ec6d9af8f6 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb f5baa9bf770d48782f8949040a18df3107ee2e0f vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb e4cf7abb258790a3a91d63188a31a0c16c89571e vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 1968228ff918c282cf84a24156eb7124d88881b3 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els41_all.deb 2ac9071e5bb3eb423928bd7a692abb69fa06f552 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 3ed33c9fcccd871020f3701c47e9fecbc22dae84 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb e1cb2cd8a095f46d5fd166841b69c660fb37170f vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els41_all.deb d72f5b0093e193a6361e7050aea967b7050bc582 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els41_amd64.deb 5f72fbc0a77199ebbebd7b34bcdc466ca26ba478 CLSA-2023:1681137249 TuxCare License Agreement 0 * SECURITY UPDATE: When cloning a repository with `--local`, Git relies on either making a hardlink or copy to every file in the "objects" directory of the source repository. As a result, malformed repository containing symbolic links pointing at the sensitive information on the victim's machine could be copied - debian/patches/CVE-2022-39253.patch: prevent copying symbolic links - debian/patches/tests-for-CVE-2022-39253.patch: tests - CVE-2022-39253 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: When cloning a repository with `--local`, Git relies on either making a hardlink or copy to every file in the "objects" directory of the source repository. As a result, malformed repository containing symbolic links pointing at the sensitive information on the victim's machine could be copied - debian/patches/CVE-2022-39253.patch: prevent copying symbolic links - debian/patches/tests-for-CVE-2022-39253.patch: tests - CVE-2022-39253

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els2_amd64.deb 66b9806704ec24b870309f16a5b3c281b0bf5927 git-all_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 8d81afdb9c87919ded9fc92e47974362d5346e0f git-arch_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 0f8cd0500ce4b12dec9e946cdeb79ea2b4b889da git-core_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 985d255142c3ac2bce40414aa0128a2872f19f01 git-cvs_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 339d807b3788838ec924b30d4827f69f5aad900a git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 95f6ba6767eca4018d5ce5ac5508c51e2d3eed4e git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 4b223f49a21a98827c0a7817f10c7299637581a6 git-doc_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb b6cc534acd1ed7f9d98d5c8aec93a591f29f7b34 git-el_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 0f34c7891ec698636d9527faaaeb4becd7d2d4ab git-email_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb d2284b5aff701e9ed2e0fc4ffb055d5399637e1e git-gui_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb adcbfb4f8742fc5445326f3ec8c2b679c8965747 git-man_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 6c48d2c2614f8098c6acec3f8cf3c80e6c5c83b5 git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb e109f17790e86436606f3fd1bcfddb48d92c25c7 git-svn_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb c18c894f4f7bcc4c9ac235a11e26b30fbdbf5770 gitk_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb 90e8f347cedc36408327810103a70a3348e313a0 gitweb_2.7.4-0ubuntu1.10+tuxcare.els2_all.deb bead0272675de001aff71938db7a4ba399b8e75f CLSA-2023:1681151394 TuxCare License Agreement 0 * SECURITY UPDATE: stack-based buffer overread in FUSE xlator - debian/patches/CVE-2022-26253.patch: access the graph->id only while event is associated specific to FUSE xlator. - CVE-2022-26253 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack-based buffer overread in FUSE xlator - debian/patches/CVE-2022-26253.patch: access the graph->id only while event is associated specific to FUSE xlator. - CVE-2022-26253

0 tuxcare-ubuntu16.04-els glusterfs-client_3.7.6-1ubuntu1+tuxcare.els1_amd64.deb c43d388357bb3d7a3312947f0c75d9b6c948bd33 glusterfs-common_3.7.6-1ubuntu1+tuxcare.els1_amd64.deb 8b57b3336469cd5f36f56eb8280000a94337bf24 glusterfs-server_3.7.6-1ubuntu1+tuxcare.els1_amd64.deb e903ee73573b7bf2bca2e080e7777a98cb220a1e CLSA-2023:1681328662 TuxCare License Agreement 0 * SECURITY UPDATE: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled - debian/patches/CVE-2023-0767.patch: improve handling of unknown PKCS#12 safe bag types - CVE-2023-0767 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled - debian/patches/CVE-2023-0767.patch: improve handling of unknown PKCS#12 safe bag types - CVE-2023-0767

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els5_amd64.deb af42e001fd6150703dedf1627ee6e7649dd181ee libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els5_amd64.deb 9fffb5faa58ea8c99079f4334d115471a8fa7a6b libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els5_amd64.deb 00e3b1c323bb238c7b4a37670bb9e8ed3bd19140 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els5_all.deb 32e05e32ab82dc9aa4b25ded515507a16de00159 libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els5_amd64.deb 72a2650c9a2a0dcce5dbe7e5533eb740b8021600 CLSA-2023:1681491348 TuxCare License Agreement 0 * SECURITY UPDATE: Telnet option IAC injection - debian/patches/CVE-2023-27533.patch: only accept option arguments in ascii to avoid embedded telnet negotiation commands - CVE-2023-27533 * SECURITY UPDATE: FTP too eager connection reuse - debian/patches/CVE-2023-27535.patch: add more conditions for connection reuse - CVE-2023-27535 * SECURITY UPDATE: GSS delegation too eager connection re-use - debian/patches/CVE-2023-27536.patch: only reuse connections with same GSS delegation - CVE-2023-27536 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Telnet option IAC injection - debian/patches/CVE-2023-27533.patch: only accept option arguments in ascii to avoid embedded telnet negotiation commands - CVE-2023-27533 * SECURITY UPDATE: FTP too eager connection reuse - debian/patches/CVE-2023-27535.patch: add more conditions for connection reuse - CVE-2023-27535 * SECURITY UPDATE: GSS delegation too eager connection re-use - debian/patches/CVE-2023-27536.patch: only reuse connections with same GSS delegation - CVE-2023-27536

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb 80e725d077fed3798ffbaf1929b9cee4dd751365 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb 7c95eba8837368711efaa3d5961c1728af014592 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb 2386fc6e68cc9f34630ed3439c87baecbab7c729 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb b220bc544c2aa735005619f54948b3c0393a8853 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els8_all.deb 2091a11abb777ecaa0f01d457c731220515a5859 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb b28a91df6bd2c22c9983443b479f51ead8e9494d libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb 6172f449695795a212b1bbfd1ef5cc7ab26d608d libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els8_amd64.deb 5fcbb4c58b4eedfe9e0d312e0f4e391232cbb784 CLSA-2023:1682416329 TuxCare License Agreement 0 [ Ubuntu: 4.15.0-209.220 ] * bionic/linux: 4.15.0-209.220 -proposed tracker (LP: #2011989) * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * CVE-2023-1281 - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() - net/sched: tcindex: update imperfect hash filters respecting rcu * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) - pNFS/filelayout: Fix coalescing test for single DS - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats - RDMA/srp: Move large values to a new enum for gcc13 - f2fs: let's avoid panic if extent_tree is not created - nilfs2: fix general protection fault in nilfs_btree_insert() - xhci-pci: set the dma max_seg_size - usb: xhci: Check endpoint is valid before dereferencing it - prlimit: do_prlimit needs to have a speculation check - USB: serial: option: add Quectel EM05-G (GR) modem - USB: serial: option: add Quectel EM05-G (CS) modem - USB: serial: option: add Quectel EM05-G (RS) modem - USB: serial: option: add Quectel EC200U modem - USB: serial: option: add Quectel EM05CN (SG) modem - USB: serial: option: add Quectel EM05CN modem - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 - usb: core: hub: disable autosuspend for TI TUSB8041 - USB: serial: cp210x: add SCALANCE LPE-9000 device id - usb: host: ehci-fsl: Fix module alias - usb: gadget: g_webcam: Send color matching descriptor per frame - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 - serial: pch_uart: Pass correct sg to dma_unmap_sg() - serial: atmel: fix incorrect baudrate setup - gsmi: fix null-deref in gsmi_get_variable - comedi: adv_pci1760: Fix PWM instruction handling - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' - HID: intel_ish-hid: Add check for ishtp_dma_tx_map - EDAC/highbank: Fix memory leak in highbank_mc_probe() - tomoyo: fix broken dependency on *.conf.default - IB/hfi1: Reject a zero-length user expected buffer - IB/hfi1: Reserve user expected TIDs - affs: initialize fsdata in affs_truncate() - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() - net: nfc: Fix use-after-free in local_cleanup() - net: usb: sr9700: Handle negative len - net: mdio: validate parameter addr in mdiobus_get_phy() - HID: check empty report_list in hid_validate_values() - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request - net: mlx5: eliminate anonymous module_init & module_exit - dmaengine: Fix double increment of client_count in dma_chan_get() - HID: betop: check shape of output reports - w1: fix deadloop in __w1_remove_master_device() - w1: fix WARNING after calling w1_process() - fs: reiserfs: remove useless new_opts in reiserfs_remount - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed - scsi: hpsa: Fix allocation size for scsi_host_alloc() - module: Don't wait for GOING modules - tracing: Make sure trace_printk() can output as soon as it can be used - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment - EDAC/device: Respect any driver-supplied workqueue polling value - netlink: annotate data races around dst_portid and dst_group - netlink: annotate data races around sk_state - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE - netrom: Fix use-after-free of a listening socket. - sctp: fail if no bound addresses can be used for a given scope - net: ravb: Fix possible hang if RIS2_QFF1 happen - net/tg3: resolve deadlock in tg3_reset_task() during EEH - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL - xen: Fix up build warning with xen_init_time_ops() reference - x86/asm: Fix an assembler warning with current binutils - x86/entry/64: Add instruction suffix to SYSRET - sysctl: add a new register_sysctl_init() interface - panic: unset panic_on_warn inside panic() - exit: Add and use make_task_dead. - objtool: Add a missing comma to avoid string concatenation - hexagon: Fix function name in die() - h8300: Fix build errors from do_exit() to make_task_dead() transition - ia64: make IA64_MCA_RECOVERY bool instead of tristate - exit: Put an upper limit on how often we can oops - exit: Expose "oops_count" to sysfs - exit: Allow oops_limit to be disabled - panic: Consolidate open-coded panic_on_warn checks - panic: Introduce warn_limit - panic: Expose "warn_count" to sysfs - exit: Use READ_ONCE() for all oops/warn limit reads - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags - ipv6: ensure sane device mtu in tunnels - usb: host: xhci-plat: add wakeup entry at sysfs - amd-xgbe: Delay AN timeout during KR training - tcp: avoid the lookup process failing to get sk in ehash table - net: fix UaF in netns ops registration error path - netlink: annotate data races around nlk->portid - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() * rtcpie in timers from ubuntu_kernel_selftests randomly failing (LP: #1814234) - SAUCE: selftest: rtctest: Fix force-passing unreliable subtest Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

[ Ubuntu: 4.15.0-209.220 ] * bionic/linux: 4.15.0-209.220 -proposed tracker (LP: #2011989) * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * CVE-2023-1281 - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() - net/sched: tcindex: update imperfect hash filters respecting rcu * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) - pNFS/filelayout: Fix coalescing test for single DS - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats - RDMA/srp: Move large values to a new enum for gcc13 - f2fs: let's avoid panic if extent_tree is not created - nilfs2: fix general protection fault in nilfs_btree_insert() - xhci-pci: set the dma max_seg_size - usb: xhci: Check endpoint is valid before dereferencing it - prlimit: do_prlimit needs to have a speculation check - USB: serial: option: add Quectel EM05-G (GR) modem - USB: serial: option: add Quectel EM05-G (CS) modem - USB: serial: option: add Quectel EM05-G (RS) modem - USB: serial: option: add Quectel EC200U modem - USB: serial: option: add Quectel EM05CN (SG) modem - USB: serial: option: add Quectel EM05CN modem - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 - usb: core: hub: disable autosuspend for TI TUSB8041 - USB: serial: cp210x: add SCALANCE LPE-9000 device id - usb: host: ehci-fsl: Fix module alias - usb: gadget: g_webcam: Send color matching descriptor per frame - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 - serial: pch_uart: Pass correct sg to dma_unmap_sg() - serial: atmel: fix incorrect baudrate setup - gsmi: fix null-deref in gsmi_get_variable - comedi: adv_pci1760: Fix PWM instruction handling - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' - HID: intel_ish-hid: Add check for ishtp_dma_tx_map - EDAC/highbank: Fix memory leak in highbank_mc_probe() - tomoyo: fix broken dependency on *.conf.default - IB/hfi1: Reject a zero-length user expected buffer - IB/hfi1: Reserve user expected TIDs - affs: initialize fsdata in affs_truncate() - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() - net: nfc: Fix use-after-free in local_cleanup() - net: usb: sr9700: Handle negative len - net: mdio: validate parameter addr in mdiobus_get_phy() - HID: check empty report_list in hid_validate_values() - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request - net: mlx5: eliminate anonymous module_init & module_exit - dmaengine: Fix double increment of client_count in dma_chan_get() - HID: betop: check shape of output reports - w1: fix deadloop in __w1_remove_master_device() - w1: fix WARNING after calling w1_process() - fs: reiserfs: remove useless new_opts in reiserfs_remount - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed - scsi: hpsa: Fix allocation size for scsi_host_alloc() - module: Don't wait for GOING modules - tracing: Make sure trace_printk() can output as soon as it can be used - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment - EDAC/device: Respect any driver-supplied workqueue polling value - netlink: annotate data races around dst_portid and dst_group - netlink: annotate data races around sk_state - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE - netrom: Fix use-after-free of a listening socket. - sctp: fail if no bound addresses can be used for a given scope - net: ravb: Fix possible hang if RIS2_QFF1 happen - net/tg3: resolve deadlock in tg3_reset_task() during EEH - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL - xen: Fix up build warning with xen_init_time_ops() reference - x86/asm: Fix an assembler warning with current binutils - x86/entry/64: Add instruction suffix to SYSRET - sysctl: add a new register_sysctl_init() interface - panic: unset panic_on_warn inside panic() - exit: Add and use make_task_dead. - objtool: Add a missing comma to avoid string concatenation - hexagon: Fix function name in die() - h8300: Fix build errors from do_exit() to make_task_dead() transition - ia64: make IA64_MCA_RECOVERY bool instead of tristate - exit: Put an upper limit on how often we can oops - exit: Expose "oops_count" to sysfs - exit: Allow oops_limit to be disabled - panic: Consolidate open-coded panic_on_warn checks - panic: Introduce warn_limit - panic: Expose "warn_count" to sysfs - exit: Use READ_ONCE() for all oops/warn limit reads - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags - ipv6: ensure sane device mtu in tunnels - usb: host: xhci-plat: add wakeup entry at sysfs - amd-xgbe: Delay AN timeout during KR training - tcp: avoid the lookup process failing to get sk in ehash table - net: fix UaF in netns ops registration error path - netlink: annotate data races around nlk->portid - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() * rtcpie in timers from ubuntu_kernel_selftests randomly failing (LP: #1814234) - SAUCE: selftest: rtctest: Fix force-passing unreliable subtest

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb af409a0a70eab3066dd7e635f177ff9f4cdb6f22 linux-buildinfo-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 890cf11f8877843cc04ce02603fced1b683dd4a0 linux-cloud-tools-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb b5f5a24998cc1e008fc6f0f8d745a299af44792c linux-cloud-tools-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 49fc4e9ee3422eb85141aeceb84ea128b47c0a6d linux-cloud-tools-generic-hwe-16.04_4.15.0.209.144_amd64.deb 52d0da4f05ca4ac8fba95b9a8eec5f0ded7fe2b3 linux-cloud-tools-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb 54f8e79b4a96cfc7240a6640fea789b8b956e599 linux-generic-hwe-16.04_4.15.0.209.144_amd64.deb 1cb389e0b863958224a719f07bb8f9b26c023089 linux-headers-4.15.0-209-tuxcare.els7_4.15.0-209.220~16.04.1_all.deb 1f521f369dc75ad30b77261753db7f9ae63311ff linux-headers-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 8e83eff5c92fdac4ca799ed47a4eeb6afb2920be linux-headers-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb c065e6d7c25a503e4a14f33f4dce9e3c14a18b3f linux-headers-generic-hwe-16.04_4.15.0.209.144_amd64.deb a37a53108649b893ac22cc9ac6162a01e67018a8 linux-headers-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb 84a3e67c30ae82f1c6c8cb0a2f2847dc8c394d3c linux-hwe-cloud-tools-4.15.0-209-tuxcare.els7_4.15.0-209.220~16.04.1_amd64.deb b447a322856fecfecc62a05986f16715c54e86d5 linux-hwe-tools-4.15.0-209-tuxcare.els7_4.15.0-209.220~16.04.1_amd64.deb ff0ba285c4ead526010b2ea7c2aeffc182928c0a linux-image-generic-hwe-16.04_4.15.0.209.144_amd64.deb 40fb8224200010277c7a9335601869bb619ac150 linux-image-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb 4c9e331bd12a97de694c0e0de6cb0dbbe142e25e linux-image-unsigned-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 56f618bcc721826b2be34cf27f2e22aad4890f38 linux-image-unsigned-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 253e86c776b3cf3914ca7567e38425f7b525b902 linux-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb c00048a7615cfd64f15fda911c9f0fbab95f32c2 linux-modules-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 83573ec6737367e023a1644dc10fbf591041afd0 linux-modules-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 326a4e92febd2def1e6114424fea4dc526493003 linux-modules-extra-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 87a9ea7904368340de9c5f1feec3d4ab22da6e79 linux-source-4.15.0_4.15.0-209.220~16.04.1_all.deb 2d3a415e9662f32d8a32110228ed4844752eda0b linux-tools-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 028b20429f3cab30f86593e55ff148dc46b4944f linux-tools-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 984d9e5733c6e566fa912df5d7ce9086980d870f linux-tools-generic-hwe-16.04_4.15.0.209.144_amd64.deb e9e22cf8ffd884164e41c6995d6e66e8b1f1f264 linux-tools-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb f134c4946001e2752fa40fa6af9a45972622aa46 CLSA-2023:1682418814 TuxCare License Agreement 0 [ Ubuntu: 4.15.0-209.220 ] * bionic/linux: 4.15.0-209.220 -proposed tracker (LP: #2011989) * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * CVE-2023-1281 - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() - net/sched: tcindex: update imperfect hash filters respecting rcu * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) - pNFS/filelayout: Fix coalescing test for single DS - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats - RDMA/srp: Move large values to a new enum for gcc13 - f2fs: let's avoid panic if extent_tree is not created - nilfs2: fix general protection fault in nilfs_btree_insert() - xhci-pci: set the dma max_seg_size - usb: xhci: Check endpoint is valid before dereferencing it - prlimit: do_prlimit needs to have a speculation check - USB: serial: option: add Quectel EM05-G (GR) modem - USB: serial: option: add Quectel EM05-G (CS) modem - USB: serial: option: add Quectel EM05-G (RS) modem - USB: serial: option: add Quectel EC200U modem - USB: serial: option: add Quectel EM05CN (SG) modem - USB: serial: option: add Quectel EM05CN modem - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 - usb: core: hub: disable autosuspend for TI TUSB8041 - USB: serial: cp210x: add SCALANCE LPE-9000 device id - usb: host: ehci-fsl: Fix module alias - usb: gadget: g_webcam: Send color matching descriptor per frame - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 - serial: pch_uart: Pass correct sg to dma_unmap_sg() - serial: atmel: fix incorrect baudrate setup - gsmi: fix null-deref in gsmi_get_variable - comedi: adv_pci1760: Fix PWM instruction handling - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' - HID: intel_ish-hid: Add check for ishtp_dma_tx_map - EDAC/highbank: Fix memory leak in highbank_mc_probe() - tomoyo: fix broken dependency on *.conf.default - IB/hfi1: Reject a zero-length user expected buffer - IB/hfi1: Reserve user expected TIDs - affs: initialize fsdata in affs_truncate() - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() - net: nfc: Fix use-after-free in local_cleanup() - net: usb: sr9700: Handle negative len - net: mdio: validate parameter addr in mdiobus_get_phy() - HID: check empty report_list in hid_validate_values() - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request - net: mlx5: eliminate anonymous module_init & module_exit - dmaengine: Fix double increment of client_count in dma_chan_get() - HID: betop: check shape of output reports - w1: fix deadloop in __w1_remove_master_device() - w1: fix WARNING after calling w1_process() - fs: reiserfs: remove useless new_opts in reiserfs_remount - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed - scsi: hpsa: Fix allocation size for scsi_host_alloc() - module: Don't wait for GOING modules - tracing: Make sure trace_printk() can output as soon as it can be used - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment - EDAC/device: Respect any driver-supplied workqueue polling value - netlink: annotate data races around dst_portid and dst_group - netlink: annotate data races around sk_state - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE - netrom: Fix use-after-free of a listening socket. - sctp: fail if no bound addresses can be used for a given scope - net: ravb: Fix possible hang if RIS2_QFF1 happen - net/tg3: resolve deadlock in tg3_reset_task() during EEH - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL - xen: Fix up build warning with xen_init_time_ops() reference - x86/asm: Fix an assembler warning with current binutils - x86/entry/64: Add instruction suffix to SYSRET - sysctl: add a new register_sysctl_init() interface - panic: unset panic_on_warn inside panic() - exit: Add and use make_task_dead. - objtool: Add a missing comma to avoid string concatenation - hexagon: Fix function name in die() - h8300: Fix build errors from do_exit() to make_task_dead() transition - ia64: make IA64_MCA_RECOVERY bool instead of tristate - exit: Put an upper limit on how often we can oops - exit: Expose "oops_count" to sysfs - exit: Allow oops_limit to be disabled - panic: Consolidate open-coded panic_on_warn checks - panic: Introduce warn_limit - panic: Expose "warn_count" to sysfs - exit: Use READ_ONCE() for all oops/warn limit reads - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags - ipv6: ensure sane device mtu in tunnels - usb: host: xhci-plat: add wakeup entry at sysfs - amd-xgbe: Delay AN timeout during KR training - tcp: avoid the lookup process failing to get sk in ehash table - net: fix UaF in netns ops registration error path - netlink: annotate data races around nlk->portid - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() * rtcpie in timers from ubuntu_kernel_selftests randomly failing (LP: #1814234) - SAUCE: selftest: rtctest: Fix force-passing unreliable subtest Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

[ Ubuntu: 4.15.0-209.220 ] * bionic/linux: 4.15.0-209.220 -proposed tracker (LP: #2011989) * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * CVE-2023-1281 - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() - net/sched: tcindex: update imperfect hash filters respecting rcu * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) - pNFS/filelayout: Fix coalescing test for single DS - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats - RDMA/srp: Move large values to a new enum for gcc13 - f2fs: let's avoid panic if extent_tree is not created - nilfs2: fix general protection fault in nilfs_btree_insert() - xhci-pci: set the dma max_seg_size - usb: xhci: Check endpoint is valid before dereferencing it - prlimit: do_prlimit needs to have a speculation check - USB: serial: option: add Quectel EM05-G (GR) modem - USB: serial: option: add Quectel EM05-G (CS) modem - USB: serial: option: add Quectel EM05-G (RS) modem - USB: serial: option: add Quectel EC200U modem - USB: serial: option: add Quectel EM05CN (SG) modem - USB: serial: option: add Quectel EM05CN modem - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 - usb: core: hub: disable autosuspend for TI TUSB8041 - USB: serial: cp210x: add SCALANCE LPE-9000 device id - usb: host: ehci-fsl: Fix module alias - usb: gadget: g_webcam: Send color matching descriptor per frame - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 - serial: pch_uart: Pass correct sg to dma_unmap_sg() - serial: atmel: fix incorrect baudrate setup - gsmi: fix null-deref in gsmi_get_variable - comedi: adv_pci1760: Fix PWM instruction handling - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' - HID: intel_ish-hid: Add check for ishtp_dma_tx_map - EDAC/highbank: Fix memory leak in highbank_mc_probe() - tomoyo: fix broken dependency on *.conf.default - IB/hfi1: Reject a zero-length user expected buffer - IB/hfi1: Reserve user expected TIDs - affs: initialize fsdata in affs_truncate() - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() - net: nfc: Fix use-after-free in local_cleanup() - net: usb: sr9700: Handle negative len - net: mdio: validate parameter addr in mdiobus_get_phy() - HID: check empty report_list in hid_validate_values() - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request - net: mlx5: eliminate anonymous module_init & module_exit - dmaengine: Fix double increment of client_count in dma_chan_get() - HID: betop: check shape of output reports - w1: fix deadloop in __w1_remove_master_device() - w1: fix WARNING after calling w1_process() - fs: reiserfs: remove useless new_opts in reiserfs_remount - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed - scsi: hpsa: Fix allocation size for scsi_host_alloc() - module: Don't wait for GOING modules - tracing: Make sure trace_printk() can output as soon as it can be used - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment - EDAC/device: Respect any driver-supplied workqueue polling value - netlink: annotate data races around dst_portid and dst_group - netlink: annotate data races around sk_state - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE - netrom: Fix use-after-free of a listening socket. - sctp: fail if no bound addresses can be used for a given scope - net: ravb: Fix possible hang if RIS2_QFF1 happen - net/tg3: resolve deadlock in tg3_reset_task() during EEH - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL - xen: Fix up build warning with xen_init_time_ops() reference - x86/asm: Fix an assembler warning with current binutils - x86/entry/64: Add instruction suffix to SYSRET - sysctl: add a new register_sysctl_init() interface - panic: unset panic_on_warn inside panic() - exit: Add and use make_task_dead. - objtool: Add a missing comma to avoid string concatenation - hexagon: Fix function name in die() - h8300: Fix build errors from do_exit() to make_task_dead() transition - ia64: make IA64_MCA_RECOVERY bool instead of tristate - exit: Put an upper limit on how often we can oops - exit: Expose "oops_count" to sysfs - exit: Allow oops_limit to be disabled - panic: Consolidate open-coded panic_on_warn checks - panic: Introduce warn_limit - panic: Expose "warn_count" to sysfs - exit: Use READ_ONCE() for all oops/warn limit reads - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags - ipv6: ensure sane device mtu in tunnels - usb: host: xhci-plat: add wakeup entry at sysfs - amd-xgbe: Delay AN timeout during KR training - tcp: avoid the lookup process failing to get sk in ehash table - net: fix UaF in netns ops registration error path - netlink: annotate data races around nlk->portid - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() * rtcpie in timers from ubuntu_kernel_selftests randomly failing (LP: #1814234) - SAUCE: selftest: rtctest: Fix force-passing unreliable subtest

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb af409a0a70eab3066dd7e635f177ff9f4cdb6f22 linux-buildinfo-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 890cf11f8877843cc04ce02603fced1b683dd4a0 linux-cloud-tools-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb b5f5a24998cc1e008fc6f0f8d745a299af44792c linux-cloud-tools-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 49fc4e9ee3422eb85141aeceb84ea128b47c0a6d linux-cloud-tools-generic-hwe-16.04_4.15.0.209.144_amd64.deb 52d0da4f05ca4ac8fba95b9a8eec5f0ded7fe2b3 linux-cloud-tools-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb 54f8e79b4a96cfc7240a6640fea789b8b956e599 linux-generic-hwe-16.04_4.15.0.209.144_amd64.deb 1cb389e0b863958224a719f07bb8f9b26c023089 linux-headers-4.15.0-209-tuxcare.els7_4.15.0-209.220~16.04.1_all.deb 1f521f369dc75ad30b77261753db7f9ae63311ff linux-headers-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 8e83eff5c92fdac4ca799ed47a4eeb6afb2920be linux-headers-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb c065e6d7c25a503e4a14f33f4dce9e3c14a18b3f linux-headers-generic-hwe-16.04_4.15.0.209.144_amd64.deb a37a53108649b893ac22cc9ac6162a01e67018a8 linux-headers-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb 84a3e67c30ae82f1c6c8cb0a2f2847dc8c394d3c linux-hwe-cloud-tools-4.15.0-209-tuxcare.els7_4.15.0-209.220~16.04.1_amd64.deb b447a322856fecfecc62a05986f16715c54e86d5 linux-hwe-tools-4.15.0-209-tuxcare.els7_4.15.0-209.220~16.04.1_amd64.deb ff0ba285c4ead526010b2ea7c2aeffc182928c0a linux-image-generic-hwe-16.04_4.15.0.209.144_amd64.deb 40fb8224200010277c7a9335601869bb619ac150 linux-image-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb 4c9e331bd12a97de694c0e0de6cb0dbbe142e25e linux-image-unsigned-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 56f618bcc721826b2be34cf27f2e22aad4890f38 linux-image-unsigned-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 253e86c776b3cf3914ca7567e38425f7b525b902 linux-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb c00048a7615cfd64f15fda911c9f0fbab95f32c2 linux-modules-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 83573ec6737367e023a1644dc10fbf591041afd0 linux-modules-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 326a4e92febd2def1e6114424fea4dc526493003 linux-modules-extra-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 87a9ea7904368340de9c5f1feec3d4ab22da6e79 linux-source-4.15.0_4.15.0-209.220~16.04.1_all.deb 2d3a415e9662f32d8a32110228ed4844752eda0b linux-tools-4.15.0-209-tuxcare.els7-generic_4.15.0-209.220~16.04.1_amd64.deb 028b20429f3cab30f86593e55ff148dc46b4944f linux-tools-4.15.0-209-tuxcare.els7-lowlatency_4.15.0-209.220~16.04.1_amd64.deb 984d9e5733c6e566fa912df5d7ce9086980d870f linux-tools-generic-hwe-16.04_4.15.0.209.144_amd64.deb e9e22cf8ffd884164e41c6995d6e66e8b1f1f264 linux-tools-lowlatency-hwe-16.04_4.15.0.209.144_amd64.deb f134c4946001e2752fa40fa6af9a45972622aa46 CLSA-2023:1682593790 TuxCare License Agreement 0 * SECURITY UPDATE: possible DoS and information disclosure - debian/patches/CVE-2022-44267-44268.patch: fix parsing of some keys - CVE-2022-44267 - CVE-2022-44268 * Fix some leaks: - debian/patches/fix-leaks.patch: fix memory leaks - debian/patches/fix-leaks2.patch: fix memory leaks * Fix reading out of the bound: - debian/patches/fix-reading-out-of-bound.patch Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible DoS and information disclosure - debian/patches/CVE-2022-44267-44268.patch: fix parsing of some keys - CVE-2022-44267 - CVE-2022-44268 * Fix some leaks: - debian/patches/fix-leaks.patch: fix memory leaks - debian/patches/fix-leaks2.patch: fix memory leaks * Fix reading out of the bound: - debian/patches/fix-reading-out-of-bound.patch

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 5acf0b9d401f964c568bd357bb38662242376f61 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 29898809e22cb612ad897882641ed34534d2e078 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 333bb321b1e48dc51f9053c3d214131f31c28fb5 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb ad70b3fe64dea9c75f5845f7bfc3fddcda0010ef libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 42d88fbc06986f0056b4dc9b38485d6ccbb158bd libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 3e485c3ae608e8ae37f1fcab981786738442c976 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb d62b933e28b32f260691943f0518757c68268648 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb d70687d6add1b1593a13625b09e7ff9473c4c1e3 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 1bdf2a4bd879c11312e9ae866ab521cb5d65d5a9 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 55c7c8eb7eb825bf9c7f19597e46bc7874de31d6 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 485dd009117d4b86fe1e4b006d3ec0cfc476d005 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 447b4859ed44f347b57d251cc0ea62c3db373953 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 060f7f6ea6eb997a224acab47528147606687550 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb b57bcbffec954eb36d440ee2e2ada6cc524f48ff libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 965a9780d6c0bc119df7c5ce6bf2de4bb4032ae7 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 2bf7b9a0917a7371b98223fb2b64e7daeff52d30 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 23e4d572442bc1c09c0a0d393223f5af0d766d6a libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb 3b7308f0c82bb2a72bcc48e91b30367b293c92bb libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els6_amd64.deb a1fba841eaf5c91a70bbc21b2e80e62421277a66 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 17250c2769d32ed1aa5ed34e0586509a97b16095 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els6_all.deb 688fef84ea8442ea8951a947f24f47781d545941 CLSA-2023:1682593947 TuxCare License Agreement 0 * SECURITY UPDATE: Null dereference - debian/patches/CVE-2023-28484.patch: Fix null-pointer-deref in xmlSchemaFixupComplexType - CVE-2023-28484 * SECURITY UPDATE: Fix a null pointer dereference - debian/patches/fix-null-ptr-deref.patch: use XML_SCHEMAS_ANYTYPE instead of a null pointer - CVE-2023-28484 * SECURITY UPDATE: Logic or memory errors - debian/patches/CVE-2023-29469.patch: check whether namelen is less than or equal to zero - CVE-2023-29469 * Add test suite - debian/patches/enable-building-tests.patch: enable building tests - debian/patches/fix-testapi.patch: fix buffer overflow in tests Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Null dereference - debian/patches/CVE-2023-28484.patch: Fix null-pointer-deref in xmlSchemaFixupComplexType - CVE-2023-28484 * SECURITY UPDATE: Fix a null pointer dereference - debian/patches/fix-null-ptr-deref.patch: use XML_SCHEMAS_ANYTYPE instead of a null pointer - CVE-2023-28484 * SECURITY UPDATE: Logic or memory errors - debian/patches/CVE-2023-29469.patch: check whether namelen is less than or equal to zero - CVE-2023-29469 * Add test suite - debian/patches/enable-building-tests.patch: enable building tests - debian/patches/fix-testapi.patch: fix buffer overflow in tests

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6_amd64.deb 61cebb2c4dafef557fee29014572f367c5bf73a0 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6_amd64.deb 2497c543ec1c9af6f042effaa079412b4ab7b4cf libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6_all.deb 14f5a681839845d04d8cebd8c354bde0cbb25d6f libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6_amd64.deb 4ef3032c43a3600670e85dff49e17dec50ca8428 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els6_amd64.deb 3461a4a96e6ff491b19b068c3231a73a0908764a CLSA-2023:1682604577 TuxCare License Agreement 0 * CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets * CVE-2022-36879 - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero * CVE-2022-1516 - net/x25: Fix null-ptr-deref caused by x25_disconnect * CVE-2022-1205 - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers * CVE-2022-2318 - net: rose: fix UAF bugs caused by timer handler * CVE-2022-1195 - hamradio: defer 6pack kfree after unregister_netdev - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD * CVE-2022-0494 - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-39188 - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) // CVE-2022-39188 - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-2991 - lightnvm: disable the subsystem * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE-2021-4203 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-3772 - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE-2021-3772 - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb * CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) // CVE-2022-1462 - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() * CVE-2022-1462 - tty: fix deadlock caused by calling printk() under tty_port->lock * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-2022-1462 - pty: do tty_flip_buffer_push without port->lock in pty_write * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234) // CVE-2022-1462 - tty: Fix data race in tty_insert_flip_string_fixed_flag * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-4662 - USB: core: Prevent nested device-reset calls * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2022-0617 - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-2380 - video: fbdev: sm712fb: Fix crash in smtcfb_read() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-3111 - power: supply: wm8350-power: Add missing free in free_charger_irq * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) // CVE-2021-3732 - ovl: prevent private clone if bind mount is not allowed * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE-2021-45868 - quota: check block number when reading the block in quota file * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE-2021-3659 - net: mac802154: Fix general protection fault * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE-2023-1074 - sctp: fail if no bound addresses can be used for a given scope * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE-2023-1095 - netfilter: nf_tables: fix null deref due to zeroed list head * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-2023-26607 - ntfs: fix out-of-bounds read in ntfs_attr_find() * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ntfs: fix use-after-free in ntfs_ucsncmp() * CVE-2022-20572 - dm verity: set DM_TARGET_IMMUTABLE feature flag * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - media: mceusb: fix control-message timeouts * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-4149 - btrfs: unlock newly allocated extent buffer after error * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE-2022-20132 - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-2021-28713 - xen/console: harden hvc_xen against event channel storms * CVE-2021-28712 - xen/netfront: harden netfront against event channel storms * CVE-2021-28711 - xen/blkfront: harden blkfront against event channel storms * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-1975 - NFC: netlink: fix sleep in atomic bug when firmware download timeout * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE-2022-1974 - NFC: NULL out the dev->rfkill to prevent UAF * CVE-2022-1974 - nfc: replace improper check device_is_registered() in netlink related functions * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-1011 - fuse: fix pipe buffer lifetime for direct_io * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-2022-0487 - moxart: fix potential use-after-free on remove path * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. // CVE-2023-1118 - media: dvb-core: Fix UAF due to refcount races at releasing * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE-2023-28772 - seq_buf: Fix overflow in seq_buf_putmem_hex() * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328) // CVE-2023-1390 - tipc: fix NULL deref in tipc_link_xmit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41850 - HID: roccat: Fix use-after-free in roccat_read() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-23455 - net: sched: atm: dont intepret cls results when asked to drop * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-47929 - net: sched: disallow noqueue for qdisc classes * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-3424 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0394 - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-36280 - drm/vmwgfx: Validate the box size for the snooped cursor * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41849 - fbdev: smscufx: Fix use-after-free in ufx_ops_open() * Miscellaneous Ubuntu changes - Config update * Miscellaneous upstream changes - media: dvb: dmx: fixed coding style issues of spacing - NFC: reorder the logic in nfc_{un,}register_device - xen/blkfront: separate per ring information out of device info - xen/blkfront: pseudo support for multi hardware queues/rings - xen/blkfront: split per device io_lock - xen/io: use virt_xxx barriers - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - HID: introduce hid_is_using_ll_driver - clone_private_mount() doesn't need to touch namespace_sem - lightnvm: NVM should depend on HAS_DMA Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets * CVE-2022-36879 - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero * CVE-2022-1516 - net/x25: Fix null-ptr-deref caused by x25_disconnect * CVE-2022-1205 - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers * CVE-2022-2318 - net: rose: fix UAF bugs caused by timer handler * CVE-2022-1195 - hamradio: defer 6pack kfree after unregister_netdev - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD * CVE-2022-0494 - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-39188 - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) // CVE-2022-39188 - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-2991 - lightnvm: disable the subsystem * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE-2021-4203 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-3772 - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE-2021-3772 - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb * CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) // CVE-2022-1462 - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() * CVE-2022-1462 - tty: fix deadlock caused by calling printk() under tty_port->lock * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-2022-1462 - pty: do tty_flip_buffer_push without port->lock in pty_write * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234) // CVE-2022-1462 - tty: Fix data race in tty_insert_flip_string_fixed_flag * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-4662 - USB: core: Prevent nested device-reset calls * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2022-0617 - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-2380 - video: fbdev: sm712fb: Fix crash in smtcfb_read() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-3111 - power: supply: wm8350-power: Add missing free in free_charger_irq * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) // CVE-2021-3732 - ovl: prevent private clone if bind mount is not allowed * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE-2021-45868 - quota: check block number when reading the block in quota file * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE-2021-3659 - net: mac802154: Fix general protection fault * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE-2023-1074 - sctp: fail if no bound addresses can be used for a given scope * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE-2023-1095 - netfilter: nf_tables: fix null deref due to zeroed list head * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-2023-26607 - ntfs: fix out-of-bounds read in ntfs_attr_find() * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ntfs: fix use-after-free in ntfs_ucsncmp() * CVE-2022-20572 - dm verity: set DM_TARGET_IMMUTABLE feature flag * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - media: mceusb: fix control-message timeouts * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-4149 - btrfs: unlock newly allocated extent buffer after error * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE-2022-20132 - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-2021-28713 - xen/console: harden hvc_xen against event channel storms * CVE-2021-28712 - xen/netfront: harden netfront against event channel storms * CVE-2021-28711 - xen/blkfront: harden blkfront against event channel storms * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-1975 - NFC: netlink: fix sleep in atomic bug when firmware download timeout * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE-2022-1974 - NFC: NULL out the dev->rfkill to prevent UAF * CVE-2022-1974 - nfc: replace improper check device_is_registered() in netlink related functions * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-1011 - fuse: fix pipe buffer lifetime for direct_io * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-2022-0487 - moxart: fix potential use-after-free on remove path * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. // CVE-2023-1118 - media: dvb-core: Fix UAF due to refcount races at releasing * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE-2023-28772 - seq_buf: Fix overflow in seq_buf_putmem_hex() * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328) // CVE-2023-1390 - tipc: fix NULL deref in tipc_link_xmit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41850 - HID: roccat: Fix use-after-free in roccat_read() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-23455 - net: sched: atm: dont intepret cls results when asked to drop * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-47929 - net: sched: disallow noqueue for qdisc classes * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-3424 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0394 - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-36280 - drm/vmwgfx: Validate the box size for the snooped cursor * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41849 - fbdev: smscufx: Fix use-after-free in ufx_ops_open() * Miscellaneous Ubuntu changes - Config update * Miscellaneous upstream changes - media: dvb: dmx: fixed coding style issues of spacing - NFC: reorder the logic in nfc_{un,}register_device - xen/blkfront: separate per ring information out of device info - xen/blkfront: pseudo support for multi hardware queues/rings - xen/blkfront: split per device io_lock - xen/io: use virt_xxx barriers - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - HID: introduce hid_is_using_ll_driver - clone_private_mount() doesn't need to touch namespace_sem - lightnvm: NVM should depend on HAS_DMA

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 40c1f6bdad0c1b0c5c7d6e2c2a1f0646f5ec24a0 linux-buildinfo-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb fee7709ef3b91afbd8e66cf08cb748c9054e3811 linux-cloud-tools-4.4.0-238-tuxcare.els9_4.4.0-238.272_amd64.deb 055d8e15d3670760af34060eddb080efa0e2627c linux-cloud-tools-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 1194cceac524a7a428b5056a644d53b80613e577 linux-cloud-tools-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb 277860591ff28466dceb2abbac02294c0ee1d5a4 linux-cloud-tools-common_4.4.0-238.272_all.deb 2fd73f0d0bf644f5d259280024b431547bec2b34 linux-cloud-tools-generic_4.4.0.238.272_amd64.deb c85fb63c1b15d091cb7d532a59355700be82e65f linux-cloud-tools-lowlatency_4.4.0.238.272_amd64.deb 693bcd16b067e026b831b5e2b1abbe4e2d495ea6 linux-crashdump_4.4.0.238.272_amd64.deb 93dbe94b5694e391e12f87c4da13e8904981348f linux-doc_4.4.0-238.272_all.deb 93eaff2fe1d3aa8d1374fc90035b7cf417a96fe0 linux-generic_4.4.0.238.272_amd64.deb a6eca6ac379ca222b05d558e1cec7d8d8c8a751e linux-headers-4.4.0-238-tuxcare.els9_4.4.0-238.272_all.deb e176444da0e9443c08d297d94ddd09f0f144bed4 linux-headers-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb d7780a31fc4f9e7a8a92937f66b80d068ddd7908 linux-headers-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb ac2288557016c8905db8bf7bc9ddfb5c187dd294 linux-headers-generic_4.4.0.238.272_amd64.deb a938906b40e01155e8598a52c9a6c9b2e0addfb0 linux-headers-lowlatency_4.4.0.238.272_amd64.deb 50aea214a3b3e29a41966eb40080d703ccde3c85 linux-image-generic_4.4.0.238.272_amd64.deb 31d281c41e77466b746a596676e46b0800366c43 linux-image-lowlatency_4.4.0.238.272_amd64.deb 604fb47bbf3c3797579efb1218dda5694f7fbc09 linux-image-unsigned-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 71d30b755935e2a9ed0bd2129b42704b1d409216 linux-image-unsigned-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb 13ee098070a4b2bb354a02b74a236b01d3a6f4cb linux-libc-dev_4.4.0-238.272_amd64.deb 84fd6e77f85036969fbc2774a3585e442cd6b152 linux-lowlatency_4.4.0.238.272_amd64.deb 139e70d01fee80932a43d22f747539be22eecb11 linux-modules-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 5ef80d65da71a86bd717b19efb66de159ee95e46 linux-modules-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb e4ccdaa3667c1774fc95e11f0d34dc144ba1919b linux-modules-extra-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb fb8ac2b8d2d450d0140c5c170e1f868b35ae66c6 linux-source_4.4.0.238.272_all.deb 42fa0c4c3e976fc3b8b7149054bf586e03857389 linux-source-4.4.0_4.4.0-238.272_all.deb d690b5dd1f01f9a3d985fb74601c931a7b562d4e linux-tools-4.4.0-238-tuxcare.els9_4.4.0-238.272_amd64.deb 455bee1509fb0d00eeb2814d07d85f7b43e7ccd8 linux-tools-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 1b57f0f074751c73863420641ce024b862d24ee2 linux-tools-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb c65825c4136c17e9ab6a296a30cfa7e93d7f624e linux-tools-common_4.4.0-238.272_all.deb 2569024f29249c966861b4f9ad99fc5eea296031 linux-tools-generic_4.4.0.238.272_amd64.deb fd4a01a182f72952a4b24274f343601546b114f9 linux-tools-host_4.4.0-238.272_all.deb 21762b2530a3369ac8aa1de3548f00cea99328ad linux-tools-lowlatency_4.4.0.238.272_amd64.deb e1b1245f1949233dcc29b748efc99da429a2809c CLSA-2023:1682605601 TuxCare License Agreement 0 * CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets * CVE-2022-36879 - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero * CVE-2022-1516 - net/x25: Fix null-ptr-deref caused by x25_disconnect * CVE-2022-1205 - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers * CVE-2022-2318 - net: rose: fix UAF bugs caused by timer handler * CVE-2022-1195 - hamradio: defer 6pack kfree after unregister_netdev - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD * CVE-2022-0494 - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-39188 - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) // CVE-2022-39188 - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-2991 - lightnvm: disable the subsystem * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE-2021-4203 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-3772 - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE-2021-3772 - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb * CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) // CVE-2022-1462 - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() * CVE-2022-1462 - tty: fix deadlock caused by calling printk() under tty_port->lock * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-2022-1462 - pty: do tty_flip_buffer_push without port->lock in pty_write * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234) // CVE-2022-1462 - tty: Fix data race in tty_insert_flip_string_fixed_flag * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-4662 - USB: core: Prevent nested device-reset calls * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2022-0617 - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-2380 - video: fbdev: sm712fb: Fix crash in smtcfb_read() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-3111 - power: supply: wm8350-power: Add missing free in free_charger_irq * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) // CVE-2021-3732 - ovl: prevent private clone if bind mount is not allowed * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE-2021-45868 - quota: check block number when reading the block in quota file * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE-2021-3659 - net: mac802154: Fix general protection fault * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE-2023-1074 - sctp: fail if no bound addresses can be used for a given scope * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE-2023-1095 - netfilter: nf_tables: fix null deref due to zeroed list head * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-2023-26607 - ntfs: fix out-of-bounds read in ntfs_attr_find() * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ntfs: fix use-after-free in ntfs_ucsncmp() * CVE-2022-20572 - dm verity: set DM_TARGET_IMMUTABLE feature flag * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - media: mceusb: fix control-message timeouts * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-4149 - btrfs: unlock newly allocated extent buffer after error * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE-2022-20132 - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-2021-28713 - xen/console: harden hvc_xen against event channel storms * CVE-2021-28712 - xen/netfront: harden netfront against event channel storms * CVE-2021-28711 - xen/blkfront: harden blkfront against event channel storms * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-1975 - NFC: netlink: fix sleep in atomic bug when firmware download timeout * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE-2022-1974 - NFC: NULL out the dev->rfkill to prevent UAF * CVE-2022-1974 - nfc: replace improper check device_is_registered() in netlink related functions * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-1011 - fuse: fix pipe buffer lifetime for direct_io * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-2022-0487 - moxart: fix potential use-after-free on remove path * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. // CVE-2023-1118 - media: dvb-core: Fix UAF due to refcount races at releasing * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE-2023-28772 - seq_buf: Fix overflow in seq_buf_putmem_hex() * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328) // CVE-2023-1390 - tipc: fix NULL deref in tipc_link_xmit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41850 - HID: roccat: Fix use-after-free in roccat_read() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-23455 - net: sched: atm: dont intepret cls results when asked to drop * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-47929 - net: sched: disallow noqueue for qdisc classes * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-3424 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0394 - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-36280 - drm/vmwgfx: Validate the box size for the snooped cursor * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41849 - fbdev: smscufx: Fix use-after-free in ufx_ops_open() * Miscellaneous Ubuntu changes - Config update * Miscellaneous upstream changes - media: dvb: dmx: fixed coding style issues of spacing - NFC: reorder the logic in nfc_{un,}register_device - xen/blkfront: separate per ring information out of device info - xen/blkfront: pseudo support for multi hardware queues/rings - xen/blkfront: split per device io_lock - xen/io: use virt_xxx barriers - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - HID: introduce hid_is_using_ll_driver - clone_private_mount() doesn't need to touch namespace_sem - lightnvm: NVM should depend on HAS_DMA None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets * CVE-2022-36879 - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero * CVE-2022-1516 - net/x25: Fix null-ptr-deref caused by x25_disconnect * CVE-2022-1205 - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers * CVE-2022-2318 - net: rose: fix UAF bugs caused by timer handler * CVE-2022-1195 - hamradio: defer 6pack kfree after unregister_netdev - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD * CVE-2022-0494 - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-39188 - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) // CVE-2022-39188 - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-2991 - lightnvm: disable the subsystem * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE-2021-4203 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-3772 - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE-2021-3772 - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb * CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) // CVE-2022-1462 - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() * CVE-2022-1462 - tty: fix deadlock caused by calling printk() under tty_port->lock * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-2022-1462 - pty: do tty_flip_buffer_push without port->lock in pty_write * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234) // CVE-2022-1462 - tty: Fix data race in tty_insert_flip_string_fixed_flag * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-4662 - USB: core: Prevent nested device-reset calls * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2022-0617 - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-2380 - video: fbdev: sm712fb: Fix crash in smtcfb_read() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-3111 - power: supply: wm8350-power: Add missing free in free_charger_irq * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) // CVE-2021-3732 - ovl: prevent private clone if bind mount is not allowed * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE-2021-45868 - quota: check block number when reading the block in quota file * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE-2021-3659 - net: mac802154: Fix general protection fault * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE-2023-1074 - sctp: fail if no bound addresses can be used for a given scope * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE-2023-1095 - netfilter: nf_tables: fix null deref due to zeroed list head * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-2023-26607 - ntfs: fix out-of-bounds read in ntfs_attr_find() * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ntfs: fix use-after-free in ntfs_ucsncmp() * CVE-2022-20572 - dm verity: set DM_TARGET_IMMUTABLE feature flag * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - media: mceusb: fix control-message timeouts * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-4149 - btrfs: unlock newly allocated extent buffer after error * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE-2022-20132 - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-2021-28713 - xen/console: harden hvc_xen against event channel storms * CVE-2021-28712 - xen/netfront: harden netfront against event channel storms * CVE-2021-28711 - xen/blkfront: harden blkfront against event channel storms * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-1975 - NFC: netlink: fix sleep in atomic bug when firmware download timeout * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE-2022-1974 - NFC: NULL out the dev->rfkill to prevent UAF * CVE-2022-1974 - nfc: replace improper check device_is_registered() in netlink related functions * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-1011 - fuse: fix pipe buffer lifetime for direct_io * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-2022-0487 - moxart: fix potential use-after-free on remove path * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. // CVE-2023-1118 - media: dvb-core: Fix UAF due to refcount races at releasing * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE-2023-28772 - seq_buf: Fix overflow in seq_buf_putmem_hex() * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328) // CVE-2023-1390 - tipc: fix NULL deref in tipc_link_xmit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41850 - HID: roccat: Fix use-after-free in roccat_read() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-23455 - net: sched: atm: dont intepret cls results when asked to drop * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-47929 - net: sched: disallow noqueue for qdisc classes * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-3424 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0394 - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-36280 - drm/vmwgfx: Validate the box size for the snooped cursor * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41849 - fbdev: smscufx: Fix use-after-free in ufx_ops_open() * Miscellaneous Ubuntu changes - Config update * Miscellaneous upstream changes - media: dvb: dmx: fixed coding style issues of spacing - NFC: reorder the logic in nfc_{un,}register_device - xen/blkfront: separate per ring information out of device info - xen/blkfront: pseudo support for multi hardware queues/rings - xen/blkfront: split per device io_lock - xen/io: use virt_xxx barriers - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - HID: introduce hid_is_using_ll_driver - clone_private_mount() doesn't need to touch namespace_sem - lightnvm: NVM should depend on HAS_DMA

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 40c1f6bdad0c1b0c5c7d6e2c2a1f0646f5ec24a0 linux-buildinfo-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb fee7709ef3b91afbd8e66cf08cb748c9054e3811 linux-cloud-tools-4.4.0-238-tuxcare.els9_4.4.0-238.272_amd64.deb 055d8e15d3670760af34060eddb080efa0e2627c linux-cloud-tools-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 1194cceac524a7a428b5056a644d53b80613e577 linux-cloud-tools-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb 277860591ff28466dceb2abbac02294c0ee1d5a4 linux-cloud-tools-common_4.4.0-238.272_all.deb 2fd73f0d0bf644f5d259280024b431547bec2b34 linux-cloud-tools-generic_4.4.0.238.272_amd64.deb c85fb63c1b15d091cb7d532a59355700be82e65f linux-cloud-tools-lowlatency_4.4.0.238.272_amd64.deb 693bcd16b067e026b831b5e2b1abbe4e2d495ea6 linux-crashdump_4.4.0.238.272_amd64.deb 93dbe94b5694e391e12f87c4da13e8904981348f linux-doc_4.4.0-238.272_all.deb 93eaff2fe1d3aa8d1374fc90035b7cf417a96fe0 linux-generic_4.4.0.238.272_amd64.deb a6eca6ac379ca222b05d558e1cec7d8d8c8a751e linux-headers-4.4.0-238-tuxcare.els9_4.4.0-238.272_all.deb e176444da0e9443c08d297d94ddd09f0f144bed4 linux-headers-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb d7780a31fc4f9e7a8a92937f66b80d068ddd7908 linux-headers-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb ac2288557016c8905db8bf7bc9ddfb5c187dd294 linux-headers-generic_4.4.0.238.272_amd64.deb a938906b40e01155e8598a52c9a6c9b2e0addfb0 linux-headers-lowlatency_4.4.0.238.272_amd64.deb 50aea214a3b3e29a41966eb40080d703ccde3c85 linux-image-generic_4.4.0.238.272_amd64.deb 31d281c41e77466b746a596676e46b0800366c43 linux-image-lowlatency_4.4.0.238.272_amd64.deb 604fb47bbf3c3797579efb1218dda5694f7fbc09 linux-image-unsigned-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 71d30b755935e2a9ed0bd2129b42704b1d409216 linux-image-unsigned-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb 13ee098070a4b2bb354a02b74a236b01d3a6f4cb linux-libc-dev_4.4.0-238.272_amd64.deb 84fd6e77f85036969fbc2774a3585e442cd6b152 linux-lowlatency_4.4.0.238.272_amd64.deb 139e70d01fee80932a43d22f747539be22eecb11 linux-modules-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 5ef80d65da71a86bd717b19efb66de159ee95e46 linux-modules-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb e4ccdaa3667c1774fc95e11f0d34dc144ba1919b linux-modules-extra-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb fb8ac2b8d2d450d0140c5c170e1f868b35ae66c6 linux-source_4.4.0.238.272_all.deb 42fa0c4c3e976fc3b8b7149054bf586e03857389 linux-source-4.4.0_4.4.0-238.272_all.deb d690b5dd1f01f9a3d985fb74601c931a7b562d4e linux-tools-4.4.0-238-tuxcare.els9_4.4.0-238.272_amd64.deb 455bee1509fb0d00eeb2814d07d85f7b43e7ccd8 linux-tools-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb 1b57f0f074751c73863420641ce024b862d24ee2 linux-tools-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb c65825c4136c17e9ab6a296a30cfa7e93d7f624e linux-tools-common_4.4.0-238.272_all.deb 2569024f29249c966861b4f9ad99fc5eea296031 linux-tools-generic_4.4.0.238.272_amd64.deb fd4a01a182f72952a4b24274f343601546b114f9 linux-tools-host_4.4.0-238.272_all.deb 21762b2530a3369ac8aa1de3548f00cea99328ad linux-tools-lowlatency_4.4.0.238.272_amd64.deb e1b1245f1949233dcc29b748efc99da429a2809c CLSA-2023:1683235759 TuxCare License Agreement 0 * SECURITY UPDATE: Excessive resource use verifying X.509 policy constraints - debian/patches/CVE-2023-0464.patch: Limit X.509 certificate tree size to avoid exponential use of computational resources - CVE-2023-0464 * SECURITY UPDATE: Incorrecly documented X509_VERIFY_PARAM_add0_policy() - debian/patches/CVE-2023-0466.patch: Align documentation with actual implementation - CVE-2023-0466 * SECURITY UPDATE: Double locking in X.509 policy cache handling - debian/patches/CVE-2022-3996.patch: Revert previously introduced redundant flag setting and so avoid locking at all - CVE-2022-3996 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Excessive resource use verifying X.509 policy constraints - debian/patches/CVE-2023-0464.patch: Limit X.509 certificate tree size to avoid exponential use of computational resources - CVE-2023-0464 * SECURITY UPDATE: Incorrecly documented X509_VERIFY_PARAM_add0_policy() - debian/patches/CVE-2023-0466.patch: Align documentation with actual implementation - CVE-2023-0466 * SECURITY UPDATE: Double locking in X.509 policy cache handling - debian/patches/CVE-2022-3996.patch: Revert previously introduced redundant flag setting and so avoid locking at all - CVE-2022-3996

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els6_amd64.deb f2506d981c0f10418265c51941f1c5ac88bd4b7a libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els6_all.deb dcf8a3913f78086b465f07cc4520341fd53daad6 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els6_amd64.deb b66c4778b37941bd2781fd79dcf973e5e633cf40 openssl_1.0.2g-1ubuntu4.21+tuxcare.els6_amd64.deb b0fbe5c22e8d5a83665ba25db8b5efd700362988 CLSA-2023:1683815086 TuxCare License Agreement 0 * SECURITY UPDATE: By feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch) - debian/patches/CVE-2023-25652.patch: removing a link instead of writing into - CVE-2023-25652 * SECURITY UPDATE: A specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_rename_section_in_file()` that can lead to a remote code execution - debian/patches/CVE-2023-29007.patch: restrict the config file line length to parse it whole either as a section or as a parameter - CVE-2023-29007 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: By feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch) - debian/patches/CVE-2023-25652.patch: removing a link instead of writing into - CVE-2023-25652 * SECURITY UPDATE: A specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_rename_section_in_file()` that can lead to a remote code execution - debian/patches/CVE-2023-29007.patch: restrict the config file line length to parse it whole either as a section or as a parameter - CVE-2023-29007

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els3_amd64.deb 8cade5185e93ab41700a1733ca723c72308ccf58 git-all_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 5a200a2b3a7d19f25dc091e5fa7508c9afb33f7b git-arch_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 0fd4ad299f72d0b73c779750831edeb4dfbc40b1 git-core_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb ffbb38ec6866adb453217e64eec6c5eb723f12e3 git-cvs_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb e52e9cef66283d2ab4870e83aae6756807e9d79b git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 541c9c6d5098a2a7f9e88deb81a2d5929d54a8d7 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 15d0cbaa32bf7cf15e942b79af58e765e7c5983f git-doc_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 431da35b93ee6490e44753d917210573e0349fa6 git-el_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb cfafa2d961647153e11f8dcbbfc026028bc30011 git-email_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb d2ecdfed36829fffa2c162503f694229d517aeab git-gui_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 8d1c5c5567fe679258d14140e781e8d8da9d702d git-man_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 7a5d30d33b10f98e69cf94a812d5e3070d628d40 git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb aab642aed59a0f2c1846539093008267e4945a69 git-svn_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 286c7b17ca05e703e7f1c6325de4bc24a168e601 gitk_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb 0860fad35bc9cec41e0a33f7e07a39274d08d601 gitweb_2.7.4-0ubuntu1.10+tuxcare.els3_all.deb ec655a815941becabbd7e34dd467fd0397af2a7e CLSA-2023:1684174277 TuxCare License Agreement 0 * SECURITY UPDATE: Update to 5.7.42 to fix security issues - CVE-2023-21912, CVE-2023-21980 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.42 to fix security issues - CVE-2023-21912, CVE-2023-21980

0 tuxcare-ubuntu16.04-els libmysqlclient-dev_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb b51d76b09d383801c0cfbb78833d56c5fc0c3c3e libmysqlclient20_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 38edd30468b8bdaf2160a3758895210399426d21 libmysqld-dev_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb fd0b66ec84710c2a55570fc77ab584f2573bb94a mysql-client_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_all.deb 4ea0995871ed6f2d2803e8a0b1cecb258f3e86d2 mysql-client-5.7_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 2a53044a937fec78523763179bc58a66e006ea6b mysql-client-core-5.7_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb c3fc46e2bb6223b3ad217e0f95fb88ed4aac71ae mysql-common_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_all.deb c3a321bfb3602af6b39c36bf7e80043f3770708d mysql-server_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_all.deb 6396ce33ea30770ea1c5ed74f8c470ef3bc73c48 mysql-server-5.7_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb cc92d800b1ab8e7e6be0a8021cce830eeeb21c4e mysql-server-core-5.7_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 97619cf5ba68ad6eb16a2734520d6395d1a63ea5 mysql-source-5.7_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 8603558bb4bdae8033642ce5cfe2f42a31b3a38e mysql-testsuite_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_all.deb cd1534203d6cf1eed5671e5c05b2753c61d0e487 mysql-testsuite-5.7_5.7.42-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 3bf93c8f36003e76e24b56cffc5fe61196c3b425 CLSA-2023:1684277390 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) // CVE-2022-1012 - tcp: use different parts of the port_offset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port perturb table to 2^16 - tcp: drop the hash_32() part from the index calculation * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - tcp: add some entropy in __inet_hash_connect() * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE-2022-1012 - tcp: resalt the secret every 10 seconds - secure_seq: use the 64 bits of the siphash for port offset calculation * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) - tcp: change source port randomizarion at connect() time * Miscellaneous upstream changes - Revert "tcp: drop the hash_32() part from the index calculation" - Revert "tcp: increase source port perturb table to 2^16" - Revert "tcp: dynamically allocate the perturb table used by source ports" - Revert "tcp: add small random increments to the source port" - Revert "tcp: resalt the secret every 10 seconds" - Revert "tcp: use different parts of the port_offset for index and offset" - Revert "secure_seq: use the 64 bits of the siphash for port offset calculation" - Revert "tcp: change source port randomizarion at connect() time" - Revert "secure_seq: use SipHash in place of MD5" - Revert "tcp: allow to turn tcp timestamp randomization off" - Revert "tcp/dccp: better use of ephemeral ports in connect()" - tcp/dccp: better use of ephemeral ports in connect() - tcp: randomize tcp timestamp offsets for each connection - tcp: allow to turn tcp timestamp randomization off - secure_seq: use SipHash in place of MD5 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) // CVE-2022-1012 - tcp: use different parts of the port_offset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port perturb table to 2^16 - tcp: drop the hash_32() part from the index calculation * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - tcp: add some entropy in __inet_hash_connect() * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE-2022-1012 - tcp: resalt the secret every 10 seconds - secure_seq: use the 64 bits of the siphash for port offset calculation * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) - tcp: change source port randomizarion at connect() time * Miscellaneous upstream changes - Revert "tcp: drop the hash_32() part from the index calculation" - Revert "tcp: increase source port perturb table to 2^16" - Revert "tcp: dynamically allocate the perturb table used by source ports" - Revert "tcp: add small random increments to the source port" - Revert "tcp: resalt the secret every 10 seconds" - Revert "tcp: use different parts of the port_offset for index and offset" - Revert "secure_seq: use the 64 bits of the siphash for port offset calculation" - Revert "tcp: change source port randomizarion at connect() time" - Revert "secure_seq: use SipHash in place of MD5" - Revert "tcp: allow to turn tcp timestamp randomization off" - Revert "tcp/dccp: better use of ephemeral ports in connect()" - tcp/dccp: better use of ephemeral ports in connect() - tcp: randomize tcp timestamp offsets for each connection - tcp: allow to turn tcp timestamp randomization off - secure_seq: use SipHash in place of MD5

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb d1f94d8d679604229efb30bb7c7f7d07dea46840 linux-buildinfo-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 7b01afaac5fc6e1ea4749084b000c4c5c70288a6 linux-cloud-tools-4.4.0-240-tuxcare.els11_4.4.0-240.274_amd64.deb d12146581486b30ad20c40c69c2553bd52d4d397 linux-cloud-tools-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 9c8ae5d814a4d84f05184a0265ff206b6be3f59f linux-cloud-tools-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 47692547a10208568d16e7eb7d988eea5d38f148 linux-cloud-tools-common_4.4.0-240.274_all.deb c53b07b3581c7be02473de3795bd6537e0f976a1 linux-cloud-tools-generic_4.4.0.240.274_amd64.deb f1b819ea20a639eb0bc77bfbd540d14d764d4bf9 linux-cloud-tools-lowlatency_4.4.0.240.274_amd64.deb e353a72791bf8627933c4d8d13c3eeda55c1a46e linux-crashdump_4.4.0.240.274_amd64.deb 2e86670de4d0724c8b413ad090a060a6f4097b44 linux-doc_4.4.0-240.274_all.deb 769c3f56d823d32a6f198758c2fb772975070e80 linux-generic_4.4.0.240.274_amd64.deb 296b1683cc2f202fe3df78782d18810203d37f7e linux-headers-4.4.0-240-tuxcare.els11_4.4.0-240.274_all.deb 4aaad1bd443b4284b69f077f9f84fd453bc7e652 linux-headers-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 8968d557f3138e600f482d9b4189d689344fe47f linux-headers-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 052b4b6e9f09467bf227b6bb66c97ad7a623aae4 linux-headers-generic_4.4.0.240.274_amd64.deb 0d1e84fc1234bc694886549cb01915c2fdd8e2ee linux-headers-lowlatency_4.4.0.240.274_amd64.deb 7f6fc869d23333a0541e9ae383fc8978fcd868fe linux-image-generic_4.4.0.240.274_amd64.deb b86a4556b903c955d8955b66f00c56fe99643b06 linux-image-lowlatency_4.4.0.240.274_amd64.deb 02ea1bec30b02160b6abeab0e1aaa9a63fcc2a87 linux-image-unsigned-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 1556dbdd8c72ff4184c7dfd2b99ea2b01f46e049 linux-image-unsigned-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 05c2b3cb3a650a2a7aa2a3a9f5ae3dcadc2bfda6 linux-libc-dev_4.4.0-240.274_amd64.deb 80ea8fc6bca129594678e5dabd63753383706fba linux-lowlatency_4.4.0.240.274_amd64.deb bfe886825a9fedf44b72ad93ea40875f6f2970df linux-modules-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb c2ee79b10526373c0744855b39d3b1633805f057 linux-modules-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 50bd53964b7e7413e645678c3f717a9e9778292f linux-modules-extra-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 3e09c627e9fc3ac8e6d35a55f69fc8041ac66a0a linux-source_4.4.0.240.274_all.deb d22e1e0741463f7dda303d76f71899a8cf8190e1 linux-source-4.4.0_4.4.0-240.274_all.deb e92201e55672b53c632b267c200047886f503066 linux-tools-4.4.0-240-tuxcare.els11_4.4.0-240.274_amd64.deb 9f5d592be67f3f0b39df9a604ad75336320cd745 linux-tools-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 1daee1ee69d57ccb86ba5511b10432b5d1d93ca0 linux-tools-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 9e11dbbbeacf6168524fdbaedadb063aaabb1f45 linux-tools-common_4.4.0-240.274_all.deb 99d87d2f554b8e9470454bc43ddfff2c200a9714 linux-tools-generic_4.4.0.240.274_amd64.deb d5f6a9f23f2851bfd7dd96753c43a3c6206c1f42 linux-tools-host_4.4.0-240.274_all.deb ed2f9d0cf238d52456292a4119262af09b78ec7c linux-tools-lowlatency_4.4.0.240.274_amd64.deb 00d8529af3ac2aa938eae95c6adaf18d60d566f8 CLSA-2023:1684277794 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) // CVE-2022-1012 - tcp: use different parts of the port_offset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port perturb table to 2^16 - tcp: drop the hash_32() part from the index calculation * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - tcp: add some entropy in __inet_hash_connect() * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE-2022-1012 - tcp: resalt the secret every 10 seconds - secure_seq: use the 64 bits of the siphash for port offset calculation * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) - tcp: change source port randomizarion at connect() time * Miscellaneous upstream changes - Revert "tcp: drop the hash_32() part from the index calculation" - Revert "tcp: increase source port perturb table to 2^16" - Revert "tcp: dynamically allocate the perturb table used by source ports" - Revert "tcp: add small random increments to the source port" - Revert "tcp: resalt the secret every 10 seconds" - Revert "tcp: use different parts of the port_offset for index and offset" - Revert "secure_seq: use the 64 bits of the siphash for port offset calculation" - Revert "tcp: change source port randomizarion at connect() time" - Revert "secure_seq: use SipHash in place of MD5" - Revert "tcp: allow to turn tcp timestamp randomization off" - Revert "tcp/dccp: better use of ephemeral ports in connect()" - tcp/dccp: better use of ephemeral ports in connect() - tcp: randomize tcp timestamp offsets for each connection - tcp: allow to turn tcp timestamp randomization off - secure_seq: use SipHash in place of MD5 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) // CVE-2022-1012 - tcp: use different parts of the port_offset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port perturb table to 2^16 - tcp: drop the hash_32() part from the index calculation * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - tcp: add some entropy in __inet_hash_connect() * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE-2022-1012 - tcp: resalt the secret every 10 seconds - secure_seq: use the 64 bits of the siphash for port offset calculation * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) - tcp: change source port randomizarion at connect() time * Miscellaneous upstream changes - Revert "tcp: drop the hash_32() part from the index calculation" - Revert "tcp: increase source port perturb table to 2^16" - Revert "tcp: dynamically allocate the perturb table used by source ports" - Revert "tcp: add small random increments to the source port" - Revert "tcp: resalt the secret every 10 seconds" - Revert "tcp: use different parts of the port_offset for index and offset" - Revert "secure_seq: use the 64 bits of the siphash for port offset calculation" - Revert "tcp: change source port randomizarion at connect() time" - Revert "secure_seq: use SipHash in place of MD5" - Revert "tcp: allow to turn tcp timestamp randomization off" - Revert "tcp/dccp: better use of ephemeral ports in connect()" - tcp/dccp: better use of ephemeral ports in connect() - tcp: randomize tcp timestamp offsets for each connection - tcp: allow to turn tcp timestamp randomization off - secure_seq: use SipHash in place of MD5

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb d1f94d8d679604229efb30bb7c7f7d07dea46840 linux-buildinfo-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 7b01afaac5fc6e1ea4749084b000c4c5c70288a6 linux-cloud-tools-4.4.0-240-tuxcare.els11_4.4.0-240.274_amd64.deb d12146581486b30ad20c40c69c2553bd52d4d397 linux-cloud-tools-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 9c8ae5d814a4d84f05184a0265ff206b6be3f59f linux-cloud-tools-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 47692547a10208568d16e7eb7d988eea5d38f148 linux-cloud-tools-common_4.4.0-240.274_all.deb c53b07b3581c7be02473de3795bd6537e0f976a1 linux-cloud-tools-generic_4.4.0.240.274_amd64.deb f1b819ea20a639eb0bc77bfbd540d14d764d4bf9 linux-cloud-tools-lowlatency_4.4.0.240.274_amd64.deb e353a72791bf8627933c4d8d13c3eeda55c1a46e linux-crashdump_4.4.0.240.274_amd64.deb 2e86670de4d0724c8b413ad090a060a6f4097b44 linux-doc_4.4.0-240.274_all.deb 769c3f56d823d32a6f198758c2fb772975070e80 linux-generic_4.4.0.240.274_amd64.deb 296b1683cc2f202fe3df78782d18810203d37f7e linux-headers-4.4.0-240-tuxcare.els11_4.4.0-240.274_all.deb 4aaad1bd443b4284b69f077f9f84fd453bc7e652 linux-headers-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 8968d557f3138e600f482d9b4189d689344fe47f linux-headers-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 052b4b6e9f09467bf227b6bb66c97ad7a623aae4 linux-headers-generic_4.4.0.240.274_amd64.deb 0d1e84fc1234bc694886549cb01915c2fdd8e2ee linux-headers-lowlatency_4.4.0.240.274_amd64.deb 7f6fc869d23333a0541e9ae383fc8978fcd868fe linux-image-generic_4.4.0.240.274_amd64.deb b86a4556b903c955d8955b66f00c56fe99643b06 linux-image-lowlatency_4.4.0.240.274_amd64.deb 02ea1bec30b02160b6abeab0e1aaa9a63fcc2a87 linux-image-unsigned-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 1556dbdd8c72ff4184c7dfd2b99ea2b01f46e049 linux-image-unsigned-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 05c2b3cb3a650a2a7aa2a3a9f5ae3dcadc2bfda6 linux-libc-dev_4.4.0-240.274_amd64.deb 80ea8fc6bca129594678e5dabd63753383706fba linux-lowlatency_4.4.0.240.274_amd64.deb bfe886825a9fedf44b72ad93ea40875f6f2970df linux-modules-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb c2ee79b10526373c0744855b39d3b1633805f057 linux-modules-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 50bd53964b7e7413e645678c3f717a9e9778292f linux-modules-extra-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 3e09c627e9fc3ac8e6d35a55f69fc8041ac66a0a linux-source_4.4.0.240.274_all.deb d22e1e0741463f7dda303d76f71899a8cf8190e1 linux-source-4.4.0_4.4.0-240.274_all.deb e92201e55672b53c632b267c200047886f503066 linux-tools-4.4.0-240-tuxcare.els11_4.4.0-240.274_amd64.deb 9f5d592be67f3f0b39df9a604ad75336320cd745 linux-tools-4.4.0-240-tuxcare.els11-generic_4.4.0-240.274_amd64.deb 1daee1ee69d57ccb86ba5511b10432b5d1d93ca0 linux-tools-4.4.0-240-tuxcare.els11-lowlatency_4.4.0-240.274_amd64.deb 9e11dbbbeacf6168524fdbaedadb063aaabb1f45 linux-tools-common_4.4.0-240.274_all.deb 99d87d2f554b8e9470454bc43ddfff2c200a9714 linux-tools-generic_4.4.0.240.274_amd64.deb d5f6a9f23f2851bfd7dd96753c43a3c6206c1f42 linux-tools-host_4.4.0-240.274_all.deb ed2f9d0cf238d52456292a4119262af09b78ec7c linux-tools-lowlatency_4.4.0.240.274_amd64.deb 00d8529af3ac2aa938eae95c6adaf18d60d566f8 CLSA-2023:1684823891 TuxCare License Agreement 0 * Universal build for Ubuntu/Debian None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Universal build for Ubuntu/Debian

0 tuxcare-ubuntu16.04-els els-define_1-1.0.3_amd64.deb 6f54ff5fa819358a6741618683f87b53a7ae3f5c CLSA-2023:1685023926 TuxCare License Agreement 0 * SECURITY UPDATE: an overflow of 64-bit value used to a memory allocation - debian/patches/CVE-2022-39377.patch: check an overflow and exit if it be - CVE-2022-39377 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: an overflow of 64-bit value used to a memory allocation - debian/patches/CVE-2022-39377.patch: check an overflow and exit if it be - CVE-2022-39377

0 tuxcare-ubuntu16.04-els isag_11.2.0-1ubuntu0.3+tuxcare.els1_all.deb d4290b1beb0a5149e349393cb7187ff5c7aa9221 sysstat_11.2.0-1ubuntu0.3+tuxcare.els1_amd64.deb 28b59534edc3b931f220ba338662e503cacf37dd CLSA-2023:1685380362 TuxCare License Agreement 0 * SECURITY UPDATE: a possible overflow because of an incomplete fix of CVE-2022-39377 - debian/patches/CVE-2023-33204.patch: check an overflow and exit if it be - CVE-2023-33204 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a possible overflow because of an incomplete fix of CVE-2022-39377 - debian/patches/CVE-2023-33204.patch: check an overflow and exit if it be - CVE-2023-33204

0 tuxcare-ubuntu16.04-els isag_11.2.0-1ubuntu0.3+tuxcare.els2_all.deb e577a1b0901e2bc42e860fe15690d3f4ce7a4fa7 sysstat_11.2.0-1ubuntu0.3+tuxcare.els2_amd64.deb 9198c0b01d061be592c186cd561033d55ab4131d CLSA-2023:1685380447 TuxCare License Agreement 0 * SECURITY UPDATE: Crash when expanding "~" in substitute causes very long text - debian/patches/CVE-2023-2610.patch: Limit the text length to MAXCOL - CVE-2023-2610 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash when expanding "~" in substitute causes very long text - debian/patches/CVE-2023-2610.patch: Limit the text length to MAXCOL - CVE-2023-2610

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb bcc0786dedbbe049e7d52a9c135f25f2faec9a3e vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 14e606c9f3069c2e8bf0d81de68c572e6b8753ce vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb d28c63eddc5b12cc6667343c31e11176f4ef0385 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 4bd55dab09903f3de908f4c097889be365dc02cb vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els42_all.deb 630f30852a1be35021d90e4cd1039f96007b1f46 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 8f411e658f7decb661dad3cca09a3b132a218a6b vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 713dd893f2a546015b8b2e47ce8b05a52847b052 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 998331c0f47db324d880a31780ffdafc7ffeead5 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb d7f509642ba2d3dc84185cfbe53888ef54681028 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb acfa0e1945038fee31965e5d4523059ebaaf9584 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb fc7e651127db22fd1a0c33b32a4800c488d2e7a2 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els42_all.deb 3cfb46cbe4426450821eafe3d46810edb8e7db9b vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb f142be3519b046ed5e47c6980ac604df1d819911 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 69e6a4547539d30bd3abf2ef6081a6a35568971b vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els42_all.deb 0b11b58d671afd8a15d44911693630878d4ddbf6 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els42_amd64.deb 32f7fdb59b48d2d8de7c730fa919593baefa4041 CLSA-2023:1685972217 TuxCare License Agreement 0 * SECURITY UPDATE: NULL pointer dereference in get_register() - debian/patches/CVE-2023-2609.patch: Check "y_array" is not NULL - CVE-2023-2609 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: NULL pointer dereference in get_register() - debian/patches/CVE-2023-2609.patch: Check "y_array" is not NULL - CVE-2023-2609

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb a9a7d7f9e1654e8e5436b4a5b69541bb130b98ee vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb 8deba8977093a8ab75153bbf8d5a139d06daaa9d vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb ec98405d0cf6f3b2f0f98772940885d944001c5f vim-common_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb 3b4b80ef30275554b03737c95ad51b3005cef82f vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els43_all.deb 0c36017f4bd9b655eaf99914d739608d1cde6ffb vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb 0c0960deeb0b0a76d5d9910fb6f1deace1f8e99a vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb bdaed77dce43c0c7d74daf9d744ad6032ba2a508 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb f89bd0fbe2296d77603acedb32af141fc1d8d799 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb eb3c8ae140dd02a3f51f5072a6534c9dc07b4a47 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb 1e3b36809011c5f26273c3d5d30eef7cbb3c6992 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb e43b7a49f7d04cda7672d2f0eec9f27857a79667 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els43_all.deb 8baec1614758981c8dfdb28d67d168eb54db9d5a vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb 7e082d3908100175e3bf4bb69651fdb22d310b53 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb fe2810c382ade39c60f8fd3211fb8999ec05fe74 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els43_all.deb e90e07b2206b191efd277cf9ab4c540c0916296e vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els43_amd64.deb 99add8a770122ebdda2f670d3c36fc4e3fbaabfe CLSA-2023:1686586380 TuxCare License Agreement 0 * SECURITY UPDATE: possible MITM attack - debian/patches/fixes/CVE-2023-31484.patch: fix missing SSL verification - CVE-2023-31484 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible MITM attack - debian/patches/fixes/CVE-2023-31484.patch: fix missing SSL verification - CVE-2023-31484

0 tuxcare-ubuntu16.04-els libperl-dev_5.22.1-9ubuntu0.9+tuxcare.els2_amd64.deb 0cf59525b9fb2cd039bd7e92ebbf05b380f528f0 libperl5.22_5.22.1-9ubuntu0.9+tuxcare.els2_amd64.deb 2f3da69462f43130d8770b2919ab6ea25fe9799f perl_5.22.1-9ubuntu0.9+tuxcare.els2_amd64.deb 070361d759266050a39bea82bb6810aee1e8eb8e perl-base_5.22.1-9ubuntu0.9+tuxcare.els2_amd64.deb c775cb521c035166dea57283115db76971acf63b perl-debug_5.22.1-9ubuntu0.9+tuxcare.els2_amd64.deb dbabcb77aeed62c30001e6cb6ce90b0bd00c6a16 perl-doc_5.22.1-9ubuntu0.9+tuxcare.els2_all.deb 1273bb91c70681d54cc4c6284e3408b7aa31f838 perl-modules-5.22_5.22.1-9ubuntu0.9+tuxcare.els2_all.deb c37f57964817cb68834a16c2fd7a05432d29b018 CLSA-2023:1687282015 TuxCare License Agreement 0 * SECURITY UPDATE: Potential denial of service in OBJ_obj2txt translation - debian/patches/CVE-2023-2650.patch: Restrict size that OBJ_obj2txt() will translate to canonical numeric text form is added, based on RFC 2578 - CVE-2023-2650 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Potential denial of service in OBJ_obj2txt translation - debian/patches/CVE-2023-2650.patch: Restrict size that OBJ_obj2txt() will translate to canonical numeric text form is added, based on RFC 2578 - CVE-2023-2650

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els7_amd64.deb 265a33699d4aec802e5bf1a60ff219719a7498f3 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els7_all.deb c18cc6e7f97928caeb6bc313422273e4aed1c829 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els7_amd64.deb 7e31a1c3ad43a0a39fbc5793f4ec2143e5d6efe5 openssl_1.0.2g-1ubuntu4.21+tuxcare.els7_amd64.deb 7ec1f16b4988f8ce7982b16976220d9a68462903 CLSA-2023:1687469258 TuxCare License Agreement 0 * SECURITY UPDATE: buffer overflow allows for signature spoofing - debian/patches/CVE-2022-34903.patch: always use a break to terminate the escape detection loop. - CVE-2022-34903 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overflow allows for signature spoofing - debian/patches/CVE-2022-34903.patch: always use a break to terminate the escape detection loop. - CVE-2022-34903

0 tuxcare-ubuntu16.04-els gnupg_1.4.20-1ubuntu3.3+tuxcare.els1_amd64.deb a24a412041b4b49213db6a1507494c7018e6d822 gnupg-curl_1.4.20-1ubuntu3.3+tuxcare.els1_amd64.deb cf4439e30706cde5322018158233f219a1c43552 gpgv_1.4.20-1ubuntu3.3+tuxcare.els1_amd64.deb 9e17284febdb84ee9ce1bf956cec4c9f857c5488 CLSA-2023:1687795384 TuxCare License Agreement 0 * SECURITY UPDATE: fixing the existing CVE-2017-12450 patches that were incorrectly ported from upstream - debian/patches/CVE-2017-12450-1.patch: fix address violation errors - debian/patches/CVE-2017-12450-2.patch: import patches from mainline to fix minor binutils bugs - CVE-2017-12450 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-25584.patch: lack of bounds checking in vms-alpha.c - CVE-2023-25584 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25585.patch: field file_table of struct module is uninitialized - CVE-2023-25585 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25588.patch: field `the_bfd` of `asymbol` is uninitialised - CVE-2023-25588 * Fix memory leaks and buffer overflow in vms-alpha.c - debian/patches/vms-alpha-buffer-overflow-fix.patch: fix heap-based buffer overflow in build_module_list in vms-alpha.c - debian/patches/vms-alpha-memory-leaks-fix.patch: fix memory leaks and buffer overflow in vms-alpha.c Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fixing the existing CVE-2017-12450 patches that were incorrectly ported from upstream - debian/patches/CVE-2017-12450-1.patch: fix address violation errors - debian/patches/CVE-2017-12450-2.patch: import patches from mainline to fix minor binutils bugs - CVE-2017-12450 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-25584.patch: lack of bounds checking in vms-alpha.c - CVE-2023-25584 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25585.patch: field file_table of struct module is uninitialized - CVE-2023-25585 * SECURITY UPDATE: segmentation fault due to uninitialized - debian/patches/CVE-2023-25588.patch: field `the_bfd` of `asymbol` is uninitialised - CVE-2023-25588 * Fix memory leaks and buffer overflow in vms-alpha.c - debian/patches/vms-alpha-buffer-overflow-fix.patch: fix heap-based buffer overflow in build_module_list in vms-alpha.c - debian/patches/vms-alpha-memory-leaks-fix.patch: fix memory leaks and buffer overflow in vms-alpha.c

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb f28d1cfe6914b8644c7c67d92d43ddcbd895f770 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb b7e16c9099a1deb8203a35ebb7580c10fe43799b binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 5909bb7fb388e1666f7983b3844d4664ddeaab97 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 40f0ba1bc99281dccc1874a54287b414a2912129 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 99f8347723e376ac2076aed660ce6663c286d7ec binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 167f71ab2dafc64f73058f1339b0d862c3f6f70e binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_all.deb 6b2cbeae19e610798266ebb2222ca3b2b24639e8 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb f0b47c655cc9e87c1b785e291f3849b3c1db550d binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 85e6fe95d4eb66b77008b68244bbff15f54c4e32 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 114d9d9ed6b0a1e46a9974cc70f5334825347c95 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 0068410d2d375c29d7eaf7f15f03e94196eaee7f binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 7094f983cd465aaffeea3ea5e70f46261b3eb922 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 4a3f59044d082158ff4711e88a8bebe4cdef5262 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 69d2ee2c822e0e1f5fc277598ae6cb009d64b994 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb f12edcd9b211a9f1b1a348e7e5679f84285454b0 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb fdf258518697af899ec78de8b7b8b14ba1439f27 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 3df73de59a82536a5acf6d23ba0b0b1123308b29 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb e52563adf8375911ad08c0d7d16777234abc4e3d binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 77365496d61bc9e450dc169ec10d23f698e8c37b binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 3842bee16e0fce4d038a9ec009a2fcb93147dffd binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 8b0e6b2bb1b0da5d590c9f47e61c0a30aa2c1761 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb 8321326cd6ec924436f9e61b22b04187b5cc921a binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_all.deb 64ac53c4bbc46b623f5d8c450f014d124f173bc8 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els6_amd64.deb b192c48a976af69016f7a860e259367d426c4d8e CLSA-2023:1688070248 TuxCare License Agreement 0 * SECURITY UPDATE: More POST-after-PUT confusion - debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling - CVE-2023-28322 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: More POST-after-PUT confusion - debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling - CVE-2023-28322

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb 90b71fc284e596db6dada05e74d8266dc4b956c7 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb 2ba862c8fc2f1e1331ae968c9bfaff03cf27f34e libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb ff52176f43827ac26c26baf1875ea3ca6ea26f70 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb fb1c7501d9ae44d59a79fb205550398af6868fcc libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els9_all.deb b064494ded189a9460afb410ca30c9264c311791 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb ceef6d2c7cefdd405312b0fb1d709e78ee4dca5a libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb 267dab60204e2876412eee686a6de60c0d79dffb libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els9_amd64.deb c9c11955a649b2f39f6248ee1c9c2082a3fd98e0 CLSA-2023:1688070370 TuxCare License Agreement 0 * SECURITY UPDATE: Response injection (buffering) during MTA SMTP sending - debian/patches/CVE-2021-38371.patch: Enforce STARTTLS sync point, client side in src/transports/smtp.c - CVE-2021-38371 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Response injection (buffering) during MTA SMTP sending - debian/patches/CVE-2021-38371.patch: Enforce STARTTLS sync point, client side in src/transports/smtp.c - CVE-2021-38371

0 tuxcare-ubuntu16.04-els exim4_4.86.2-2ubuntu2.6+tuxcare.els3_all.deb 3d3adba60365fa4bbd82e53effaf6c0a683e6989 exim4-base_4.86.2-2ubuntu2.6+tuxcare.els3_amd64.deb ba06401e99494f58bf1230d93716a49afbf5cb5e exim4-config_4.86.2-2ubuntu2.6+tuxcare.els3_all.deb f3a55aaebb5715417e13374df5393038260d3a36 exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els3_amd64.deb 58930e76a52aba2216bc03062808d6cf559d7113 exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els3_amd64.deb 30ec1265cdc7455757c094b281985712b0ad7030 exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els3_amd64.deb 56a41488f0643f721ea176721ce15ae724cc833a eximon4_4.86.2-2ubuntu2.6+tuxcare.els3_amd64.deb 0a331173fef3c987edd7cfadee1bdfc3500811d5 CLSA-2023:1688072342 TuxCare License Agreement 0 * CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: bogus EBUSY in chain deletions * CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: release objects on netns destruction - netfilter: nf_tables: destroy basechain and rules on netdevice removal - netfilter: nft_hash: support deletion of inactive elements - netfilter: nf_tables: remove check against removal of inactive objects - netfilter: nfnetlink: pass down netns pointer to call() and call_rcu() - netfilter: nf_tables: introduce nft_setelem_parse_flags() helper - netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper - netfilter: nft_rbtree: allow adjacent intervals with dynamic updates - netfilter: nf_tables: parse element flags from nft_del_setelem() - netfilter: nf_tables: reject loops from set element jump to chain - netfilter: nf_tables: fix wrong destroy anonymous sets if binding fails - netfilter: nf_tables: add generic macros to check for generation mask - netfilter: nf_tables: add generation mask to tables - netfilter: nf_tables: add generation mask to chains - netfilter: nf_tables: add generation mask to sets - netfilter: nf_tables: get rid of NFT_BASECHAIN_DISABLED - netlink: add NLM_F_NONREC flag for deletion requests - netfilter: nf_tables: add support for inverted logic in nft_lookup - netfilter: nf_tables: get rid of possible_net_t from set and basechain - netfilter: nf_tables: simplify the basic expressions' init routine - netfilter: nf_tables: fix *leak* when expr clone fail - netfilter: nf_tables: missing sanitization in data from userspace - netfilter: nf_tables: revisit chain/object refcounting from elements * CVE-2023-1380 // CVE-url: https://ubuntu.com/security/CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-32269 - netrom: Fix use-after-free caused by accept on already connected socket * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-2162 - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: bogus EBUSY in chain deletions * CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: release objects on netns destruction - netfilter: nf_tables: destroy basechain and rules on netdevice removal - netfilter: nft_hash: support deletion of inactive elements - netfilter: nf_tables: remove check against removal of inactive objects - netfilter: nfnetlink: pass down netns pointer to call() and call_rcu() - netfilter: nf_tables: introduce nft_setelem_parse_flags() helper - netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper - netfilter: nft_rbtree: allow adjacent intervals with dynamic updates - netfilter: nf_tables: parse element flags from nft_del_setelem() - netfilter: nf_tables: reject loops from set element jump to chain - netfilter: nf_tables: fix wrong destroy anonymous sets if binding fails - netfilter: nf_tables: add generic macros to check for generation mask - netfilter: nf_tables: add generation mask to tables - netfilter: nf_tables: add generation mask to chains - netfilter: nf_tables: add generation mask to sets - netfilter: nf_tables: get rid of NFT_BASECHAIN_DISABLED - netlink: add NLM_F_NONREC flag for deletion requests - netfilter: nf_tables: add support for inverted logic in nft_lookup - netfilter: nf_tables: get rid of possible_net_t from set and basechain - netfilter: nf_tables: simplify the basic expressions' init routine - netfilter: nf_tables: fix *leak* when expr clone fail - netfilter: nf_tables: missing sanitization in data from userspace - netfilter: nf_tables: revisit chain/object refcounting from elements * CVE-2023-1380 // CVE-url: https://ubuntu.com/security/CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-32269 - netrom: Fix use-after-free caused by accept on already connected socket * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-2162 - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 7a177a183ae345416e8e6453be3a4f63322b10ff linux-buildinfo-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb f3af331b8ab2d98fecf8875e2966ebfabdcf414d linux-cloud-tools-4.4.0-241-tuxcare.els12_4.4.0-241.275_amd64.deb 18d9449de115eb5e59d41ad057fc776872818f4b linux-cloud-tools-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb c0d8bf0749ff368bf6e358894fc17384231f3c80 linux-cloud-tools-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb 708a92a09ab26c22af8a4d641fb188c9a57a9e2f linux-cloud-tools-common_4.4.0-241.275_all.deb 6d2db085c0e1af28e8e92da89d1c49878efed229 linux-cloud-tools-generic_4.4.0.241.275_amd64.deb de069c025740a8ed1fbb34881b05cf7c6eabd4d4 linux-cloud-tools-lowlatency_4.4.0.241.275_amd64.deb 6e1bf197f4640d24569c886a5fc6fcff3f395281 linux-crashdump_4.4.0.241.275_amd64.deb ccb70a93241da5895940140b49d45203442af48a linux-doc_4.4.0-241.275_all.deb a93a91c150e725d4dc71ba7f1120144e76f110e1 linux-generic_4.4.0.241.275_amd64.deb 0c07a66fa300e9fb1c6703c02a3754154c33dea1 linux-headers-4.4.0-241-tuxcare.els12_4.4.0-241.275_all.deb c895aeac657c6a0d03c66eafb85095e1ce3825f3 linux-headers-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 372bc9ac2d46f17b6cfe304203d13ba3def68afb linux-headers-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb be5d9993dd6cc0ceaad3a337a531a7221ad84de5 linux-headers-generic_4.4.0.241.275_amd64.deb 7e1cf4dfa2b3c475361d4e209a65b62135b60133 linux-headers-lowlatency_4.4.0.241.275_amd64.deb 4f81e05cbd3d0f2f3d456053afe500903d934a97 linux-image-generic_4.4.0.241.275_amd64.deb 8256704cdc06f1118db62980ae9ac2f2cffdd965 linux-image-lowlatency_4.4.0.241.275_amd64.deb e9941c657e5da682bb0caeea8a1bc47644652290 linux-image-unsigned-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 3cc027153b17a047e89ddfeedb3543b21053b9bc linux-image-unsigned-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb 075b6cdc81a69bd5016ac849cfd2a8ff78e607f9 linux-libc-dev_4.4.0-241.275_amd64.deb fd9318e438650b3253122a025e36e8f8ac3d11ea linux-lowlatency_4.4.0.241.275_amd64.deb e9ce3e7c5ee15758c7f9721b8f43cc9df9a3dd60 linux-modules-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 2a98dd73e7e921bbde9d337670a176999b959f55 linux-modules-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb e9cda23df5461d544a6ad03b047dc5737f85ce08 linux-modules-extra-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 12be87b42387db61964e68dbe36f346300ad87dd linux-source_4.4.0.241.275_all.deb 6d85b5e4446cd88546c6ebade4d9531fad2b83cc linux-source-4.4.0_4.4.0-241.275_all.deb f4f8e11def091a5748881060400f8e8d8d4d7a3a linux-tools-4.4.0-241-tuxcare.els12_4.4.0-241.275_amd64.deb 8efd70ba35d7e3d37088e0f603047ade2d3f528f linux-tools-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 2711410e4e8e4300726bbfd5472a5ec255e9719f linux-tools-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb 9854f3aa1bb8e734c388aa2dbd4f369dcb0e05ee linux-tools-common_4.4.0-241.275_all.deb 245f026a11245447fdcbadffd430355bab88d28d linux-tools-generic_4.4.0.241.275_amd64.deb b014c0cddde2f4f5d6fa378a86e575637c0797c4 linux-tools-host_4.4.0-241.275_all.deb b0e60f515aee8dce0e1b42761d859dfac3a3a89a linux-tools-lowlatency_4.4.0.241.275_amd64.deb 07c6037839a1e7cbaafc1b863ba45eaa027689d0 CLSA-2023:1688072526 TuxCare License Agreement 0 * CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: bogus EBUSY in chain deletions * CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: release objects on netns destruction - netfilter: nf_tables: destroy basechain and rules on netdevice removal - netfilter: nft_hash: support deletion of inactive elements - netfilter: nf_tables: remove check against removal of inactive objects - netfilter: nfnetlink: pass down netns pointer to call() and call_rcu() - netfilter: nf_tables: introduce nft_setelem_parse_flags() helper - netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper - netfilter: nft_rbtree: allow adjacent intervals with dynamic updates - netfilter: nf_tables: parse element flags from nft_del_setelem() - netfilter: nf_tables: reject loops from set element jump to chain - netfilter: nf_tables: fix wrong destroy anonymous sets if binding fails - netfilter: nf_tables: add generic macros to check for generation mask - netfilter: nf_tables: add generation mask to tables - netfilter: nf_tables: add generation mask to chains - netfilter: nf_tables: add generation mask to sets - netfilter: nf_tables: get rid of NFT_BASECHAIN_DISABLED - netlink: add NLM_F_NONREC flag for deletion requests - netfilter: nf_tables: add support for inverted logic in nft_lookup - netfilter: nf_tables: get rid of possible_net_t from set and basechain - netfilter: nf_tables: simplify the basic expressions' init routine - netfilter: nf_tables: fix *leak* when expr clone fail - netfilter: nf_tables: missing sanitization in data from userspace - netfilter: nf_tables: revisit chain/object refcounting from elements * CVE-2023-1380 // CVE-url: https://ubuntu.com/security/CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-32269 - netrom: Fix use-after-free caused by accept on already connected socket * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-2162 - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: bogus EBUSY in chain deletions * CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nf_tables: release objects on netns destruction - netfilter: nf_tables: destroy basechain and rules on netdevice removal - netfilter: nft_hash: support deletion of inactive elements - netfilter: nf_tables: remove check against removal of inactive objects - netfilter: nfnetlink: pass down netns pointer to call() and call_rcu() - netfilter: nf_tables: introduce nft_setelem_parse_flags() helper - netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper - netfilter: nft_rbtree: allow adjacent intervals with dynamic updates - netfilter: nf_tables: parse element flags from nft_del_setelem() - netfilter: nf_tables: reject loops from set element jump to chain - netfilter: nf_tables: fix wrong destroy anonymous sets if binding fails - netfilter: nf_tables: add generic macros to check for generation mask - netfilter: nf_tables: add generation mask to tables - netfilter: nf_tables: add generation mask to chains - netfilter: nf_tables: add generation mask to sets - netfilter: nf_tables: get rid of NFT_BASECHAIN_DISABLED - netlink: add NLM_F_NONREC flag for deletion requests - netfilter: nf_tables: add support for inverted logic in nft_lookup - netfilter: nf_tables: get rid of possible_net_t from set and basechain - netfilter: nf_tables: simplify the basic expressions' init routine - netfilter: nf_tables: fix *leak* when expr clone fail - netfilter: nf_tables: missing sanitization in data from userspace - netfilter: nf_tables: revisit chain/object refcounting from elements * CVE-2023-1380 // CVE-url: https://ubuntu.com/security/CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-32269 - netrom: Fix use-after-free caused by accept on already connected socket * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-2162 - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 7a177a183ae345416e8e6453be3a4f63322b10ff linux-buildinfo-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb f3af331b8ab2d98fecf8875e2966ebfabdcf414d linux-cloud-tools-4.4.0-241-tuxcare.els12_4.4.0-241.275_amd64.deb 18d9449de115eb5e59d41ad057fc776872818f4b linux-cloud-tools-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb c0d8bf0749ff368bf6e358894fc17384231f3c80 linux-cloud-tools-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb 708a92a09ab26c22af8a4d641fb188c9a57a9e2f linux-cloud-tools-common_4.4.0-241.275_all.deb 6d2db085c0e1af28e8e92da89d1c49878efed229 linux-cloud-tools-generic_4.4.0.241.275_amd64.deb de069c025740a8ed1fbb34881b05cf7c6eabd4d4 linux-cloud-tools-lowlatency_4.4.0.241.275_amd64.deb 6e1bf197f4640d24569c886a5fc6fcff3f395281 linux-crashdump_4.4.0.241.275_amd64.deb ccb70a93241da5895940140b49d45203442af48a linux-doc_4.4.0-241.275_all.deb a93a91c150e725d4dc71ba7f1120144e76f110e1 linux-generic_4.4.0.241.275_amd64.deb 0c07a66fa300e9fb1c6703c02a3754154c33dea1 linux-headers-4.4.0-241-tuxcare.els12_4.4.0-241.275_all.deb c895aeac657c6a0d03c66eafb85095e1ce3825f3 linux-headers-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 372bc9ac2d46f17b6cfe304203d13ba3def68afb linux-headers-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb be5d9993dd6cc0ceaad3a337a531a7221ad84de5 linux-headers-generic_4.4.0.241.275_amd64.deb 7e1cf4dfa2b3c475361d4e209a65b62135b60133 linux-headers-lowlatency_4.4.0.241.275_amd64.deb 4f81e05cbd3d0f2f3d456053afe500903d934a97 linux-image-generic_4.4.0.241.275_amd64.deb 8256704cdc06f1118db62980ae9ac2f2cffdd965 linux-image-lowlatency_4.4.0.241.275_amd64.deb e9941c657e5da682bb0caeea8a1bc47644652290 linux-image-unsigned-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 3cc027153b17a047e89ddfeedb3543b21053b9bc linux-image-unsigned-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb 075b6cdc81a69bd5016ac849cfd2a8ff78e607f9 linux-libc-dev_4.4.0-241.275_amd64.deb fd9318e438650b3253122a025e36e8f8ac3d11ea linux-lowlatency_4.4.0.241.275_amd64.deb e9ce3e7c5ee15758c7f9721b8f43cc9df9a3dd60 linux-modules-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 2a98dd73e7e921bbde9d337670a176999b959f55 linux-modules-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb e9cda23df5461d544a6ad03b047dc5737f85ce08 linux-modules-extra-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 12be87b42387db61964e68dbe36f346300ad87dd linux-source_4.4.0.241.275_all.deb 6d85b5e4446cd88546c6ebade4d9531fad2b83cc linux-source-4.4.0_4.4.0-241.275_all.deb f4f8e11def091a5748881060400f8e8d8d4d7a3a linux-tools-4.4.0-241-tuxcare.els12_4.4.0-241.275_amd64.deb 8efd70ba35d7e3d37088e0f603047ade2d3f528f linux-tools-4.4.0-241-tuxcare.els12-generic_4.4.0-241.275_amd64.deb 2711410e4e8e4300726bbfd5472a5ec255e9719f linux-tools-4.4.0-241-tuxcare.els12-lowlatency_4.4.0-241.275_amd64.deb 9854f3aa1bb8e734c388aa2dbd4f369dcb0e05ee linux-tools-common_4.4.0-241.275_all.deb 245f026a11245447fdcbadffd430355bab88d28d linux-tools-generic_4.4.0.241.275_amd64.deb b014c0cddde2f4f5d6fa378a86e575637c0797c4 linux-tools-host_4.4.0-241.275_all.deb b0e60f515aee8dce0e1b42761d859dfac3a3a89a linux-tools-lowlatency_4.4.0.241.275_amd64.deb 07c6037839a1e7cbaafc1b863ba45eaa027689d0 CLSA-2023:1688677606 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflow in _libcap_strdup() - debian/patches/CVE-2023-2603.patch: enhance libcap's internal strdup code to limit the processing of long strings - CVE-2023-2603 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflow in _libcap_strdup() - debian/patches/CVE-2023-2603.patch: enhance libcap's internal strdup code to limit the processing of long strings - CVE-2023-2603

0 tuxcare-ubuntu16.04-els libcap-dev_2.24-12+tuxcare.els1_amd64.deb ceec47175d4debd8ba56829c4f83c198f353fe77 libcap2_2.24-12+tuxcare.els1_amd64.deb 73032059804887dc3c160e7169cf3fddd7d887bd libcap2-bin_2.24-12+tuxcare.els1_amd64.deb 4c4ac0c34e9c53603c05a15f71a1ee8389f72e81 libpam-cap_2.24-12+tuxcare.els1_amd64.deb a0645d2cab98c61eeb1935702fb6d4eaaf8c1c1f CLSA-2023:1689009164 TuxCare License Agreement 0 * SECURITY UPDATE: mod_lua may denial of service in r:parsebody(0) - debian/patches/CVE-2022-29404.patch: use a liberal default limit for LimitRequestBody of 1GB to prevent a denial of service caused by a malicious lua script request - CVE-2022-29404 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_lua may denial of service in r:parsebody(0) - debian/patches/CVE-2022-29404.patch: use a liberal default limit for LimitRequestBody of 1GB to prevent a denial of service caused by a malicious lua script request - CVE-2022-29404

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els11_amd64.deb 7dd68f21e174f645f8a536679db934cdcfe7bbea apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els11_amd64.deb cfb4ff76f0fc281f81983e03c3cdff71ca68e7b7 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els11_all.deb 2333df718ee9d59953a260a796fd3145c2326325 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els11_amd64.deb 9c5d485d5e9161a2bd3ee148c04e7d0e88a42734 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els11_all.deb 90d3c1226ca664fecfdc6162f0587a37f333229b apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els11_amd64.deb 26b9d0a5ac3afdc0cd333610fab3f23f5f7487de apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els11_amd64.deb 8bdb225a3eec608637922d4097002a716b102113 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els11_amd64.deb 8a4b2713a335fbd9ab8ab32338f3e3a18a25a3bb CLSA-2023:1689009273 TuxCare License Agreement 0 * SECURITY UPDATE: a heap buffer overflow vulnerability - debian/patches/CVE-2023-32324.patch: fix _cups_strlcpy() to exit immideately if a length of the source string is zero - CVE-2023-32324 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a heap buffer overflow vulnerability - debian/patches/CVE-2023-32324.patch: fix _cups_strlcpy() to exit immideately if a length of the source string is zero - CVE-2023-32324

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 4bd68d3d3c21ce89078d1c167d87af6ceebe4765 cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 2645647737120ffb96c6c9490cadc4da7a9d92ed cups-client_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb c1316441ffc332ebe18e345b7d63749cd9e50754 cups-common_2.1.3-4ubuntu0.11+tuxcare.els2_all.deb 6227cc9f576e41f9fb76d3327ec16bb210a77dfa cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb a3db847c409c2cc83f6bf0d9af73207f38a5fa1b cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 39614faa8b6a53bdff04e66636e63a31931c14d9 cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 70c7cb12bb8acf8bb24ae29f54f080b48be3b6c2 cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 00989673bd99ed4f367102f7e868d7a09e78bd30 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els2_all.deb 07bd975dc47a944af2651485af0b365079262794 libcups2_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 45e655c73ad88e7d0e45460de6e132e21ee20fe3 libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 8486a02d0f3708d9c08d634d312a959132d41b7b libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 9126448e072506e27f216bbb2288f3cdf6357b5e libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb c858933d703f15350ca407e8f0ae8b83c3a16188 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb f6e546911041c039b70e59768ab9b98e302874a3 libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb fe359b10d09197879f505a0848870988c8cc6673 libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb 3ab0c7316eb0e450e1702e8be5800378c8bfa47a libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb bc17450bf47ae2cbfb8217c35507e6df8d8b3c11 libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb f416235f771e92452d3916134e6eb3773b2b994d libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els2_amd64.deb e3f9b1ba098e082e7f03427249e7cbeeaf951a6a CLSA-2023:1689009395 TuxCare License Agreement 0 * Backport upstream releases 8u372 to 16.04 LTS * CVEs fixed in 8u372: - CVE-2023-21930: Improper connection handling during TLS handshake - CVE-2023-21937: Missing string checks for NULL characters - CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder - CVE-2023-21939: Swing HTML parsing issue - CVE-2023-21954: Incorrect enqueue of references in garbage collector - CVE-2023-21967: Certificate validation issue in TLS session negotiation - CVE-2023-21968: Missing check for slash characters in URI-to-path conversion * CVEs fixed in 8u362: - CVE-2023-21830: Improper restrictions in CORBA deserialization - CVE-2023-21843: Soundbank URL remote loading * debian/rules: remove IcedTeaPlugin.so reference (LP: #2016396) * debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre is set up * Drop applied jdk8u-get-datetime-string.patch Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream releases 8u372 to 16.04 LTS * CVEs fixed in 8u372: - CVE-2023-21930: Improper connection handling during TLS handshake - CVE-2023-21937: Missing string checks for NULL characters - CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder - CVE-2023-21939: Swing HTML parsing issue - CVE-2023-21954: Incorrect enqueue of references in garbage collector - CVE-2023-21967: Certificate validation issue in TLS session negotiation - CVE-2023-21968: Missing check for slash characters in URI-to-path conversion * CVEs fixed in 8u362: - CVE-2023-21830: Improper restrictions in CORBA deserialization - CVE-2023-21843: Soundbank URL remote loading * debian/rules: remove IcedTeaPlugin.so reference (LP: #2016396) * debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre is set up * Drop applied jdk8u-get-datetime-string.patch

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb a383f034711513d3dde04d422f4bfe513f1c336e openjdk-8-doc_8u372-ga-0ubuntu1~16.04+tuxcare.els1_all.deb d4d1f14b6b0bf3d07351b29e243cbd5de6e098f2 openjdk-8-jdk_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb dfab50371e839af23db49a8f3d8de928790404dc openjdk-8-jdk-headless_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 0bcac22ea67f3ad0f655bdb1ca283a7be1220a57 openjdk-8-jre_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 2e6d66bb32e15c2bb58057ad0aebf7ac97832f9b openjdk-8-jre-headless_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 2a3442b853a7aad9d2e10355d942ff8b8f0a3065 openjdk-8-jre-jamvm_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 0528ce22f054c93ef848b28a37dcb89f8c0be937 openjdk-8-jre-zero_8u372-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 684815b78047d15f01d4edf47654f691ac680a22 openjdk-8-source_8u372-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 0017213c78e51d56baede2d00fcd3808401db1d1 CLSA-2023:1689009659 TuxCare License Agreement 0 * Backport the package from Ubuntu 18.04: * New upstream version 2023c: - Egypt now uses DST again, from April through October. - This year Morocco springs forward April 23, not April 30. - Palestine delays the start of DST this year. - Much of Greenland still uses DST from 2024 on. * The contents of previous tzdata releases can be found at https://mm.icann.org/pipermail/tz-announce. * Update debconf template and translations. * Correct wrong fuzzy translations. * Check that the old SystemV timezones are still available. * debian/watch: Switch from failing ftp to https. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport the package from Ubuntu 18.04: * New upstream version 2023c: - Egypt now uses DST again, from April through October. - This year Morocco springs forward April 23, not April 30. - Palestine delays the start of DST this year. - Much of Greenland still uses DST from 2024 on. * The contents of previous tzdata releases can be found at https://mm.icann.org/pipermail/tz-announce. * Update debconf template and translations. * Correct wrong fuzzy translations. * Check that the old SystemV timezones are still available. * debian/watch: Switch from failing ftp to https.

0 tuxcare-ubuntu16.04-els tzdata_2023c-0ubuntu0.16.04+tuxcare.els1_all.deb c102c2627b3149537b86eec2e4d4701cfa07566f CLSA-2023:1689258261 TuxCare License Agreement 0 * SECURITY UPDATE: undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546) - debian/patches/CVE-2023-34151.patch: properly cast double to size_t - CVE-2023-34151 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546) - debian/patches/CVE-2023-34151.patch: properly cast double to size_t - CVE-2023-34151

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb a690ac8bae553db7cc0d9227d20c594fa3ac78df imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb c08fe828b763f2230966f8f2790614133226a80a imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 8c3cff9c7b875c0d0d70615142df40b382b76dea imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 9d64f6465ff53d9708e75fe8a24acfce949000b7 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 4aa97a75e63926d818e6b76954f978e53c54590c libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb cb41c419858e97b43b3541ed42e6477bb8f47db5 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 3b90a19a0ddcf24ff32b5dd337f09e11a043bdff libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb 7db6917766e277f950fc4cbbfa427ef85bb50dd8 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb eb2dd60c7451843052d68d5cd8ef5bdec323e397 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb f95bc9c91aedad38dd3f751047484d8f089dec8c libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb 67dcdf2959534251ec2c994bcff9e6d64c60d070 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 4db14303878aa3f666c6a0d86c56faa4bb761c1b libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb 2c826d9a96836e9c2ccb0b35619b962058d37ea3 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb 3c6aa8830ba9bed171771376a7c18086a16961f1 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb 429a3019ab63f9dd3ee3216afbf87ca42de8da5b libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 8c0e5d7e744d418c26a37107e0afc98e2b6eede9 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb b485cc2f7bb9837741e9f31a16d5eff64cbd4a29 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb b39dc65714b3039b5b17f75ea10bc4666fe39cb6 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els7_amd64.deb 8b5ef8a7e0bc63e6b25fff9f1e6b4b87d39e11f2 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 94b1b83375df2236ba3d44f38abb57d9286b2d96 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els7_all.deb 1593ee014562772e958ce60f79bb737ee3bcd537 CLSA-2023:1689258488 TuxCare License Agreement 0 * SECURITY UPDATE: control characters are not escaped - debian/patches/CVE-2023-2848x.patch: escape control chars - CVE-2023-28486 - CVE-2023-28487 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: control characters are not escaped - debian/patches/CVE-2023-2848x.patch: escape control chars - CVE-2023-28486 - CVE-2023-28487

0 tuxcare-ubuntu16.04-els sudo_1.8.16-0ubuntu1.11+tuxcare.els2_amd64.deb 0f724e58c2d7e9be5b73c3cf08dae679de83676a sudo-ldap_1.8.16-0ubuntu1.11+tuxcare.els2_amd64.deb d97b04a0306fcea0a54b90d6e72cf91da5c5574d CLSA-2023:1689700365 TuxCare License Agreement 0 * SECURITY UPDATE: null pointer dereference in ber_memalloc_x() - debian/patches/CVE-2023-2953.patch: added check for strdup failure in ldif_open_url, ldap_url_parsehosts. - CVE-2023-2953 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: null pointer dereference in ber_memalloc_x() - debian/patches/CVE-2023-2953.patch: added check for strdup failure in ldif_open_url, ldap_url_parsehosts. - CVE-2023-2953

0 tuxcare-ubuntu16.04-els ldap-utils_2.4.42+dfsg-2ubuntu3.13.tuxcare.els2_amd64.deb 52aa728283e9c2abe778e1081c1c108cb25562b7 libldap-2.4-2_2.4.42+dfsg-2ubuntu3.13.tuxcare.els2_amd64.deb 617a495c071e06479b34e4dd71d66509bc25b49f libldap2-dev_2.4.42+dfsg-2ubuntu3.13.tuxcare.els2_amd64.deb 3d9f226338ab0945685352444413a6311c7f709e slapd_2.4.42+dfsg-2ubuntu3.13.tuxcare.els2_amd64.deb 2a4a05e76548990050f90485d3c94c789d0d2831 slapd-smbk5pwd_2.4.42+dfsg-2ubuntu3.13.tuxcare.els2_amd64.deb f15c7efa0c4de07090362b238d9a64f1b152f878 CLSA-2023:1689700476 TuxCare License Agreement 0 * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verify_SSL=>1 to HTTP::Tiny default configuration - CVE-2023-31486 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verify_SSL=>1 to HTTP::Tiny default configuration - CVE-2023-31486

0 tuxcare-ubuntu16.04-els libperl-dev_5.22.1-9ubuntu0.9+tuxcare.els3_amd64.deb 761fa45de3fa753c6ae4b8d04a392165cd38017b libperl5.22_5.22.1-9ubuntu0.9+tuxcare.els3_amd64.deb f1c01c9c465c4470706375f9f9f37c040cd13fc6 perl_5.22.1-9ubuntu0.9+tuxcare.els3_amd64.deb 38986ed33afb5777b36e6eae6a087b81745a9b03 perl-base_5.22.1-9ubuntu0.9+tuxcare.els3_amd64.deb f98c7617829963790e2ffefc23d0139220ac54de perl-debug_5.22.1-9ubuntu0.9+tuxcare.els3_amd64.deb e78bd8083f7d5e9d114f1332014e44b91c621a86 perl-doc_5.22.1-9ubuntu0.9+tuxcare.els3_all.deb 859a389e06b0fcb51e8e58e7f4c6cdb7387b5861 perl-modules-5.22_5.22.1-9ubuntu0.9+tuxcare.els3_all.deb 7db9b5dd77820e2eb7589095c4a1d10c08c757ea CLSA-2023:1689885838 TuxCare License Agreement 0 * SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2-v2.7.patch: Start stripping C0 control and space chars in `urlsplit` - debian/patches/CVE-2023-24329-v2.7.patch: Fix test_attributes_bad_scheme to check for non-ascii symbol as first character of url - CVE-2023-24329 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2-v2.7.patch: Start stripping C0 control and space chars in `urlsplit` - debian/patches/CVE-2023-24329-v2.7.patch: Fix test_attributes_bad_scheme to check for non-ascii symbol as first character of url - CVE-2023-24329

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_all.deb f5cbc4dac8051829854d6c1df6bef47357e9d423 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb 6fec3775f46920ade23d18017e54b0efbd0b1208 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb d3066b5ff09ab6b47a0028ceb8bd33f01e3db4a8 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb 5c68825deecaf6d59a7ddd04c7597fbc1fa9be88 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb ce6496efff46cf2e76975651b3775e7ae6dc767f libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_all.deb 243cf1339489b8b80a03072ff9e891d4075bd1cf python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb 41c40785d064d424e5567c28be37f99a2f82c8e8 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb 99e2750aba4c8f9620f1e38e2c40a208f7490f5a python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_all.deb 79e5cd1c0649593d5956b45e015956cc40163e9c python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_all.deb dbeef8ef34fd095d3da0ca0f1af857dc2053de13 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els7_amd64.deb fda2f23bba32b017368fa26305b9e520e2abd56d CLSA-2023:1689885970 TuxCare License Agreement 0 * SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: Start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: Start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_all.deb 8ddefe42d95003de08e95811dd828cd56fd73736 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb bd51c5dbebf3432ebe33b945935870b74b912a04 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb 09bdd7824f28de9eaaad268094fddfd98c176b92 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb 282419452b34e16a1cd9af15996de54a5d6e38f0 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb d466dc084ec361bd05f312d600b0acd126e754a3 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_all.deb df0d3046012788e9785bab4c4f2cc1fd1f240b05 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb 4744a5ede20f7696b7b36ba6d4a516a03ed8ec7c python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb 50d46fce2bf6b03e46aaf155d1267410abc224ec python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_all.deb 4d9f78b11d3025fc18423f555849cfe783e126a7 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_all.deb 0b5f87eea77a8f8ef2ed31c86640cbd6eaaa768b python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb e624adb7481f1a9d721a921c43578bd648c6d2af python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els9_amd64.deb 299c86b0e98cf2b3c5505b85008b8e1bf6716186 CLSA-2023:1690395161 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovl_rename() * CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 * Jammy update: v5.15.93 upstream stable release (LP: #2012665) // CVE-url: https://ubuntu.com/security/CVE-2023-3161 - fbcon: Check font dimension limits * CVE-url: https://ubuntu.com/security/CVE-2021-3753 - vt_kdsetmode: extend console locking * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - Btrfs: fill relocation block rsv after allocation - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovl_rename() * CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 * Jammy update: v5.15.93 upstream stable release (LP: #2012665) // CVE-url: https://ubuntu.com/security/CVE-2023-3161 - fbcon: Check font dimension limits * CVE-url: https://ubuntu.com/security/CVE-2021-3753 - vt_kdsetmode: extend console locking * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - Btrfs: fill relocation block rsv after allocation - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb 80ad370d54aa129027f6542706577e10c5e1d513 linux-buildinfo-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb aa651f63afe24a5e92554e83c3c83e1aa897de9e linux-cloud-tools-4.4.0-242-tuxcare.els13_4.4.0-242.276_amd64.deb d62214e4182bb9cfcaaef22af5839b838fd2ad99 linux-cloud-tools-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb b331093ffa7a7c461f31e1a8bf4ca80e9b9f34bc linux-cloud-tools-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb 42fecd68c2e63b64f45f3ad7b5bd047d3753a01a linux-cloud-tools-common_4.4.0-242.276_all.deb e7901b4b699aab22259811ba956b3775818421d1 linux-cloud-tools-generic_4.4.0.242.276_amd64.deb 390a0dbcf6430d8f64fa7100cbe994ea8072b2c0 linux-cloud-tools-lowlatency_4.4.0.242.276_amd64.deb b75494dfd2a15b681015b8a46b0dcddf605cf3a0 linux-crashdump_4.4.0.242.276_amd64.deb d00da2cbc83f7ba6d2cfcf21693852a163e8ed71 linux-doc_4.4.0-242.276_all.deb dcaef169268e9f8b05fc0e511b2d579ad68a95ff linux-generic_4.4.0.242.276_amd64.deb 0033da93cd1ff78a40fa53354057bb8f393a40fd linux-headers-4.4.0-242-tuxcare.els13_4.4.0-242.276_all.deb 539284f1afa89d81bb6cf60c34d1abdfd8bf91ba linux-headers-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb b097fc59204e749710ddc3971aeb9d1d8539b6e6 linux-headers-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb df1556ccf2471dc694cb01b33e2cb9922c4db964 linux-headers-generic_4.4.0.242.276_amd64.deb c9e8280611d4cb4c0d91a78aa5187aa9339341a0 linux-headers-lowlatency_4.4.0.242.276_amd64.deb 7a4e0b88c03ecb3699279d9409cdc0695eadd0de linux-image-generic_4.4.0.242.276_amd64.deb 6445b600666c539de345f88072e3c32cbd120512 linux-image-lowlatency_4.4.0.242.276_amd64.deb 9acc204ea68728dc680168e58a3a42c2dec79536 linux-image-unsigned-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb f764438bb8c0b0ff3bffed58a539450b8230cea6 linux-image-unsigned-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb e0f6e0ad8c6517f88d342ef3db4544f96aa73c23 linux-libc-dev_4.4.0-242.276_amd64.deb 1424971575c2619635f9b18de953185b4bf9d8a8 linux-lowlatency_4.4.0.242.276_amd64.deb 3868d090122d34c481c9588a270ab2032c2b20bb linux-modules-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb 68c7e17403625d13df63661cf38b1c8a3ca5a052 linux-modules-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb 341e7ef14a6a75a9b251bf528b4e9e7f76d11c53 linux-modules-extra-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb aad2b5f1d45e845a884a11438b95a9403126116c linux-source_4.4.0.242.276_all.deb e43d6847df944af65a48f8b01816184bc9e6aaf9 linux-source-4.4.0_4.4.0-242.276_all.deb 61f9df2b6655d342aafd6ae3bf513f057d442679 linux-tools-4.4.0-242-tuxcare.els13_4.4.0-242.276_amd64.deb a022e628f2922242863202b2157f5d4551db0ec7 linux-tools-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb b37e834e48ec3bb5af29fee0f9551df59a98a60b linux-tools-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb c9675d30e249a05d6ee87fec4de7009ad4b34e36 linux-tools-common_4.4.0-242.276_all.deb 51e42bc8adb41debddffd4d12b1768aee2e471d8 linux-tools-generic_4.4.0.242.276_amd64.deb 78f27fcd7c7a627378c3090da84b032a05d8794e linux-tools-host_4.4.0-242.276_all.deb deb54ee60b4306e499f832254fe75ea7c1f0d4cc linux-tools-lowlatency_4.4.0.242.276_amd64.deb bd1e1f74578b1be86f2a29cb813c85de071fe330 CLSA-2023:1690395540 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovl_rename() * CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 * Jammy update: v5.15.93 upstream stable release (LP: #2012665) // CVE-url: https://ubuntu.com/security/CVE-2023-3161 - fbcon: Check font dimension limits * CVE-url: https://ubuntu.com/security/CVE-2021-3753 - vt_kdsetmode: extend console locking * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - Btrfs: fill relocation block rsv after allocation - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovl_rename() * CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 * Jammy update: v5.15.93 upstream stable release (LP: #2012665) // CVE-url: https://ubuntu.com/security/CVE-2023-3161 - fbcon: Check font dimension limits * CVE-url: https://ubuntu.com/security/CVE-2021-3753 - vt_kdsetmode: extend console locking * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - Btrfs: fill relocation block rsv after allocation - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb 80ad370d54aa129027f6542706577e10c5e1d513 linux-buildinfo-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb aa651f63afe24a5e92554e83c3c83e1aa897de9e linux-cloud-tools-4.4.0-242-tuxcare.els13_4.4.0-242.276_amd64.deb d62214e4182bb9cfcaaef22af5839b838fd2ad99 linux-cloud-tools-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb b331093ffa7a7c461f31e1a8bf4ca80e9b9f34bc linux-cloud-tools-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb 42fecd68c2e63b64f45f3ad7b5bd047d3753a01a linux-cloud-tools-common_4.4.0-242.276_all.deb e7901b4b699aab22259811ba956b3775818421d1 linux-cloud-tools-generic_4.4.0.242.276_amd64.deb 390a0dbcf6430d8f64fa7100cbe994ea8072b2c0 linux-cloud-tools-lowlatency_4.4.0.242.276_amd64.deb b75494dfd2a15b681015b8a46b0dcddf605cf3a0 linux-crashdump_4.4.0.242.276_amd64.deb d00da2cbc83f7ba6d2cfcf21693852a163e8ed71 linux-doc_4.4.0-242.276_all.deb dcaef169268e9f8b05fc0e511b2d579ad68a95ff linux-generic_4.4.0.242.276_amd64.deb 0033da93cd1ff78a40fa53354057bb8f393a40fd linux-headers-4.4.0-242-tuxcare.els13_4.4.0-242.276_all.deb 539284f1afa89d81bb6cf60c34d1abdfd8bf91ba linux-headers-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb b097fc59204e749710ddc3971aeb9d1d8539b6e6 linux-headers-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb df1556ccf2471dc694cb01b33e2cb9922c4db964 linux-headers-generic_4.4.0.242.276_amd64.deb c9e8280611d4cb4c0d91a78aa5187aa9339341a0 linux-headers-lowlatency_4.4.0.242.276_amd64.deb 7a4e0b88c03ecb3699279d9409cdc0695eadd0de linux-image-generic_4.4.0.242.276_amd64.deb 6445b600666c539de345f88072e3c32cbd120512 linux-image-lowlatency_4.4.0.242.276_amd64.deb 9acc204ea68728dc680168e58a3a42c2dec79536 linux-image-unsigned-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb f764438bb8c0b0ff3bffed58a539450b8230cea6 linux-image-unsigned-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb e0f6e0ad8c6517f88d342ef3db4544f96aa73c23 linux-libc-dev_4.4.0-242.276_amd64.deb 1424971575c2619635f9b18de953185b4bf9d8a8 linux-lowlatency_4.4.0.242.276_amd64.deb 3868d090122d34c481c9588a270ab2032c2b20bb linux-modules-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb 68c7e17403625d13df63661cf38b1c8a3ca5a052 linux-modules-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb 341e7ef14a6a75a9b251bf528b4e9e7f76d11c53 linux-modules-extra-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb aad2b5f1d45e845a884a11438b95a9403126116c linux-source_4.4.0.242.276_all.deb e43d6847df944af65a48f8b01816184bc9e6aaf9 linux-source-4.4.0_4.4.0-242.276_all.deb 61f9df2b6655d342aafd6ae3bf513f057d442679 linux-tools-4.4.0-242-tuxcare.els13_4.4.0-242.276_amd64.deb a022e628f2922242863202b2157f5d4551db0ec7 linux-tools-4.4.0-242-tuxcare.els13-generic_4.4.0-242.276_amd64.deb b37e834e48ec3bb5af29fee0f9551df59a98a60b linux-tools-4.4.0-242-tuxcare.els13-lowlatency_4.4.0-242.276_amd64.deb c9675d30e249a05d6ee87fec4de7009ad4b34e36 linux-tools-common_4.4.0-242.276_all.deb 51e42bc8adb41debddffd4d12b1768aee2e471d8 linux-tools-generic_4.4.0.242.276_amd64.deb 78f27fcd7c7a627378c3090da84b032a05d8794e linux-tools-host_4.4.0-242.276_all.deb deb54ee60b4306e499f832254fe75ea7c1f0d4cc linux-tools-lowlatency_4.4.0.242.276_amd64.deb bd1e1f74578b1be86f2a29cb813c85de071fe330 CLSA-2023:1691082298 TuxCare License Agreement 0 * Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.62. - The following certificate authorities were added (+): + "BJCA Global Root CA1" + "BJCA Global Root CA2" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.62. - The following certificate authorities were added (+): + "BJCA Global Root CA1" + "BJCA Global Root CA2"

0 tuxcare-ubuntu16.04-els ca-certificates_20230629~16.04.1ubuntu0.1+tuxcare.els1_all.deb e6abb17931305ee053ddf24b7cd0da2cc45e4939 CLSA-2023:1691082636 TuxCare License Agreement 0 * Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.62. - The following certificate authorities were added: # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.62. - The following certificate authorities were added: # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2"

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els6_amd64.deb 1f35e36e1588849ce49ea78ee2eb5ec7d304bbd2 libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els6_amd64.deb 86a93e7ab2ffd77758841a1937560bc98bd5dc40 libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els6_amd64.deb 406e3cc1aca17c9f782a3bdb0689340960afa57d libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els6_all.deb b8a65110f13489895f06d01620038da835c1ae4d libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els6_amd64.deb e86c8047ca76de6887f4bf3a66e3a8ebf5600511 CLSA-2023:1691082968 TuxCare License Agreement 0 * SECURITY UPDATE: use-after-free bug - debian/patches/CVE-2023-34241.patch: Log result of httpGetHostname BEFORE closing the connection - CVE-2023-34241 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use-after-free bug - debian/patches/CVE-2023-34241.patch: Log result of httpGetHostname BEFORE closing the connection - CVE-2023-34241

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb dc714508fd702870ebb078361210e2598977c439 cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 1ba887f46e4699e2aff6b1bdb99419e11663f6bc cups-client_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb ec370a322cd1e55db8bed0bdc66aa8d6e5d97347 cups-common_2.1.3-4ubuntu0.11+tuxcare.els3_all.deb 95279d731007f322d2899c36d8424f16bbf61ff2 cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb f544b451ec5f2bc67388c76826bc13602adfba0f cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 45407ba2f3b284cf24de9805a9d1edba3f42fc9f cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb c2c3264156734b1ba3d3252164382faadeedf67b cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 92d363da7cb7066d39dca255b66c7cb8480e1147 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els3_all.deb 7346579a01128045e5798725d587b1d7fa7fed17 libcups2_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 3cf9a668612d2b76eba834ce0913e5911f91b357 libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb c82847193da59aca297bbfc0e845abfa2642ac1c libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 0c06d795b6d939b7b1f2b9558a28233f49d63cfc libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb d835aa9b2c5efeeab4e3c9d5ad8bce58972726a8 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 9a650f19e851dfe3a0fe8fb7eefbbb10c7bedf7f libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 75897d1880d6697f7a61bf33696610882a45aa97 libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 35f45eff57cac245fbd07fa0c06e6a52d08e655e libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 20dc28d54fd53afac0dbf39d20fb40a0b0465711 libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 886187a613b64ae61995fe03e62abf362d1aa4e0 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els3_amd64.deb 4d98e9cafd4c838941bd82993ee5871a9a991a06 CLSA-2023:1691576076 TuxCare License Agreement 0 * SECURITY UPDATE: cache size limit exceeding may cause Denial of Service - debian/patches/CVE-2023-2828.patch: prevents the cache going over the configured memory limit (`max-cache-size`) - CVE-2023-2828 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: cache size limit exceeding may cause Denial of Service - debian/patches/CVE-2023-2828.patch: prevents the cache going over the configured memory limit (`max-cache-size`) - CVE-2023-2828

0 tuxcare-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 0aa143eed12bb0d082956be97e3506c5c708303f bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_all.deb 1eeb8a36a7935148906369087487e451603e9f71 bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb ef68606fbcc23ca63c4772fe163fc77e56875a22 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 2697ca88c71e9b5fa10bbfc03edb5ab85873affc dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb c0ea59ce89113e3037767382316e430565622547 host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_all.deb ca7c89dbffaa20cf3075250d22c1dd874bb87b03 libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 2e1cfbc8403b9d6c57e9224e1190a96fec0027f2 libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb b74a56cba853de75d673a67465033b0e8bd19e45 libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb b5d0f6951170dae488201b07c0b8f52750003e53 libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 99eff938180b508f5df0284448c6de5faf52de58 libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb fb2a632d936a53645a0b2a1f8e0256f525c7cfdb libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 6296fe1a8db0f849407070e2cad05c474c28d9b8 libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb be20bf52658660ce4f0bea4386ad3548fb7641ef libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb b5b00cf2c470eb7ac7130da9c49322c15e460487 libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb e67e92e9a8a7f188c83f3b567b1712fb3e3bf312 libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 0ad2787931baf410aed26529974bef580360becf libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 9cf0b4769c4b4e9d0d138f4637748929b266d48e libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 09a2f956cb6629bfa47823d63bb7fd84da439666 libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb a3d3514e62cb284a24cc2cc4958aba262d5f99b9 liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 1b6b86d2bd15224292592ac27968ae02d79f8660 lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els5_amd64.deb 43d5834d9269ec0d0b3b2e1b824187de46934b67 CLSA-2023:1691576181 TuxCare License Agreement 0 * SECURITY UPDATE: infinite loop vulnerability in mdssvc RPC service for Spotlight - debian/patches/CVE-2023-34966.patch: prevents an infinite loop by preventing subcount less than 1. Add test for addressed CVE. - CVE-2023-34966 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: infinite loop vulnerability in mdssvc RPC service for Spotlight - debian/patches/CVE-2023-34966.patch: prevents an infinite loop by preventing subcount less than 1. Add test for addressed CVE. - CVE-2023-34966

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 292461d07b0dfc8de7a2c2ea35f438ef3c9836b4 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb e1434ef3ca42a3b6e58b1dce90171cbc96156d65 libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 6f4d968a5cc2a9746b190796bbc71652f6c64de3 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb d4139efbcdf62bcb8d0f07e42828a7974ebbd15a libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 384a3d34f57bd73cc3beacb9ce23ed401287862b libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 7456f9ba968f76faa2d244aa460e2afc3add8126 libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 57f7bb191970d4a9e366a0f7e04b982c7a69028c libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 519fb09a40562502136c1745c4b6065a24cd9989 python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 43ed6409ef00b79652416f29e55fccddb509005d registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb eb2c73f271e32c40ee4647d5436d8eb641b6428b samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 6596f833441a5bdcd3e0d0ab61e2f7bdeaaacc23 samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_all.deb 89aba76fd945bddd14fafe6ff3800d7f12c4ae10 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 1e902ed5f2f2763c116c7b6dba25914b572ee94d samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 31c7519952563d25ebd1602b61fc88c7c0cd3ec4 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 1cb08fb1c43e084b21033a9d9f84ed4242efe154 samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb 12b078ec2ad5d90efb7245c06b4addb03a92bfe7 samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb a20d96cb19bf1347155701116db87d70afc9b8c4 samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb b828b7bc9f6dc32963f99599bed4045c609f40ee smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb f65e9f0c08668f2d6a4c2095884288a918f8f0e7 winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els5_amd64.deb e7f6e468513de4769c68cb6e0bb69ad2d3626b33 CLSA-2023:1691576279 TuxCare License Agreement 0 * SECURITY UPDATE: helper programs can dlopen()/dlclose() any libraries from /usr/lib - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch: checks libraries before dlopen - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch: separate ssh-pkcs11-helpers for each p11 module - CVE-2023-38408 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: helper programs can dlopen()/dlclose() any libraries from /usr/lib - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch: checks libraries before dlopen - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch: separate ssh-pkcs11-helpers for each p11 module - CVE-2023-38408

0 tuxcare-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els2_amd64.deb 66bb61df671c57faef19b182108e7d6c613a2a25 openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els2_amd64.deb 7d7b8d068712ef334798515b02fadcb0fe7973e0 openssh-server_7.2p2-4ubuntu2.10+tuxcare.els2_amd64.deb 8788eabdbc4352ab3e1334d25615ed5e516a2aff openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els2_amd64.deb c0901e95b0a41fc6584449bb8bf4e3235093d6b1 ssh_7.2p2-4ubuntu2.10+tuxcare.els2_all.deb 9d109b9176260a4f26412502b6bec60f0352a83d ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els2_amd64.deb cb7c430c5629bed2e0fa017997bbb5a6cd2ac10c ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els2_all.deb be7e3ee15e1c0b75977cfc2119bd9ecde61965ba CLSA-2023:1691576392 TuxCare License Agreement 0 * SECURITY UPDATE: Fix file description leak - debian/patches/CVE-2023-38408-Fix-file-description-leak.patch: Fix the leak in pkcs11_start_helper() - CVE-2023-38408 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix file description leak - debian/patches/CVE-2023-38408-Fix-file-description-leak.patch: Fix the leak in pkcs11_start_helper() - CVE-2023-38408

0 tuxcare-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els3_amd64.deb e74cff67b42be968828371fc8a58415b416cc6cf openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els3_amd64.deb eaa22eaec207ca1e6f7c89488bfb5349f3e1d2c2 openssh-server_7.2p2-4ubuntu2.10+tuxcare.els3_amd64.deb a9ce3c255a9c2685228ca9eab20fb075aaedb26c openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els3_amd64.deb 6d49c99e15e15c56b9ae52a3bdb097bbf2316c8c ssh_7.2p2-4ubuntu2.10+tuxcare.els3_all.deb eb5a6ed4e3dd3a9d3006bd20eb9b29fdb1273165 ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els3_amd64.deb 60201255710db3081fa4fa167ace56e2d748c7c6 ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els3_all.deb 28197306848c53ee1c0ef4b76200530070415b35 CLSA-2023:1692110711 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2023-07-19: + New Microcodes for 17h family: sig 0x00800f82, sig 0x00830f10, sig 0x008a0f00; + New Microcodes for 19h family: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; + Updated microcodes of 17h family: sig 0x00800f12; * SECURITY UPDATE: ZenBleed issue for some CPUs: - CPUs firmware updated up to 2023-07-19 - CVE-2023-20593 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2023-07-19: + New Microcodes for 17h family: sig 0x00800f82, sig 0x00830f10, sig 0x008a0f00; + New Microcodes for 19h family: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; + Updated microcodes of 17h family: sig 0x00800f12; * SECURITY UPDATE: ZenBleed issue for some CPUs: - CPUs firmware updated up to 2023-07-19 - CVE-2023-20593

0 tuxcare-ubuntu16.04-els amd64-microcode_3.20230719.1ubuntu0.16.04.2+tuxcare.els1_amd64.deb 95e2814f00dc7b6666955d4d9235da791fc68301 CLSA-2023:1692110840 TuxCare License Agreement 0 * SECURITY UPDATE: Fix buffer overflow - debian/patch/CVE-2018-7409: fix unicode_to_ansi_copy(), don't include NUL-terminator in length in unicode_to_ansi_alloc(), make sure that the error handling doesn't overrun the buffer - CVE-2018-7409 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix buffer overflow - debian/patch/CVE-2018-7409: fix unicode_to_ansi_copy(), don't include NUL-terminator in length in unicode_to_ansi_alloc(), make sure that the error handling doesn't overrun the buffer - CVE-2018-7409

0 tuxcare-ubuntu16.04-els libodbc1_2.3.1-4.1+tuxcare.els1_amd64.deb 2a2384072dc49bc022e6a4be321a0c25df863e63 odbcinst_2.3.1-4.1+tuxcare.els1_amd64.deb 49987638579062274b4991828929b069f9e2005f odbcinst1debian2_2.3.1-4.1+tuxcare.els1_amd64.deb 793798101011c3712dda56f559450ecc786d2691 unixodbc_2.3.1-4.1+tuxcare.els1_amd64.deb 4fd49e14eae97679617fd5cb00ce5acf2f970b99 unixodbc-dev_2.3.1-4.1+tuxcare.els1_amd64.deb f3e034f66e82823fb4207c1db72d88c7c195fea4 CLSA-2023:1692295986 TuxCare License Agreement 0 * SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2022-37705.patch: filter tar options - CVE-2022-37705 * SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2023-30577.patch: introduce tar option allow list - CVE-2023-30577 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2022-37705.patch: filter tar options - CVE-2022-37705 * SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2023-30577.patch: introduce tar option allow list - CVE-2023-30577

0 tuxcare-ubuntu16.04-els amanda-client_3.3.6-4.1+tuxcare.els1_amd64.deb 668e8ba1ff37559d785e586d6f3756e92a902b46 amanda-common_3.3.6-4.1+tuxcare.els1_amd64.deb cbacaf5041068fe593fdcca726b0fcecdf720ba8 amanda-server_3.3.6-4.1+tuxcare.els1_amd64.deb 92a1e43bf14a9e996b493703967008401ff731ba CLSA-2023:1692296134 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-05-12 - New microcodes: sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712 sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960 sig 0x000606c1, pf_mask 0x10, 2023-01-27, rev 0x1000230, size 289792 sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664 sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400 sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472 sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472 sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256 sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424 sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 * source: update symlinks to reflect id of the latest release, 20230512 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-05-12 - New microcodes: sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712 sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960 sig 0x000606c1, pf_mask 0x10, 2023-01-27, rev 0x1000230, size 289792 sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664 sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400 sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472 sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472 sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256 sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424 sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 * source: update symlinks to reflect id of the latest release, 20230512

0 tuxcare-ubuntu16.04-els intel-microcode_3.20230512.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb aec6485d61dfb36fc79904adc1d79d39453e3a7c CLSA-2023:1692817288 TuxCare License Agreement 0 * SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/php-7.1-CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 * SECURITY UPDATE: buffer mismanagement in phar_dir_read() - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read() - CVE-2023-3824 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/php-7.1-CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 * SECURITY UPDATE: buffer mismanagement in phar_dir_read() - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read() - CVE-2023-3824

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 20d8308086a5674424dd871c178d882a10032e7e libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 20949b81b3c21025685f565970560a676c4b7108 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_all.deb 340b7d1cf628dc66b2047bb1ba8ff5107fa85ed6 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb b6e9058483b54b14e49de2e58614c0b1a16113e7 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 1c9fa5643fda39866925410e0f3c3ea0a7d537ec php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 28fe1eeba3a2b3e2e3a773c861eccdf06f0fb64b php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 4c91e9a06197d7ad189e556731e17dece6dc18f4 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb a0edeaa6174b09134a8699b1ea1a5e23d876fc68 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 9deaeff9d19448508392241843a2d1f7844e4c37 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 5df3a2b76a85e91bf9dadc1c7148ac30d2c50885 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb eafd2425123173d927853243e4dd89abe8632bb7 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 537e18f3d125aa4098ac55307718e111279ebe52 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 7b61f5f2034197b8b673a4b8bfa70a823d5cf08b php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb d939d7b86f173397913ef72fb86b6f023aa71d50 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 917ba3d3049205e0436def1d307064e543154f9c php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb c871662d9ad78e31d75a3cd440aa872e3637c09c php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 04d0d6d938aaef314b8a7b038674f329b79897ea php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 8b916a2d16bee5722bcc86d1c2f31287ae22ffea php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 37f563cb99571cd7f8206cf80c0c73499fdf8afc php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 3890dd783e4eb85c3cfa12b95b530a8d1ec04dab php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 4410c76e6b64dfbe8180acc546ac93a1429f766b php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 238849574257867c79a2b42ec8fc65704a818183 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 3ad972e44cbd62a95f41dec0117eca88a42fb7a4 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 29d3d8c955f00d55f115f56517b01be0e267e494 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 13ca1fcd716438aa6e25be95dab34cf93f9cecec php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 65ee797125cd6d32524fe91632cb7ad6ee703016 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 7d17cb9c67023be276622799cd7e5258e03b36d3 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb bfa6d133d1efb89d744e9fe2a043b2bde8c90647 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 6e67eb6f418766ab9e4386859ba2edb2ab0acaa4 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb bdb2a95ddca74df280d4daacc8aea8a40d0bcf56 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 107180ebf4f385fcfe35f7d90d7b09d63c1053c9 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb a8b7018f19a337d6825191bc410845e403c993ff php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 0b7106297fbaf08dc277504203d846ce94aee164 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb ffca82cdd8d9f24b69291930085ffbf8036bbf21 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 1e97f69581a19335efe9affd1298d74ff40e432a php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 8438602241c4596ac6c7684bd193f382dcd4f278 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 932101e958c52e800cadf3ba09ab51f5abfad4e6 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_all.deb 1122b1d324321ee851a996ca43b5d1d8523e9042 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els6_amd64.deb 055acf91f5aa95aa8e8325a693ec0466041fa161 CLSA-2023:1693333574 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4387 - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-35001 // CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-3567 - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF * CVE-url: https://ubuntu.com/security/CVE-2023-0458 - prlimit: do_prlimit needs to have a speculation check * CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: fix use-after-free in ext4_xattr_set_entry * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h * CVE-url: https://ubuntu.com/security/CVE-2023-3159 - firewire: fix potential uaf in outbound_phy_packet_callback() * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4387 - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-35001 // CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-3567 - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF * CVE-url: https://ubuntu.com/security/CVE-2023-0458 - prlimit: do_prlimit needs to have a speculation check * CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: fix use-after-free in ext4_xattr_set_entry * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h * CVE-url: https://ubuntu.com/security/CVE-2023-3159 - firewire: fix potential uaf in outbound_phy_packet_callback() * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 6d8e789ef978b643c31acc577feffbdfd4bb3d20 linux-buildinfo-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 7e5e6a09bfdffda4620bad7a732c6d2f6c7f010b linux-cloud-tools-4.4.0-243-tuxcare.els14_4.4.0-243.277_amd64.deb 9caa52ab1cdb4cbb549d802730573e7efaecb6dd linux-cloud-tools-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 5a52257d83b36eb5ac9335f2a99506b9bf209106 linux-cloud-tools-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 83dae2b7b56d061de5f41e5b73621ea500699880 linux-cloud-tools-common_4.4.0-243.277_all.deb a49ec1e0d0d5a66e91c67cddde11bfc0b4e2f702 linux-cloud-tools-generic_4.4.0.243.277_amd64.deb 57bc48302ce10cfab73ae0cca9a84701d1bae32b linux-cloud-tools-lowlatency_4.4.0.243.277_amd64.deb 2c5c6c9e00c7437e93f2f8ac0033f8c967ba978a linux-crashdump_4.4.0.243.277_amd64.deb 701cd184a87ad66c0952055769eba8e0778cb4de linux-doc_4.4.0-243.277_all.deb 40e3775e08dc5e769b4d8f0b147f8798b9cd858e linux-generic_4.4.0.243.277_amd64.deb d05e0a52b3d9f19d3154a51c17b55ef50fa6eff8 linux-headers-4.4.0-243-tuxcare.els14_4.4.0-243.277_all.deb a3ae5d0ffd72d543bdeb1e5867cef57ec50c090d linux-headers-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 266609f8f1f1e839e6eb5dcd577447ddd6b39ad1 linux-headers-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 3f8e0c73359c426155c08f80048f8c1d2f62ad44 linux-headers-generic_4.4.0.243.277_amd64.deb dd803976f372522f924277aad270acd9fd126281 linux-headers-lowlatency_4.4.0.243.277_amd64.deb b59b24122e2e5fe68af3b3fa8e3fd2b74c8ed48c linux-image-generic_4.4.0.243.277_amd64.deb ae28a84f9495ce615fd61976baecc7adc972c115 linux-image-lowlatency_4.4.0.243.277_amd64.deb 60766c6fb2409558e03a3e36c2578bbe9f7e85a1 linux-image-unsigned-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 70b3e83ecdf2ab4ffb318931331dfe587ce53921 linux-image-unsigned-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 7a9822b4a93367799f0a8b9cdee6a084d8fa3dac linux-libc-dev_4.4.0-243.277_amd64.deb 1ddbe7dc5850036922f4b53bd81e1ee42a34e3c3 linux-lowlatency_4.4.0.243.277_amd64.deb 76a6c2ce75bc4f640a3c3a71f02f20aebc30a3f4 linux-modules-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 00c9d9168b43ea2818c02dbf94f1c3c1fd647790 linux-modules-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 5a743e37d4f1f67c19f6b9e08529465eb3644d20 linux-modules-extra-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 98441df0cf90647bb11ac5aca7311c772aeb6a5b linux-source_4.4.0.243.277_all.deb b624d2776742ecec753271f0354e395a6c290020 linux-source-4.4.0_4.4.0-243.277_all.deb f1f1b947daab9a72dd9eacfaccff8df4a455a364 linux-tools-4.4.0-243-tuxcare.els14_4.4.0-243.277_amd64.deb 856cd8025c2094ebf4efbb3017285922a528960b linux-tools-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 58a550dba0633c90c7c925220ba7483f3ee4faa3 linux-tools-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb b53c59e3b66599f48cfe3712d4aa951bc82245ef linux-tools-common_4.4.0-243.277_all.deb 52665617e3ac9b45701c8d7ab29e890cdeeaac86 linux-tools-generic_4.4.0.243.277_amd64.deb a91f6c3bc0b2a3baf17e6c5b16d5b61bf1442397 linux-tools-host_4.4.0-243.277_all.deb 43da6134a0056f73f7807bdef838e797e38efbf9 linux-tools-lowlatency_4.4.0.243.277_amd64.deb 0c1341a9070f44f466d78435500946fd64ce3430 CLSA-2023:1693333992 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4387 - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-35001 // CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-3567 - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF * CVE-url: https://ubuntu.com/security/CVE-2023-0458 - prlimit: do_prlimit needs to have a speculation check * CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: fix use-after-free in ext4_xattr_set_entry * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h * CVE-url: https://ubuntu.com/security/CVE-2023-3159 - firewire: fix potential uaf in outbound_phy_packet_callback() * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4387 - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-35001 // CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-3567 - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF * CVE-url: https://ubuntu.com/security/CVE-2023-0458 - prlimit: do_prlimit needs to have a speculation check * CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: fix use-after-free in ext4_xattr_set_entry * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h * CVE-url: https://ubuntu.com/security/CVE-2023-3159 - firewire: fix potential uaf in outbound_phy_packet_callback() * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 6d8e789ef978b643c31acc577feffbdfd4bb3d20 linux-buildinfo-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 7e5e6a09bfdffda4620bad7a732c6d2f6c7f010b linux-cloud-tools-4.4.0-243-tuxcare.els14_4.4.0-243.277_amd64.deb 9caa52ab1cdb4cbb549d802730573e7efaecb6dd linux-cloud-tools-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 5a52257d83b36eb5ac9335f2a99506b9bf209106 linux-cloud-tools-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 83dae2b7b56d061de5f41e5b73621ea500699880 linux-cloud-tools-common_4.4.0-243.277_all.deb a49ec1e0d0d5a66e91c67cddde11bfc0b4e2f702 linux-cloud-tools-generic_4.4.0.243.277_amd64.deb 57bc48302ce10cfab73ae0cca9a84701d1bae32b linux-cloud-tools-lowlatency_4.4.0.243.277_amd64.deb 2c5c6c9e00c7437e93f2f8ac0033f8c967ba978a linux-crashdump_4.4.0.243.277_amd64.deb 701cd184a87ad66c0952055769eba8e0778cb4de linux-doc_4.4.0-243.277_all.deb 40e3775e08dc5e769b4d8f0b147f8798b9cd858e linux-generic_4.4.0.243.277_amd64.deb d05e0a52b3d9f19d3154a51c17b55ef50fa6eff8 linux-headers-4.4.0-243-tuxcare.els14_4.4.0-243.277_all.deb a3ae5d0ffd72d543bdeb1e5867cef57ec50c090d linux-headers-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 266609f8f1f1e839e6eb5dcd577447ddd6b39ad1 linux-headers-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 3f8e0c73359c426155c08f80048f8c1d2f62ad44 linux-headers-generic_4.4.0.243.277_amd64.deb dd803976f372522f924277aad270acd9fd126281 linux-headers-lowlatency_4.4.0.243.277_amd64.deb b59b24122e2e5fe68af3b3fa8e3fd2b74c8ed48c linux-image-generic_4.4.0.243.277_amd64.deb ae28a84f9495ce615fd61976baecc7adc972c115 linux-image-lowlatency_4.4.0.243.277_amd64.deb 60766c6fb2409558e03a3e36c2578bbe9f7e85a1 linux-image-unsigned-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 70b3e83ecdf2ab4ffb318931331dfe587ce53921 linux-image-unsigned-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 7a9822b4a93367799f0a8b9cdee6a084d8fa3dac linux-libc-dev_4.4.0-243.277_amd64.deb 1ddbe7dc5850036922f4b53bd81e1ee42a34e3c3 linux-lowlatency_4.4.0.243.277_amd64.deb 76a6c2ce75bc4f640a3c3a71f02f20aebc30a3f4 linux-modules-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 00c9d9168b43ea2818c02dbf94f1c3c1fd647790 linux-modules-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb 5a743e37d4f1f67c19f6b9e08529465eb3644d20 linux-modules-extra-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 98441df0cf90647bb11ac5aca7311c772aeb6a5b linux-source_4.4.0.243.277_all.deb b624d2776742ecec753271f0354e395a6c290020 linux-source-4.4.0_4.4.0-243.277_all.deb f1f1b947daab9a72dd9eacfaccff8df4a455a364 linux-tools-4.4.0-243-tuxcare.els14_4.4.0-243.277_amd64.deb 856cd8025c2094ebf4efbb3017285922a528960b linux-tools-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb 58a550dba0633c90c7c925220ba7483f3ee4faa3 linux-tools-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb b53c59e3b66599f48cfe3712d4aa951bc82245ef linux-tools-common_4.4.0-243.277_all.deb 52665617e3ac9b45701c8d7ab29e890cdeeaac86 linux-tools-generic_4.4.0.243.277_amd64.deb a91f6c3bc0b2a3baf17e6c5b16d5b61bf1442397 linux-tools-host_4.4.0-243.277_all.deb 43da6134a0056f73f7807bdef838e797e38efbf9 linux-tools-lowlatency_4.4.0.243.277_amd64.deb 0c1341a9070f44f466d78435500946fd64ce3430 CLSA-2023:1693419056 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-08-08 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912 sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720 sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984 sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424 sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496 sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496 sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496 sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448 sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496 sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472 sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 - CVE-2022-40982, INTEL-SA-00828 - CVE-2023-23908, INTEL-SA-00836 - CVE-2022-41804, INTEL-SA-00837 * source: update symlinks to reflect id of the latest release, 20230808 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-08-08 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912 sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720 sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984 sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424 sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496 sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496 sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496 sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448 sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496 sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472 sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 - CVE-2022-40982, INTEL-SA-00828 - CVE-2023-23908, INTEL-SA-00836 - CVE-2022-41804, INTEL-SA-00837 * source: update symlinks to reflect id of the latest release, 20230808

0 tuxcare-ubuntu16.04-els intel-microcode_3.20230808.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a8207b02781260504ab5f8188f9c767e2283d315 CLSA-2023:1693419428 TuxCare License Agreement 0 * SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correct DH keys - CVE-2023-3817 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correct DH keys - CVE-2023-3817

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els8_amd64.deb 58c94bfb95ca853f23220f7838dda82a2e655f20 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els8_all.deb d3f75da26f33a30cad77a4fc7f8772bd10cc667d libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els8_amd64.deb ef53d3e5f3a41b41b947d054cab556592b6134c7 openssl_1.0.2g-1ubuntu4.21+tuxcare.els8_amd64.deb 22b74aabc50b4eb6dbe4bc94d99eead952570842 CLSA-2023:1693419616 TuxCare License Agreement 0 * Fixed possible memory leak - debian/patches/fix-possible-memory-leak.patch: added DestroyDrawInfo call when StringToList returns error. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fixed possible memory leak - debian/patches/fix-possible-memory-leak.patch: added DestroyDrawInfo call when StringToList returns error.

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 84af62702506c070b9f02596cfca06175c8e92fc imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb f81979823ed4b812f634fcf4a772772601c1d442 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 72e7192d962aaf6133dc0e0840c28206a6352580 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 4f7d5b5209f2c469acbbb3135f5d2c5f578cac9b libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 712f9a027afd1bb54c5c85615079d9e29b392adf libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 1b6d5e6045dbf767f093fe00af42a74f85d1b98d libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 8829ad0dbaa77d3a20d1edb877a87f1bb2099984 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 166ccef7c2b86abd5c3c7e2ac5f437a94261acf7 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 0a3cb07f4cce5afa64a9a1351ca3ee97fa2acdcf libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 05ca977b67d612288d7d01e8e9e789bb6ad13f31 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 8e7a49cfb49fd371e6fb135db55a19137c2e4cd9 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb e6aded33dde3a92dce386591169c9faf133f963b libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 6cf5fd9991ac3f86f0a4f6de6266c26db54ad306 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb c2c31902ff096f291338736b9036d85e9b7f0f49 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 8c26bc9235ade9135830bbd7962c2598e4bb462c libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb c41773915cb793c354dfe0a75f73c8bac6c5a1c8 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 07a1c23b945ebc205d2fe9fe32e8b6a826cd60cb libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb 41d0e82837b550ae5acd0a10b091e942acbef6c4 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els8_amd64.deb de78561ae9e9136de57dc869df63e899722b31f8 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb 940eee4189f656641479c7a339c848ec7604458d perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els8_all.deb b3decadb880658b606734a9404fabc2c3ef970b8 CLSA-2023:1693827322 TuxCare License Agreement 0 * Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 00e7d8b38deef31b0a1c65943f429e03b9d78407 linux-buildinfo-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb f3b19f9d4e804766d81eb8bc82fd436429da7f0d linux-cloud-tools-4.4.0-244-tuxcare.els15_4.4.0-244.278_amd64.deb fa4828a01020dc098d40bdf97bab37520a7d4213 linux-cloud-tools-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 88f90036406896a2874ce2840751237c054fac2b linux-cloud-tools-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb f3450cc1e4131a37a1347c42d77cc473f35ed38f linux-cloud-tools-common_4.4.0-244.278_all.deb 4f74134c31af3abb04600d1d7ac144dcf1fc50d6 linux-cloud-tools-generic_4.4.0.244.278_amd64.deb 9a55a11e5d7206b0fa0736f3f527187d805d3636 linux-cloud-tools-lowlatency_4.4.0.244.278_amd64.deb 87e6f8f442348879e82e3c33ed2f4d47f9c7f846 linux-crashdump_4.4.0.244.278_amd64.deb 8b4a881b17ef5ce144c6c15b5c525bb31580ad08 linux-doc_4.4.0-244.278_all.deb 9c6b8afcfda9bb1eeed97e5d1e12454f10e5293d linux-generic_4.4.0.244.278_amd64.deb 718903689da0d67ca3450b33c04ed596a5022d2f linux-headers-4.4.0-244-tuxcare.els15_4.4.0-244.278_all.deb d5c6cc620a400a90b71b5c047af3c32ac08ba53f linux-headers-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 28de366937d1322c001f9b96b7bf66ac65d79c7e linux-headers-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 50277a20ab71e6fd57c1dd0d630334bba4a185ea linux-headers-generic_4.4.0.244.278_amd64.deb e8788419bb7d4fd272e29734a50cc722ef6795ac linux-headers-lowlatency_4.4.0.244.278_amd64.deb ee9986377db6362ddb789a1d59dc5920c324debe linux-image-generic_4.4.0.244.278_amd64.deb d36307f274f199c421fdb73c758d1d577723423a linux-image-lowlatency_4.4.0.244.278_amd64.deb 8932361c0c94e1b6a3d1b0321bfa67bd4dcfb03e linux-image-unsigned-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 6fddc7008a3e0390eade75e62e725a80920a5359 linux-image-unsigned-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 5633ebece3cd025e91a2e6025cf633d956f72315 linux-libc-dev_4.4.0-244.278_amd64.deb a313ba2e781c8cb07a33f9858713407a691c7613 linux-lowlatency_4.4.0.244.278_amd64.deb de87d7c5548f6170a3b23c4d68ab0c48a70d4f09 linux-modules-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 7e128072dc6c5b373c0df24cf28837acd9da4c47 linux-modules-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 63169e47bfc90a8c37cdad6171670ce993a04e7b linux-modules-extra-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb df22e89c386f42d74cda6656ea6b22dc326a2608 linux-source_4.4.0.244.278_all.deb ee954be1362081db0cc8dccf7345df1060738333 linux-source-4.4.0_4.4.0-244.278_all.deb d78fd5770788830cb639473ea3825e94b9b2b28f linux-tools-4.4.0-244-tuxcare.els15_4.4.0-244.278_amd64.deb 638c4ce9bc7b4cde16b0eb76e2285d060ea80bb1 linux-tools-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 85cf4ec3685aadda403d657102f7331c82d93da2 linux-tools-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 533d0ca12f46b6f0e94910af70a0b173b628c5fc linux-tools-common_4.4.0-244.278_all.deb 46d9ba2718b6228dd851a139a4f7893e5c42b376 linux-tools-generic_4.4.0.244.278_amd64.deb 3f77da1ea5a19c2bbb61f7d2acc3ce378af1db30 linux-tools-host_4.4.0-244.278_all.deb 38826272d1724483cf8e715b38d869af87df9140 linux-tools-lowlatency_4.4.0.244.278_amd64.deb 5ab5ee2c4281e7d4ebe9e62837920c90d31a87b3 CLSA-2023:1693827560 TuxCare License Agreement 0 * Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 00e7d8b38deef31b0a1c65943f429e03b9d78407 linux-buildinfo-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb f3b19f9d4e804766d81eb8bc82fd436429da7f0d linux-cloud-tools-4.4.0-244-tuxcare.els15_4.4.0-244.278_amd64.deb fa4828a01020dc098d40bdf97bab37520a7d4213 linux-cloud-tools-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 88f90036406896a2874ce2840751237c054fac2b linux-cloud-tools-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb f3450cc1e4131a37a1347c42d77cc473f35ed38f linux-cloud-tools-common_4.4.0-244.278_all.deb 4f74134c31af3abb04600d1d7ac144dcf1fc50d6 linux-cloud-tools-generic_4.4.0.244.278_amd64.deb 9a55a11e5d7206b0fa0736f3f527187d805d3636 linux-cloud-tools-lowlatency_4.4.0.244.278_amd64.deb 87e6f8f442348879e82e3c33ed2f4d47f9c7f846 linux-crashdump_4.4.0.244.278_amd64.deb 8b4a881b17ef5ce144c6c15b5c525bb31580ad08 linux-doc_4.4.0-244.278_all.deb 9c6b8afcfda9bb1eeed97e5d1e12454f10e5293d linux-generic_4.4.0.244.278_amd64.deb 718903689da0d67ca3450b33c04ed596a5022d2f linux-headers-4.4.0-244-tuxcare.els15_4.4.0-244.278_all.deb d5c6cc620a400a90b71b5c047af3c32ac08ba53f linux-headers-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 28de366937d1322c001f9b96b7bf66ac65d79c7e linux-headers-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 50277a20ab71e6fd57c1dd0d630334bba4a185ea linux-headers-generic_4.4.0.244.278_amd64.deb e8788419bb7d4fd272e29734a50cc722ef6795ac linux-headers-lowlatency_4.4.0.244.278_amd64.deb ee9986377db6362ddb789a1d59dc5920c324debe linux-image-generic_4.4.0.244.278_amd64.deb d36307f274f199c421fdb73c758d1d577723423a linux-image-lowlatency_4.4.0.244.278_amd64.deb 8932361c0c94e1b6a3d1b0321bfa67bd4dcfb03e linux-image-unsigned-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 6fddc7008a3e0390eade75e62e725a80920a5359 linux-image-unsigned-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 5633ebece3cd025e91a2e6025cf633d956f72315 linux-libc-dev_4.4.0-244.278_amd64.deb a313ba2e781c8cb07a33f9858713407a691c7613 linux-lowlatency_4.4.0.244.278_amd64.deb de87d7c5548f6170a3b23c4d68ab0c48a70d4f09 linux-modules-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 7e128072dc6c5b373c0df24cf28837acd9da4c47 linux-modules-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 63169e47bfc90a8c37cdad6171670ce993a04e7b linux-modules-extra-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb df22e89c386f42d74cda6656ea6b22dc326a2608 linux-source_4.4.0.244.278_all.deb ee954be1362081db0cc8dccf7345df1060738333 linux-source-4.4.0_4.4.0-244.278_all.deb d78fd5770788830cb639473ea3825e94b9b2b28f linux-tools-4.4.0-244-tuxcare.els15_4.4.0-244.278_amd64.deb 638c4ce9bc7b4cde16b0eb76e2285d060ea80bb1 linux-tools-4.4.0-244-tuxcare.els15-generic_4.4.0-244.278_amd64.deb 85cf4ec3685aadda403d657102f7331c82d93da2 linux-tools-4.4.0-244-tuxcare.els15-lowlatency_4.4.0-244.278_amd64.deb 533d0ca12f46b6f0e94910af70a0b173b628c5fc linux-tools-common_4.4.0-244.278_all.deb 46d9ba2718b6228dd851a139a4f7893e5c42b376 linux-tools-generic_4.4.0.244.278_amd64.deb 3f77da1ea5a19c2bbb61f7d2acc3ce378af1db30 linux-tools-host_4.4.0-244.278_all.deb 38826272d1724483cf8e715b38d869af87df9140 linux-tools-lowlatency_4.4.0.244.278_amd64.deb 5ab5ee2c4281e7d4ebe9e62837920c90d31a87b3 CLSA-2023:1693904973 TuxCare License Agreement 0 * SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174

0 tuxcare-ubuntu16.04-els busybox_1.22.0-15ubuntu1.4+tuxcare.els4_amd64.deb 38ed7419e0f051031f8182049843b49e474569e8 busybox-initramfs_1.22.0-15ubuntu1.4+tuxcare.els4_amd64.deb c8412ff83d11436edc5c96a95d6df0f72b175c83 busybox-static_1.22.0-15ubuntu1.4+tuxcare.els4_amd64.deb 483ba04ac142f644b9ae106badb091b56896fc10 busybox-syslogd_1.22.0-15ubuntu1.4+tuxcare.els4_all.deb 8e448b76e98e23b4b7ee5422a7c5a8c7e03d4b1a udhcpc_1.22.0-15ubuntu1.4+tuxcare.els4_amd64.deb 004cbbaa8e728a0def9f4b5bbbfb325a87634529 udhcpd_1.22.0-15ubuntu1.4+tuxcare.els4_amd64.deb 55a4a704cb41b490697db107f425449caf3ca643 CLSA-2023:1694109571 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2023-08-08: + New Microcodes for 19h family: sig 0x00a10f11, sig 0x00a10f12, sig 0x00aa0f01, sig 0x00aa0f02; * SECURITY UPDATE: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result to potential information disclosure. - CPUs firmware updated up to 2023-08-08 - CVE-2023-20569 - CVE-2023-20593 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2023-08-08: + New Microcodes for 19h family: sig 0x00a10f11, sig 0x00a10f12, sig 0x00aa0f01, sig 0x00aa0f02; * SECURITY UPDATE: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result to potential information disclosure. - CPUs firmware updated up to 2023-08-08 - CVE-2023-20569 - CVE-2023-20593

0 tuxcare-ubuntu16.04-els amd64-microcode_3.20230808.1ubuntu0.16.04.2+tuxcare.els1_amd64.deb 77756ea07fa6806b1dbf63a5f36de78c2c85352d CLSA-2023:1694538006 TuxCare License Agreement 0 * SECURITY UPDATE: segmentation fault in objdump.c compare_symbols - debian/patches/CVE-2022-47695.patch: test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47695 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: segmentation fault in objdump.c compare_symbols - debian/patches/CVE-2022-47695.patch: test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47695

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 7cf8963a62fd01445d8a7327dbd0a6b412a7ca9c binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 3ebfc64bf1336769f40eae1729219243b3ef684b binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 325b7c2bfaf582e539743726a79617498550be42 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 54c5f90d6ccf59b8901594b9a4bbafe0674d60dd binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb ce4d18191dbd0c2ea8df7f819dcd9102f990efa9 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 415a83d22dba8dfba5b7ecd6b23eb8b4aa2debd2 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_all.deb 159bf88e9e08da7381a3c8de5e9518385e722d00 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb a49f3b1d4a041fc5d32d832377a515825ef7aa71 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 7ae31d0498abcc115a70b4329f404f345b1fbb33 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 059e296dbb0f45998d23bc8cfee9acd6142c574e binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 73b2756da4387596004960cde363767db3203a23 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 3788613d38afd9aa8cb62e6fa71f182907a40eaa binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb c109c323418f9cf9fa449ad61712fda57164b703 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb e6bf2a91fa77bc353ec3c8c7123706bf270f2f7e binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb e5b8be361814bdd3bd7d17a17fa5e90a7ec73561 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 15098df94fdde98206ff3ae9ef5eba6109eeb0c1 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb f1cac46f714197dbc0b6247d8b39fbd4cfa74097 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb f23e86d4057825976c64d5b22a0c402496cfc284 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 27efe9bc052b6b36a0eb3184952a0d2bf8517ba6 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb bcfa678e66c4ea8fd6feb279ab134c70237acdd0 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 13541d80cfb1b381750442ed96137e8c83a1a9be binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb 20d6e930ff511debc5423b886ccdf0dcb752fac3 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_all.deb 9901cfa2406f934e425ffeebcc455f9770f76270 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els8_amd64.deb ba6c701f0d16e85917f49bc7bb8b1548579841d9 CLSA-2023:1694538145 TuxCare License Agreement 0 * CVE-2022-40433: Segmentation fault in ciMethodBlocks::make_block_at(int) Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-40433: Segmentation fault in ciMethodBlocks::make_block_at(int)

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb 0083aa6abfc5906f42982b0186658b16726fb5dd openjdk-8-doc_8u372-ga-0ubuntu1~16.04+tuxcare.els2_all.deb db2f4fd9afb3415cb0d1e1a77e76f46b3b738b33 openjdk-8-jdk_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb 31401eb9436f7ff7dc3951c9c6ea04a32ce6e47f openjdk-8-jdk-headless_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb e9957949c379333022eb54337deaccdafb8a0c90 openjdk-8-jre_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb e6bd860f1a0c534069527ac60ec6165960952c9d openjdk-8-jre-headless_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb 17db2dfbfe24002af897a610acb55b02fedf9b69 openjdk-8-jre-jamvm_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb d678b6f5e3ee0bdb956e0fb5124cd6f72e8a1a0c openjdk-8-jre-zero_8u372-ga-0ubuntu1~16.04+tuxcare.els2_amd64.deb 568218bb20c25f1b2aad98e72825fc4b11cce9f6 openjdk-8-source_8u372-ga-0ubuntu1~16.04+tuxcare.els2_all.deb d937d85342f2e4f3c4436c8fd6ab1d09f4c39140 CLSA-2023:1694538236 TuxCare License Agreement 0 * SECURITY UPDATE: XML vulnerabilities in plist files - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: XML vulnerabilities in plist files - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_all.deb e32a1d9524466db2b3f004919c0d317486e9171e libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb 9be77856024b95a36f25362249e7cc3b2c411571 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb 03675a5e25bfd27be09e56090fd9a2840310baa0 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb df46d40468d0891bce2e9cf7be58c8c1fbe3cd92 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb ac9fe263435fb93824b48d19f3c0afe4503244d1 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_all.deb 30e84a5389b38b2a7bedb0e855f82a6ecf9fc4a9 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb b52eecb5233995fa5c4cb30602a1e97dcd69ccb3 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb 807e05fc5ec82e678ef183306c48c20b3c6cf7d2 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_all.deb d1bec8b764e43efe3fa11177c1f233982cf4d801 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_all.deb 1175251e57272663275dff1d9b4b94fae5826dad python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els8_amd64.deb 7a3f8d579cb22410b4eabafc0dcc3bcfce6f4595 CLSA-2023:1694538434 TuxCare License Agreement 0 * SECURITY UPDATE: DoS in case of malicious entity directives - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DoS in case of malicious entity directives - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_all.deb db3d23d1d1b2ab554fdd7a8ab7693e24a5496ebe libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb 58dfa0e88c81b150058703e37c008b289c38a410 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb e14206ecb717fd24b0809840cbe3a457f8bfacd2 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb 09bb7ed7123048b523b3aa5f8ff3f745bbc81f00 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb 67ed9fb7fa9025a010455165ba4c7248d717b6b7 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_all.deb 8eeb773659743e06dbb45f8cb78bb445593fbb7b python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb 0c7704be6a436d366e2bfb379d972501357c3d89 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb bd83962f2832448450169326fe8956f0c5eeac2c python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_all.deb 162ff28c85fb6ab2b80c2d9eea86c8e00e25823f python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_all.deb fd315de078fef2adf21b1ab12b5a6a5fe4becb51 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb 1bc2db89a4405840d0679b6d93da453af0845ac3 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els10_amd64.deb 723ca04d966f8cd96ce40f1d5c340051e95d7177 CLSA-2023:1695046627 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - x86/cpufeature: Add facility to check for min microcode revisions - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header - x86/devicetable: Move x86 specific macro out of generic code - x86/cpu: Add consistent CPU match macros - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/bugs: Report AMD retbleed vulnerability - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/entry: Add kernel IBRS implementation - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/speculation: Add LFENCE to RSB fill sequence - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - x86/speculation: Fill RSB on vmexit for IBRS - x86/cpu/amd: Enumerate BTC_NO - x86/speculation: Disable RRSBA behavior - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29901 - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/bugs: Report Intel retbleed vulnerability - entel_idle: Disable IBRS during long idle - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Remove x86_spec_ctrl_mask - x86/common: Stamp out the stepping madness - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29900 - x86/bugs: Add AMD retbleed= boot parameter * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) - x86/bugs: Add "unknown" reporting for MMIO Stale Data * CVE-2021-26401 - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting * Bionic update: upstream stable patchset 2019-10-07 (LP: #1847155) - x86/cpu: Add Tiger Lake to Intel family * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 * Miscellaneous upstream changes - Revert "x86/enter: Use IBRS on syscall and interrupts" Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - x86/cpufeature: Add facility to check for min microcode revisions - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header - x86/devicetable: Move x86 specific macro out of generic code - x86/cpu: Add consistent CPU match macros - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/bugs: Report AMD retbleed vulnerability - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/entry: Add kernel IBRS implementation - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/speculation: Add LFENCE to RSB fill sequence - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - x86/speculation: Fill RSB on vmexit for IBRS - x86/cpu/amd: Enumerate BTC_NO - x86/speculation: Disable RRSBA behavior - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29901 - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/bugs: Report Intel retbleed vulnerability - entel_idle: Disable IBRS during long idle - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Remove x86_spec_ctrl_mask - x86/common: Stamp out the stepping madness - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29900 - x86/bugs: Add AMD retbleed= boot parameter * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) - x86/bugs: Add "unknown" reporting for MMIO Stale Data * CVE-2021-26401 - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting * Bionic update: upstream stable patchset 2019-10-07 (LP: #1847155) - x86/cpu: Add Tiger Lake to Intel family * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 * Miscellaneous upstream changes - Revert "x86/enter: Use IBRS on syscall and interrupts"

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb ecfbd0f72ca8a1c460ada99f574ec61609e63ebb linux-buildinfo-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb c8a0a3684e196e7c7111a751579d7122ffdbd01e linux-cloud-tools-4.4.0-245-tuxcare.els16_4.4.0-245.279_amd64.deb ea1c739227ce834d1dd2f3d2c801b3d623fc9945 linux-cloud-tools-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 713305c28a904f7823d5e1f4cab37bddebec208a linux-cloud-tools-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 6a34b36383381aff72036dafbbd09ff6975b7d44 linux-cloud-tools-common_4.4.0-245.279_all.deb cecfd6a206baa6ee652404db50ca9ce31f028214 linux-cloud-tools-generic_4.4.0.245.279_amd64.deb d9415c3559c535fd4586649b29068e3ff9793036 linux-cloud-tools-lowlatency_4.4.0.245.279_amd64.deb 2b3d0eb752cd109a0e73e8cd6258bbec2789220a linux-crashdump_4.4.0.245.279_amd64.deb aeb255e3030405aeddb3820691d3e68597a273bb linux-doc_4.4.0-245.279_all.deb e3679df0ff27d2e6010dbab2a32d2c94ad8a8692 linux-generic_4.4.0.245.279_amd64.deb 65f4135e0c5feb4dcc9d7b67787994b5b057ae69 linux-headers-4.4.0-245-tuxcare.els16_4.4.0-245.279_all.deb 27bb8a245f84a425288ee3252c80229b87723d6a linux-headers-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb f68be22dbfef17e6e1cdb6e288969c9efb5fd2a8 linux-headers-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 0ecab5b3ca8bc38de76c64d17b3ebef6c794298a linux-headers-generic_4.4.0.245.279_amd64.deb b3609863a1cb86ddea13e6af690bf7990871e671 linux-headers-lowlatency_4.4.0.245.279_amd64.deb 1356db6ed082c0683786c970cf4b374cb0a02e32 linux-image-generic_4.4.0.245.279_amd64.deb 727cf756aaa01b1466d8a8aac236c587b35cc783 linux-image-lowlatency_4.4.0.245.279_amd64.deb 3304a07c8f6ee5c766cc581b746c7f80337f4317 linux-image-unsigned-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 8c07b0a87175e395716fa25a199ddc73f1f24254 linux-image-unsigned-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb f84ba93e1186c9775cc76a1f985c6592a4404b36 linux-libc-dev_4.4.0-245.279_amd64.deb 9628535b7baee145382a5cab0a8d6619956e0b86 linux-lowlatency_4.4.0.245.279_amd64.deb 062569ee9fc900e0835d8870c946592dcace5150 linux-modules-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 4bc518a3e84d6b5d6bb294031afc95c8ffab4d1c linux-modules-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 1fef10ee27d953371c8a10439ab095c8984c04e2 linux-modules-extra-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 2a49a5061a7eec9232d941c56971f87dcc51cbf2 linux-source_4.4.0.245.279_all.deb 0c21556ec6ba23855f8c028f973c2158026a5e6f linux-source-4.4.0_4.4.0-245.279_all.deb 0a36e86127a1dbdbdbfa1c8bd0ffe717053bc3a3 linux-tools-4.4.0-245-tuxcare.els16_4.4.0-245.279_amd64.deb 009449733d5be87e56ef4e1c87de8d6272af44b9 linux-tools-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb f7829a7ae798257a185b72bb80d5a99406cb7305 linux-tools-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 6fa079182ed96b9918fbef2827baf7cd42d32c38 linux-tools-common_4.4.0-245.279_all.deb 6ede2c5c00e89a3562f25f04ba324e7cd105eb91 linux-tools-generic_4.4.0.245.279_amd64.deb 46a11430b0c060a058196be7ccde981e85837600 linux-tools-host_4.4.0-245.279_all.deb d0820d4d4f88c6ce0fd5ce680355fc626d04bc94 linux-tools-lowlatency_4.4.0.245.279_amd64.deb 60a5d10f986e80af977c98960b14591b4c65aaad CLSA-2023:1695046791 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - x86/cpufeature: Add facility to check for min microcode revisions - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header - x86/devicetable: Move x86 specific macro out of generic code - x86/cpu: Add consistent CPU match macros - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/bugs: Report AMD retbleed vulnerability - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/entry: Add kernel IBRS implementation - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/speculation: Add LFENCE to RSB fill sequence - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - x86/speculation: Fill RSB on vmexit for IBRS - x86/cpu/amd: Enumerate BTC_NO - x86/speculation: Disable RRSBA behavior - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29901 - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/bugs: Report Intel retbleed vulnerability - entel_idle: Disable IBRS during long idle - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Remove x86_spec_ctrl_mask - x86/common: Stamp out the stepping madness - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29900 - x86/bugs: Add AMD retbleed= boot parameter * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) - x86/bugs: Add "unknown" reporting for MMIO Stale Data * CVE-2021-26401 - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting * Bionic update: upstream stable patchset 2019-10-07 (LP: #1847155) - x86/cpu: Add Tiger Lake to Intel family * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 * Miscellaneous upstream changes - Revert "x86/enter: Use IBRS on syscall and interrupts" Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - x86/cpufeature: Add facility to check for min microcode revisions - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header - x86/devicetable: Move x86 specific macro out of generic code - x86/cpu: Add consistent CPU match macros - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/bugs: Report AMD retbleed vulnerability - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/entry: Add kernel IBRS implementation - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/speculation: Add LFENCE to RSB fill sequence - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - x86/speculation: Fill RSB on vmexit for IBRS - x86/cpu/amd: Enumerate BTC_NO - x86/speculation: Disable RRSBA behavior - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29901 - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/bugs: Report Intel retbleed vulnerability - entel_idle: Disable IBRS during long idle - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Remove x86_spec_ctrl_mask - x86/common: Stamp out the stepping madness - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) // CVE-2022-29900 - x86/bugs: Add AMD retbleed= boot parameter * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) - x86/bugs: Add "unknown" reporting for MMIO Stale Data * CVE-2021-26401 - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting * Bionic update: upstream stable patchset 2019-10-07 (LP: #1847155) - x86/cpu: Add Tiger Lake to Intel family * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 * Miscellaneous upstream changes - Revert "x86/enter: Use IBRS on syscall and interrupts"

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb ecfbd0f72ca8a1c460ada99f574ec61609e63ebb linux-buildinfo-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb c8a0a3684e196e7c7111a751579d7122ffdbd01e linux-cloud-tools-4.4.0-245-tuxcare.els16_4.4.0-245.279_amd64.deb ea1c739227ce834d1dd2f3d2c801b3d623fc9945 linux-cloud-tools-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 713305c28a904f7823d5e1f4cab37bddebec208a linux-cloud-tools-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 6a34b36383381aff72036dafbbd09ff6975b7d44 linux-cloud-tools-common_4.4.0-245.279_all.deb cecfd6a206baa6ee652404db50ca9ce31f028214 linux-cloud-tools-generic_4.4.0.245.279_amd64.deb d9415c3559c535fd4586649b29068e3ff9793036 linux-cloud-tools-lowlatency_4.4.0.245.279_amd64.deb 2b3d0eb752cd109a0e73e8cd6258bbec2789220a linux-crashdump_4.4.0.245.279_amd64.deb aeb255e3030405aeddb3820691d3e68597a273bb linux-doc_4.4.0-245.279_all.deb e3679df0ff27d2e6010dbab2a32d2c94ad8a8692 linux-generic_4.4.0.245.279_amd64.deb 65f4135e0c5feb4dcc9d7b67787994b5b057ae69 linux-headers-4.4.0-245-tuxcare.els16_4.4.0-245.279_all.deb 27bb8a245f84a425288ee3252c80229b87723d6a linux-headers-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb f68be22dbfef17e6e1cdb6e288969c9efb5fd2a8 linux-headers-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 0ecab5b3ca8bc38de76c64d17b3ebef6c794298a linux-headers-generic_4.4.0.245.279_amd64.deb b3609863a1cb86ddea13e6af690bf7990871e671 linux-headers-lowlatency_4.4.0.245.279_amd64.deb 1356db6ed082c0683786c970cf4b374cb0a02e32 linux-image-generic_4.4.0.245.279_amd64.deb 727cf756aaa01b1466d8a8aac236c587b35cc783 linux-image-lowlatency_4.4.0.245.279_amd64.deb 3304a07c8f6ee5c766cc581b746c7f80337f4317 linux-image-unsigned-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 8c07b0a87175e395716fa25a199ddc73f1f24254 linux-image-unsigned-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb f84ba93e1186c9775cc76a1f985c6592a4404b36 linux-libc-dev_4.4.0-245.279_amd64.deb 9628535b7baee145382a5cab0a8d6619956e0b86 linux-lowlatency_4.4.0.245.279_amd64.deb 062569ee9fc900e0835d8870c946592dcace5150 linux-modules-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 4bc518a3e84d6b5d6bb294031afc95c8ffab4d1c linux-modules-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 1fef10ee27d953371c8a10439ab095c8984c04e2 linux-modules-extra-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb 2a49a5061a7eec9232d941c56971f87dcc51cbf2 linux-source_4.4.0.245.279_all.deb 0c21556ec6ba23855f8c028f973c2158026a5e6f linux-source-4.4.0_4.4.0-245.279_all.deb 0a36e86127a1dbdbdbfa1c8bd0ffe717053bc3a3 linux-tools-4.4.0-245-tuxcare.els16_4.4.0-245.279_amd64.deb 009449733d5be87e56ef4e1c87de8d6272af44b9 linux-tools-4.4.0-245-tuxcare.els16-generic_4.4.0-245.279_amd64.deb f7829a7ae798257a185b72bb80d5a99406cb7305 linux-tools-4.4.0-245-tuxcare.els16-lowlatency_4.4.0-245.279_amd64.deb 6fa079182ed96b9918fbef2827baf7cd42d32c38 linux-tools-common_4.4.0-245.279_all.deb 6ede2c5c00e89a3562f25f04ba324e7cd105eb91 linux-tools-generic_4.4.0.245.279_amd64.deb 46a11430b0c060a058196be7ccde981e85837600 linux-tools-host_4.4.0-245.279_all.deb d0820d4d4f88c6ce0fd5ce680355fc626d04bc94 linux-tools-lowlatency_4.4.0.245.279_amd64.deb 60a5d10f986e80af977c98960b14591b4c65aaad CLSA-2023:1695063978 TuxCare License Agreement 0 * SECURITY UPDATE: Use-after-free in do_ecmd() - debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after reset_VIsual() - CVE-2023-4733 * SECURITY UPDATE: Potential OOB write in do_addsub() - debian/patches/CVE-2023-4735.patch: Don't overflow buf2, check size in for loop() - CVE-2023-4735 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use-after-free in do_ecmd() - debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after reset_VIsual() - CVE-2023-4733 * SECURITY UPDATE: Potential OOB write in do_addsub() - debian/patches/CVE-2023-4735.patch: Don't overflow buf2, check size in for loop() - CVE-2023-4735

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb dbe4a021bb376d5f7a572c5781537a296d77e3e1 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 76be525c31560669989105b3188770349822b8e9 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb fd18f0b2536207cef96a08c79aacf6277e38b17a vim-common_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb a90cf474e497f4e5c1b724ac7d45b22e3123950e vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els44_all.deb 3fd6619ed4200a55fe4c7595ccf298b639907621 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 882fda699c85cb2fac6fea9f94cd7757a3caf62a vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 81311917b5dfd55fe0cefd3bcfa1c2c67932ee9d vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 7a12fb350a09036578a77329c6164dacad8e1afc vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 9abbce4523f4310b8d689b247d96d6ba2f9ce13e vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 5da4a4a05e0a954e8f0af58ba757eea6653ada59 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 3bbbaae66dbb6b61239582fb282d660395810f67 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els44_all.deb d39b57a1ef87229eed9ef09d491559d87127fa9f vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 386d83c5762f1957d4f2252aa3241cb77d96df5a vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb 0e92ed2470ee4f5ccc6070a4467923a2a44587af vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els44_all.deb 94c9632e6da836a6a8c1b3d2a10e75fab0848aeb vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb f4cc7e157337c57845c94ec4cdb7b9959aeab1f7 CLSA-2023:1695319921 TuxCare License Agreement 0 * SECURITY UPDATE: Extension script @substitutions@ within quoting allow SQL injection - debian/patches/CVE-2023-39417.patch: filter each substitution through quote_identifier() - CVE-2023-39417 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Extension script @substitutions@ within quoting allow SQL injection - debian/patches/CVE-2023-39417.patch: filter each substitution through quote_identifier() - CVE-2023-39417

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb beebe48bdced33b6bcc1ffc604b87c554b73a475 libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb ab6b6452b899fdc18253f9676c55062671885b1e libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb c7a26c50d747a6012d85ae49ad1b812ebf1805c4 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 50901b2845f4053eba4b3e408abd94df60596d8e libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 9799c1bb38faec232d70f4baea0b3c724e0ac52d libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 3b74957565f0eaf08a9b348e415053bc6504c5cd postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 95fdeaffa263ca7b82ab67b8c603d381f2b940f0 postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 117b7633617a8b464d4dd997d87414bd034c1549 postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb c08edf181538b453b0838ffd80a97f3f8fcb3655 postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_all.deb 377a3b909cfba7737f9a92ef644ab820f4d5c63f postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 63a10184f9cb2020b31f694b9537c3af20afd8bc postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb d5260b6d3509728a9c9f50183ff4ce5fb901fecc postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb f5a73d06fca9c3ba2ec3573efe49554c72216f87 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb 0095f67d71bea7bcb868039dd260e5ba0ef76ca6 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els5_amd64.deb af488a5d32fb2fc55b35230f1c72b50840f55fc1 CLSA-2023:1695320045 TuxCare License Agreement 0 * SECURITY UPDATE: An executable file with some well-known name like zip, gzip, and so on can be started from a current directory during some plugin is opening apropriate file that has a one of the extensions .zip, .gzip, .rb, and etc. This issue is effective only if the PATH environment variable has a ./ (dot) as one element in the path list - debian/patches/CVE-2023-4736.patch: avoid starting executable from a current directory for some plugins - CVE-2023-4736 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: An executable file with some well-known name like zip, gzip, and so on can be started from a current directory during some plugin is opening apropriate file that has a one of the extensions .zip, .gzip, .rb, and etc. This issue is effective only if the PATH environment variable has a ./ (dot) as one element in the path list - debian/patches/CVE-2023-4736.patch: avoid starting executable from a current directory for some plugins - CVE-2023-4736

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb bec856215a96427e4b0c2bba4a49a82883b3e466 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb c5f93832b0410a3008f714f7f18a75539949ec2b vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 88bcbf844bea9ef50d8ebed081b9394ee078d00e vim-common_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 68672aba3375d3cfab6212d0e343ba0496dbb532 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els46_all.deb f69a23d8aee1a32e80a7e0214e4163b1321dfd65 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb b1e32e8a8db8462858a8c982ae083add872b38f5 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 06631a05682a75fc5a3173ab32bb933facfacbc8 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb c380c7c67ef4cf5ad21ad8bfa0f2d2829083849f vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb ccce7bc035d084c5b1c90b88c076ba25650269ca vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 3dde5304963675510a44e0571bd40aef9efe5172 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 9d9d04ffd4a54d21d5284ec1aca9f48c979bc2bf vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els46_all.deb ec30abddc4cbce26e3f92c957573a09787476510 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 533d919ee4a0ef38e0949b68870163b875ed4bbc vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb 352bd38de87aa66e7724dea6bda10efd73f302ed vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els46_all.deb 15f179df592b10b6fe70cc7577fe59ee38e0001c vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb ca81691f01fac1b3fb927a329aa5afec1489be0a CLSA-2023:1695752243 TuxCare License Agreement 0 * SECURITY UPDATE: a heap buffer overflow triggered in display_debug_section() at binutils/readelf.c - debian/patches/CVE-2022-45703.patch: combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-45703 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a heap buffer overflow triggered in display_debug_section() at binutils/readelf.c - debian/patches/CVE-2022-45703.patch: combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-45703

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 79d26cd5c6a81214d8495b7202e74882e43ff492 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb cd0a717756b4a7cfa5d596961f9acf28fd0dba08 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 908b38b1862878d819705f8a0e0dad86d20deec2 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 9a4a4d08cabe68374787d23d0d087dbf4368a155 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 3b010edfe92e297f1065ac200b9ecbfcba7782ec binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 8aacc283810503def6c1a432232171caef2c33b4 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_all.deb 3332d5ad0867fa73dd9db6d91a2405e8eb2dfc18 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 2eb0580862f52c400e9d6f5e4657cabc85ed5bb3 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb f3b0978d45c6a46d1292beabcedbe8a93e0dfe2a binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 8cad28403d1f98bdb623a0d759b04879d221df49 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 7311a8254ff486bf8db630028d0e4fcbef47183e binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 80326812014d8af563ee1dba251d2fa55f70c371 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 725458a95365fbc1081b4b845bc5a7da2d5c2877 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 439138afe5eea0a8f1a9f5dcd0f77508b0224009 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 4294db6847a5b23d37df704a8286a764ef370398 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb ba68dc7e21903a67008809af9cc146077124745e binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 55ab8556d1f19bf48741b77e6fcff74c57c6b2bb binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 409bcff97fe0f7e803151c6489da2cd3983f687e binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 385acf8ef0bc195940b6cc924ba903751ce8d559 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb ed78418e76085dbffc856707b7bdef7aa9e9fc93 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb e00354d27d5de31f602e1bec57a7fe0296f4df11 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 972e9d5f9ecb738b24058478845b616262dc63e1 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_all.deb f32137c77e5ff92b11f23bb1886414e9ebaee2a2 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els9_amd64.deb 532e57e2c90141d8f3fe1db2c7b2e816c1d0756c CLSA-2023:1695835334 TuxCare License Agreement 0 * SECURITY UPDATE: An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. - debian/patches/CVE-2020-22218.patch: doing total_num zero length check. - CVE-2020-22218 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. - debian/patches/CVE-2020-22218.patch: doing total_num zero length check. - CVE-2020-22218

0 tuxcare-ubuntu16.04-els libssh2-1_1.5.0-2ubuntu0.1+tuxcare.els1_amd64.deb 405f6549c610c2054c34ca0b47c816215a016b11 libssh2-1-dev_1.5.0-2ubuntu0.1+tuxcare.els1_amd64.deb 47084654283644b76c95ee44c1a5fcc3b77a23cd CLSA-2023:1695901231 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/cpu: Move arch_smt_update() to a neutral place * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2022-40982 - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/speculation: Identify processors vulnerable to SMT RSB predictions * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * Jammy update: v5.15.46 upstream stable release (LP: #1981864) // CVE-url: https://ubuntu.com/security/CVE-2023-4385 - fs: jfs: fix possible NULL pointer dereference in dbFree() * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4459 - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/cpu: Move arch_smt_update() to a neutral place * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2022-40982 - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/speculation: Identify processors vulnerable to SMT RSB predictions * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * Jammy update: v5.15.46 upstream stable release (LP: #1981864) // CVE-url: https://ubuntu.com/security/CVE-2023-4385 - fs: jfs: fix possible NULL pointer dereference in dbFree() * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4459 - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 4c37c11aebbad105c46f0806271621ac57369ca1 linux-buildinfo-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 3cfc99bd0ff10c69fa897c2014514abc0122c78f linux-cloud-tools-4.4.0-246-tuxcare.els17_4.4.0-246.280_amd64.deb ae9ffca797acb9148516a0e64a3ed7a4091f15d8 linux-cloud-tools-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 39adc1fe590559eb234731644b004b9383f29bce linux-cloud-tools-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 64bb98e3c55a58921563bbe826bb3f43023c39ab linux-cloud-tools-common_4.4.0-246.280_all.deb 10e5cfa3a49a98fffb9ac9c1f78050b6e2f55ace linux-cloud-tools-generic_4.4.0.246.280_amd64.deb 575a403aa768da6db7d265fd3ead02dfaf5f8e2a linux-cloud-tools-lowlatency_4.4.0.246.280_amd64.deb 072b2f1990950c800cb211f9798e9c800b3213b0 linux-crashdump_4.4.0.246.280_amd64.deb 3a345f98542dcadae74f1ddeb24cc871f0ef661d linux-doc_4.4.0-246.280_all.deb 12970d7093d08d6bf27529af8ca2c63c02a7d9a7 linux-generic_4.4.0.246.280_amd64.deb baab391b206502eb7e54ff25b6d1b88e51735401 linux-headers-4.4.0-246-tuxcare.els17_4.4.0-246.280_all.deb c384fb64b4aadd68755fe8eabf1b1717cb1d5b13 linux-headers-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb c7f3c566e70de02d0e1c2b6f8fcf4e3903157e8e linux-headers-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 37f0e26b85362f825198a61452b300cdf5b0d7a6 linux-headers-generic_4.4.0.246.280_amd64.deb 21a08f0f144baa1c16b8c5e0e5763d85178a434e linux-headers-lowlatency_4.4.0.246.280_amd64.deb 5aec500f45ee1c0d9e2659fea4825c2ccff9069a linux-image-generic_4.4.0.246.280_amd64.deb dc2c5de4b66c7d3e9b0f38fb30af2c28c198136a linux-image-lowlatency_4.4.0.246.280_amd64.deb a8c01a6f494ee83c5cd8fa098b188b2ac26957a0 linux-image-unsigned-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb cc848891a7b504f79544fdf2de1b0f088661d8e2 linux-image-unsigned-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 60f4e0f2dc9c9c942a23fb0ddb4f970b81f07584 linux-libc-dev_4.4.0-246.280_amd64.deb e13a99f5e21e9df8c4917f2877a0ed25065ed9dc linux-lowlatency_4.4.0.246.280_amd64.deb 0615bd374943bd48f90eabf7184baf9ecad23aa2 linux-modules-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 8d329bd21a3c3b23c0e5bf0d47373ffebc02a4a8 linux-modules-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb bd96a38796a8068d23fd09236d3426f339fda8b5 linux-modules-extra-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 11fda423d6573e070179728ecf8e11a0a65161d6 linux-source_4.4.0.246.280_all.deb b7de25d147bd3736cd2599e9e10bd18b0a566e64 linux-source-4.4.0_4.4.0-246.280_all.deb 85493c82a4959277934739df613ed39fed5116e5 linux-tools-4.4.0-246-tuxcare.els17_4.4.0-246.280_amd64.deb 14e37b40f0120c79c0d398aef94148ae5fc9b1c0 linux-tools-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 078e360dc448819c2b5fb9ab97425ea1b6869b50 linux-tools-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 7576f25f52632d7c0eeedefa795a3dbd1156a749 linux-tools-common_4.4.0-246.280_all.deb 3a625507a4a7284460a91564d8429d970901add5 linux-tools-generic_4.4.0.246.280_amd64.deb 5d8b35595c4191285f110afd27fbcfdd3ca0bceb linux-tools-host_4.4.0-246.280_all.deb 5a5eb8d5cee298349007e5bf17f1242556c5ea3c linux-tools-lowlatency_4.4.0.246.280_amd64.deb fad6259c370ad0420d37bf3bdc7e0661efca0384 CLSA-2023:1695901429 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/cpu: Move arch_smt_update() to a neutral place * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2022-40982 - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/speculation: Identify processors vulnerable to SMT RSB predictions * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * Jammy update: v5.15.46 upstream stable release (LP: #1981864) // CVE-url: https://ubuntu.com/security/CVE-2023-4385 - fs: jfs: fix possible NULL pointer dereference in dbFree() * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4459 - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/cpu: Move arch_smt_update() to a neutral place * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2022-40982 - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/speculation: Identify processors vulnerable to SMT RSB predictions * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * Jammy update: v5.15.46 upstream stable release (LP: #1981864) // CVE-url: https://ubuntu.com/security/CVE-2023-4385 - fs: jfs: fix possible NULL pointer dereference in dbFree() * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4459 - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 4c37c11aebbad105c46f0806271621ac57369ca1 linux-buildinfo-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 3cfc99bd0ff10c69fa897c2014514abc0122c78f linux-cloud-tools-4.4.0-246-tuxcare.els17_4.4.0-246.280_amd64.deb ae9ffca797acb9148516a0e64a3ed7a4091f15d8 linux-cloud-tools-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 39adc1fe590559eb234731644b004b9383f29bce linux-cloud-tools-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 64bb98e3c55a58921563bbe826bb3f43023c39ab linux-cloud-tools-common_4.4.0-246.280_all.deb 10e5cfa3a49a98fffb9ac9c1f78050b6e2f55ace linux-cloud-tools-generic_4.4.0.246.280_amd64.deb 575a403aa768da6db7d265fd3ead02dfaf5f8e2a linux-cloud-tools-lowlatency_4.4.0.246.280_amd64.deb 072b2f1990950c800cb211f9798e9c800b3213b0 linux-crashdump_4.4.0.246.280_amd64.deb 3a345f98542dcadae74f1ddeb24cc871f0ef661d linux-doc_4.4.0-246.280_all.deb 12970d7093d08d6bf27529af8ca2c63c02a7d9a7 linux-generic_4.4.0.246.280_amd64.deb baab391b206502eb7e54ff25b6d1b88e51735401 linux-headers-4.4.0-246-tuxcare.els17_4.4.0-246.280_all.deb c384fb64b4aadd68755fe8eabf1b1717cb1d5b13 linux-headers-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb c7f3c566e70de02d0e1c2b6f8fcf4e3903157e8e linux-headers-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 37f0e26b85362f825198a61452b300cdf5b0d7a6 linux-headers-generic_4.4.0.246.280_amd64.deb 21a08f0f144baa1c16b8c5e0e5763d85178a434e linux-headers-lowlatency_4.4.0.246.280_amd64.deb 5aec500f45ee1c0d9e2659fea4825c2ccff9069a linux-image-generic_4.4.0.246.280_amd64.deb dc2c5de4b66c7d3e9b0f38fb30af2c28c198136a linux-image-lowlatency_4.4.0.246.280_amd64.deb a8c01a6f494ee83c5cd8fa098b188b2ac26957a0 linux-image-unsigned-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb cc848891a7b504f79544fdf2de1b0f088661d8e2 linux-image-unsigned-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 60f4e0f2dc9c9c942a23fb0ddb4f970b81f07584 linux-libc-dev_4.4.0-246.280_amd64.deb e13a99f5e21e9df8c4917f2877a0ed25065ed9dc linux-lowlatency_4.4.0.246.280_amd64.deb 0615bd374943bd48f90eabf7184baf9ecad23aa2 linux-modules-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 8d329bd21a3c3b23c0e5bf0d47373ffebc02a4a8 linux-modules-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb bd96a38796a8068d23fd09236d3426f339fda8b5 linux-modules-extra-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 11fda423d6573e070179728ecf8e11a0a65161d6 linux-source_4.4.0.246.280_all.deb b7de25d147bd3736cd2599e9e10bd18b0a566e64 linux-source-4.4.0_4.4.0-246.280_all.deb 85493c82a4959277934739df613ed39fed5116e5 linux-tools-4.4.0-246-tuxcare.els17_4.4.0-246.280_amd64.deb 14e37b40f0120c79c0d398aef94148ae5fc9b1c0 linux-tools-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb 078e360dc448819c2b5fb9ab97425ea1b6869b50 linux-tools-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb 7576f25f52632d7c0eeedefa795a3dbd1156a749 linux-tools-common_4.4.0-246.280_all.deb 3a625507a4a7284460a91564d8429d970901add5 linux-tools-generic_4.4.0.246.280_amd64.deb 5d8b35595c4191285f110afd27fbcfdd3ca0bceb linux-tools-host_4.4.0-246.280_all.deb 5a5eb8d5cee298349007e5bf17f1242556c5ea3c linux-tools-lowlatency_4.4.0.246.280_amd64.deb fad6259c370ad0420d37bf3bdc7e0661efca0384 CLSA-2023:1696351606 TuxCare License Agreement 0 * SECURITY UPDATE: uninitialized-heap vulnerability in function tic4x_print_cond in file opcodes/tic4x-dis.c - debian/patches/CVE-2020-35342.patch: Init all of condtable - CVE-2020-35342 * SECURITY UPDATE: a memory consumption issue in get_data function in binutils/nm.c - debian/patches/CVE-2020-19724.patch: Free dyn_syms - CVE-2020-19724 * SECURITY UPDATE: a memory leak when process microblaze-dis.c - debian/patches/CVE-2020-21490.patch: Use strbuf rather than strdup of local temp - CVE-2020-21490 * SECURITY UPDATE: an issue relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service - debian/patches/CVE-2020-19726.patch: Fix parsing a corrupt PE format file - CVE-2020-19726 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: uninitialized-heap vulnerability in function tic4x_print_cond in file opcodes/tic4x-dis.c - debian/patches/CVE-2020-35342.patch: Init all of condtable - CVE-2020-35342 * SECURITY UPDATE: a memory consumption issue in get_data function in binutils/nm.c - debian/patches/CVE-2020-19724.patch: Free dyn_syms - CVE-2020-19724 * SECURITY UPDATE: a memory leak when process microblaze-dis.c - debian/patches/CVE-2020-21490.patch: Use strbuf rather than strdup of local temp - CVE-2020-21490 * SECURITY UPDATE: an issue relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service - debian/patches/CVE-2020-19726.patch: Fix parsing a corrupt PE format file - CVE-2020-19726

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb d2f6fb20fd7ecc7a9221717c02e40a89f83f6fd9 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 3920b67c928993a0ca377aac155225b41909384a binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb a6132ab98fe76399e983b0d797588a7da2936e50 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 0627d56a531431727ad9fb7f3972cd929391f6fc binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb f9aba2aaef0f15cc67de82b43a0ec1772685aff7 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 42373ad502a730291d6c28a1b603c4fcc8486d9e binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_all.deb 98b2ab3d51ccec73b58f48234c7f5b2005613b19 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 6892c248bf494bd68488260e25bf96f77171585e binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 04851183a5d72e1b4cd67d3b28c790380638ddf3 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 7e7be457a66ee3e8bb370829266a3f8e6291a99a binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb c009f688e4a7ea09f54f78c99d29b40f967b77fd binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb a0332b9e4938ebf9adb73a6379f36c89638254b6 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 39d1dede5c93a695ce74f2a6fc7c114f11fc6580 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 67c0c89e2b6f5c97da8356639bccf832a5478cbc binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 36f1ad50bfbc1f7e9d2a9167f757061d38677ad3 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb b848b7d7cea80f9d7f21b71e5eca9826f9bec94f binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 47ccbb4e91b88132d4f614e8f9a9c4f001f1b94f binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb fd28b1e08de69ca5f8541b0bb4eebe34ca4768d7 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb afa2c76221326354ac13ed117b638a4d7c94fb8a binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 7505f7c9dca4e21beae2f9ff90b86e2b9ffb458b binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb df93aa0da517af92962a96eeb0b7c5e2dbc2d62d binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb 7222792bc2ccf284ea1bdede6701894b8fa9f234 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_all.deb 87d19c7efc0807c77af4341a2ff8b5c490252a6a binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els10_amd64.deb ee232f417f23abecf59e1ed4cf3ba56c8daa6bd8 CLSA-2023:1696351712 TuxCare License Agreement 0 * SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb d07ae825343ea1c282a4d311ab3dde8ef92b327e imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb 56131255de277e0f7e799846640036fce871b454 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb ea59c31ebbde5b4dd8347a5b9ce151c6be3f797e imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb a02504442e4aee0be811da56cb4978bf9cdc8fa8 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb 99632eb9cf04da6c997eb9255b444a3fe19c3ff6 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb 753d743b259cc27e793461d3d978e8c7ef0ca83d libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb 1a1a98ec321b336c5c544f65115699f9abfd4687 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb 8b1d03a0fb33ec9573fa469a8c85ba69bc503d7d libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb 4c6b2dcc5d521b0ebea6e79f8356b7e15f9f32bf libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb cbdec5a079f7910f044d68e0706926c114ac70e0 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb c48843ccfb7491de7c5cf6b9d6d9e978d0d868ec libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb 92bd8293c32ea9181952fb92ea5f26a483a5905c libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb c97dfb845410b9abe860ab1de1c850cdaf694ea9 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb 5eaec12942b624c74bf5c950a45aed1507945d4c libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb ff1efbf592f79bef3572243de1879a2b53714c02 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb a8d5efe92dd0192a72c436f7f4c5793d6b104939 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb 05d8268f66523da8dac6650b672dffb236d478f6 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb c58aa4012dd4d5645abbb7cad0a28d6e1e27db2b libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els9_amd64.deb 70e360793205510532adbfa844a4513d4474d998 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb 25653a32bf7f6b7407f79da2afbaea2c5b09dfc7 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els9_all.deb cc25756b2af1122a4be5d1ffbedca7594525f07a CLSA-2023:1696351801 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service - debian/patches/CVE-2022-48571.patch: fix the crash when receiving multi-packet uploads in UDP - CVE-2022-48571 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service - debian/patches/CVE-2022-48571.patch: fix the crash when receiving multi-packet uploads in UDP - CVE-2022-48571

0 tuxcare-ubuntu16.04-els memcached_1.4.25-2ubuntu1.5+tuxcare.els1_amd64.deb bbcd5286bcae203b3315afeb41cd23768a555c61 CLSA-2023:1696537325 TuxCare License Agreement 0 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25009.patch: add additional check to avoid read over the header - CVE-2018-25009 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25010.patch: limit the filter size to not exceed the image dimensions - CVE-2018-25010 * SECURITY UPDATE: fail on multiple image chunks - debian/patches/CVE-2018-25011.patch: only 1 image chunk allowed - CVE-2018-25011 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25013_4.patch: wait for all threads to be done in DecodeRemaining. - CVE-2018-25013 - CVE-2018-25014 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2020-36328.patch: fix invalid check for buffer size - CVE-2020-36328 * SECURITY UPDATE: a use-after-free was found due to a thread being killed too early - debian/patches/CVE-2020-36329.patch: fix for thread race heap-use-after-free - CVE-2020-36329 * SECURITY UPDATE: an out-of-bounds read - debian/patches/CVE-2020-36330.patch: fix riff size checks - CVE-2020-36330 * SECURITY UPDATE: an out-of-bounds read - debian/patches/CVE-2020-36331.patch: validate chunk_size - CVE-2020-36331 * SECURITY UPDATE: a use after free/double free - debian/patches/CVE-2023-1999.patch: clear result->bw on error - CVE-2023-1999 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25009.patch: add additional check to avoid read over the header - CVE-2018-25009 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25010.patch: limit the filter size to not exceed the image dimensions - CVE-2018-25010 * SECURITY UPDATE: fail on multiple image chunks - debian/patches/CVE-2018-25011.patch: only 1 image chunk allowed - CVE-2018-25011 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25013_4.patch: wait for all threads to be done in DecodeRemaining. - CVE-2018-25013 - CVE-2018-25014 * SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2020-36328.patch: fix invalid check for buffer size - CVE-2020-36328 * SECURITY UPDATE: a use-after-free was found due to a thread being killed too early - debian/patches/CVE-2020-36329.patch: fix for thread race heap-use-after-free - CVE-2020-36329 * SECURITY UPDATE: an out-of-bounds read - debian/patches/CVE-2020-36330.patch: fix riff size checks - CVE-2020-36330 * SECURITY UPDATE: an out-of-bounds read - debian/patches/CVE-2020-36331.patch: validate chunk_size - CVE-2020-36331 * SECURITY UPDATE: a use after free/double free - debian/patches/CVE-2023-1999.patch: clear result->bw on error - CVE-2023-1999

0 tuxcare-ubuntu16.04-els libwebp-dev_0.4.4-1+tuxcare.els1_amd64.deb f11e54351a91196aa7cfe63c185ce270b334899f libwebp5_0.4.4-1+tuxcare.els1_amd64.deb ebd1bac6bda9ad60f4d42820cf1baedb0adc1536 libwebpdemux1_0.4.4-1+tuxcare.els1_amd64.deb b25b7b5e863eb32b51ce666c4e9b2fa810f86cd5 libwebpmux1_0.4.4-1+tuxcare.els1_amd64.deb 4b479d1a23c33e47c185597ee5377c9972967d41 webp_0.4.4-1+tuxcare.els1_amd64.deb 1e93c4bff575fac0c003835524eba626c5895325 CLSA-2023:1696537500 TuxCare License Agreement 0 * SECURITY UPDATE: use-after-free in heapq - debian/patches/CVE-2022-48560.patch: Fix posible crash in heapq with custom comparison operators - CVE-2022-48560 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use-after-free in heapq - debian/patches/CVE-2022-48560.patch: Fix posible crash in heapq with custom comparison operators - CVE-2022-48560

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_all.deb ce3b87751a1a93169dfae81f10d002ec6190a8ca libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb 3230beefab7332222ef5a8756a51b9a9811fa1d7 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb ad641a7faaeb43f6ed31f8c9e4ce05725cc27e91 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb 882012101c49ec776ce5a204ad89a7646c958874 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb 52b6fe1c43e17e16a355c2517d48b93b4234550d libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_all.deb e15a4f7e37d2b6136d50cf5b87970ff3d2bec573 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb dd00a35d1b9df9c819bcbf0ff81a147b807b7875 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb a1790a5f127234fced8ff35e6d6947926ecb163d python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_all.deb a665eaae0731be612bf67e595eb6f84cf26ea670 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_all.deb d665d54b3a80ae5773b8354e418294d58cc9cff7 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb 945b783a51ba00b5ba36e758bf09429d8a693977 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els11_amd64.deb ed648b7370addd988becaeeacceea299124cc667 CLSA-2023:1697134400 TuxCare License Agreement 0 * SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341

0 tuxcare-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb d893227355e20b9faa023bac82a75b099a9551d5 bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_all.deb 609b329a38b7ca0cfce11164a586ebea6939dc9b bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 1e3b6d43a160ae19482e5b7ee464581e2fee9a94 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 9d6446b127c31b60265e499a58c997d3e80d4c18 dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb f392b83df4c31b4b61e0f7e9f01be09625c0834e host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_all.deb b6f6aaf4c52b3d7708032aa03c69367229f21042 libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 2ec6e7d85f71a9185d654261dfeecb17f77cd2b6 libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 4e0dae906c9fb91dafadf4f818cce7727bc3d77e libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 9f6d7ac0abcf1fb86512c3c2bd418ee06cedbe82 libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 664c5b2b36c1fdbd763759d87001f396518099dc libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 58466f0da8ce8d5ab7e2b6a2fb5f9fa7ad654905 libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 738c98d3b4d9a32e19e27f55bd1169d37aa06f2d libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 6a80aba7ac25265e0d88394a95a1f8d09c3aca04 libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb d29af2a3b277121e7047feff680d6760cb084338 libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb c3beb92dcb3cf4739c21563557d2af400963c76a libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb ef69d0a070992cb34164c74ca4469773831ef755 libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb f595d298c892123bea1353d41ce383805897b6e5 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 620c96b1963f7edf55fbdd38fa4f5ec8450ce42b libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 7065bfe456758a4f5fc7b594c5137ccc2960b843 liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 9dc476e35d92bb309c1b4c4e784686a035d6ed12 lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els6_amd64.deb 8b58afc87bed84e4b7e9a1a53ae163ab11a1a6ec CLSA-2023:1697463486 TuxCare License Agreement 0 * SECURITY UPDATE: сookie injection with none file - debian/patches/CVE-2023-38546.patch: remove unnecessary struct fields in lib/cookie.c - CVE-2023-38546 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: сookie injection with none file - debian/patches/CVE-2023-38546.patch: remove unnecessary struct fields in lib/cookie.c - CVE-2023-38546

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb 30032cdd84b956a39416bd03e192465f837f3e2d libcurl3_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb 1fa1ea6b0ed6b0190610f6e4aa273672c097253e libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb b7fb726f58fba75c66f5d3b98bdb7f2d70e9b7ce libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb fbff9f0c00fbfee767fcc7b6cddb6c473ca407c4 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els10_all.deb 74af4169ded7e1c72b2f255804bb7b00cc22fdc5 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb d47fe407f3db88c77a23aca2fdf6ba80eb78e7b8 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb 88ff955c274db4f5af72d35f37d99a62194feda5 libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els10_amd64.deb 2e4161ff002c06914a7544e928b75eba2cae9d86 CLSA-2023:1697463600 TuxCare License Agreement 0 * SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2023-42114.patch: fix possible OOB read in SPA authenticator - CVE-2023-42114 - debian/patches/CVE-2023-42116.patch: fix possible OOB write in SPA authenticator - CVE-2023-42116 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2023-42114.patch: fix possible OOB read in SPA authenticator - CVE-2023-42114 - debian/patches/CVE-2023-42116.patch: fix possible OOB write in SPA authenticator - CVE-2023-42116

0 tuxcare-ubuntu16.04-els exim4_4.86.2-2ubuntu2.6+tuxcare.els4_all.deb eb7f97ab664f82c3bccc54b07b5e9dec76ba8d68 exim4-base_4.86.2-2ubuntu2.6+tuxcare.els4_amd64.deb 29be035f5b40728b0c008adfd4d9416a315ee1e6 exim4-config_4.86.2-2ubuntu2.6+tuxcare.els4_all.deb 83a117a84c4d9f187fa3b0e11177291756722692 exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els4_amd64.deb dd11384cb07870277bbb5fc1ec464ff874d304c3 exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els4_amd64.deb b12f49f508553b805653126ccdb20f8841c74fc6 exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els4_amd64.deb 1a3e3605596d91ece033d938a24f3971d7657c6e eximon4_4.86.2-2ubuntu2.6+tuxcare.els4_amd64.deb 9865a97d2efc706eb03f897a141e1e566f563f32 CLSA-2023:1697463705 TuxCare License Agreement 0 * SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_all.deb 40ececac70b3a3d9911990d601092e91c7f13520 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb 88d4a86a6b476e280f5c42ddc8ddd401432bf40b libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb d639a0257d155fc7a851afc3f6f1a5bf662f906f libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb 39aef0c37574b19909d1af79dc6636d5ce8186c7 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb 5792344b2f719b52589181db9fac46046803b099 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_all.deb 8794c2f16a67bbac5322b5eec63fe6464228bf84 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb 17ea0cf3b97c1847089536ffc8a8159c058adb2c python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb abbb3d677faebed37e786ae45be236601275354a python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_all.deb fa8fcdf0db518524a26692bad1329308d5c2b168 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_all.deb 905853018c1e5489cd93406d8bae4dd972316168 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els9_amd64.deb c5217d988b653e662cd00dc006c788e302f353ac CLSA-2023:1697556743 TuxCare License Agreement 0 * SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_all.deb 3bd2385214486e3bb5d179cb64484fe4a99cf092 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb 6c5a6ba20e15a9ac3cd97b09c55f4f30dc70bd72 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb 23517faf21faecb2328d7cae4dc9c4e8c46d2ab8 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb 9e194b52a92f3c467a16aee7d1aab5e564e942b2 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb f3dc7928e538356e69ae98de2ec23bcd4057ed1f libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_all.deb 32d38bc27c422fa6cf3bea41ea2a58a90e092c92 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb b83a690c8f74d7b7e4d225c8213d6d27d38bb683 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb e168796ff3ec56be01a1cdc3080595a0e860485a python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_all.deb 936060eb2c47a38b3dd93153d9fb013ebfea9f98 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_all.deb 22c01e2f9421c4a302c8acc0e188edcb3829be19 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb 758c85179795de78722bf49d9422c5ebccf8bc8a python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els12_amd64.deb 4ae2af003ec0804957cf2ae880a5b10c35c4342f CLSA-2023:1697575950 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 3ebfa1a13bdabc5fce9dd972fb598a4f4aff6dbb cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb f61646d16bce73f13d7192755c73ddae96ba6552 cups-client_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb f759f7afc60656d322ecdef2d16fc82e6d8b37f9 cups-common_2.1.3-4ubuntu0.11+tuxcare.els4_all.deb 052702717b0be1ae3646bf7fdc4ef28588bca273 cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 6fa46cb03330efbbfc8970cb911786d6ca7c7a4c cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 60d57c02de41ac23d4562b3f76093ff70876e97d cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 7b0528a016b523eba1c282dfef90caa8e57f68ad cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 01567e2a146fcd7b8db3b9e46e6fdfb8ac356b42 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els4_all.deb 715344378ca09b11c8a71177c592a1d588120fe9 libcups2_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 36dbd5fa0ce4c6120381b5f013c185465f1ca71f libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb a0a073b8fdee3c7a5e6b7dd4cfe92fd8fc27d578 libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb c0d62c5ff7670e6eed024f3546e8a502cb5d05c1 libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb d01a52e786ab3ac855fc894c9f91bfb4d24dc4f8 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 231350af5c1556f4966ddefbad76e87067a59ea3 libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 152005e48d9002884d0198344d659d8f7e80e50a libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 51bf2fd240f91d05e359d54a8ae5aad9c46ab21a libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb cd2ed5f0fafe2c3034521a439af8501779f430ac libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb 7794c38a6d58f56fdc83985858304675f7db5441 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els4_amd64.deb fb84278884d0a8097aad65c9fccd3bf07d847cfc CLSA-2023:1697741722 TuxCare License Agreement 0 * SECURITY UPDATE: GVariant security issues - debian/patches/CVE-2023-29499-x-CVE-2023-32665/*.patch: fix multiple GVariant serialization issues - CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 * debian/patches/fix-g_test_bug-assertion.patch: Fix g_test_bug assertion in gvariant test * debian/patches/libglib2.0-0.symbols: Add new symbols Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: GVariant security issues - debian/patches/CVE-2023-29499-x-CVE-2023-32665/*.patch: fix multiple GVariant serialization issues - CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 * debian/patches/fix-g_test_bug-assertion.patch: Fix g_test_bug assertion in gvariant test * debian/patches/libglib2.0-0.symbols: Add new symbols

0 tuxcare-ubuntu16.04-els libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els2_amd64.deb db0643297ee987cdef3a0eb4892f6e3d2bb6ece1 libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els2_amd64.deb 3160388c3b679a6445a64f38d534f3aa79eadf51 libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els2_amd64.deb d5b9bf41382b09d9636fbb0f171c6ad07eafe1dc libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els2_all.deb 380973cd99e649421ddb34018f25f1ce61e72f6d libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els2_amd64.deb 37fb32767b4183852cd73dddf5ed41459ba748f6 libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els2_all.deb b6a1d03b2f838b513cf93b582a899673115a9903 libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els2_amd64.deb 9dcc09fcb7eccd3eeba04837b48c742a13d6a79c CLSA-2023:1697742241 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487

0 tuxcare-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_all.deb 4631fe85f7b9239c8c232e467f414e8ce3ef4791 nginx-common_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_all.deb 3fb161a9385bf950e6f225dc4b02e7b6d9293952 nginx-core_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_amd64.deb c583d64261113d842fbc689d8c090ec98cacd184 nginx-doc_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_all.deb 84b4d6cafb8becccdb832e19cad897c4f9f4317c nginx-extras_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_amd64.deb 39f0f970a349c11ac5a7de3b5b841635827764a9 nginx-full_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_amd64.deb a3e8a68946f7bf50205ff86bec37a2877451e4c9 nginx-light_1.10.3-0ubuntu0.16.04.8+tuxcare.els4_amd64.deb 1d1019487fbb48084ea841a0036ede2f04e5c3a2 CLSA-2023:1697744372 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb 25f14986602f5989e3036b802f9ec72ffc4fcbfe linux-buildinfo-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 80885b1e65c951fd2ff2a080d39784f79570d60c linux-cloud-tools-4.4.0-247-tuxcare.els18_4.4.0-247.281_amd64.deb d7c4c6f9f5c90c63599d0812234fc36b578df0c9 linux-cloud-tools-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb 0d48af8bd189fe3ca832fba8b4d8d0d4ef81037b linux-cloud-tools-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb ffdf577d59d3ddd823a4b81645d3cab238ed8fe2 linux-cloud-tools-common_4.4.0-247.281_all.deb 157785f76559ebcdde560e2f23c17a84f6c60c87 linux-cloud-tools-generic_4.4.0.247.281_amd64.deb f54d5a0a6170aadea3f994bb1fd71c5704c50d6a linux-cloud-tools-lowlatency_4.4.0.247.281_amd64.deb 1b0494aa9f2a07cffee34de9c6299c259ccc93d4 linux-crashdump_4.4.0.247.281_amd64.deb 830885d8f0015006bd88624e4112d473cb2fa9b4 linux-doc_4.4.0-247.281_all.deb c7100fd4d14c50ec2b06a9674d55de0c68e9460a linux-generic_4.4.0.247.281_amd64.deb ae9c488b258aca1a82c5dbf8565d2b1644f88e3b linux-headers-4.4.0-247-tuxcare.els18_4.4.0-247.281_all.deb 6f234ade0bc326795b8e92f7d441129ac987b609 linux-headers-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb b3c8ca506e5f1f7b3305d2f5233c4f76cd09adc4 linux-headers-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb ed9cf3d6d59094e7dfd5e851ce840135d659cdd5 linux-headers-generic_4.4.0.247.281_amd64.deb a6c3887356bf8d8200861837d70e078f8b27cc9e linux-headers-lowlatency_4.4.0.247.281_amd64.deb 810b123ceede3c77d021459873b77f476e3860c6 linux-image-generic_4.4.0.247.281_amd64.deb 0004c826d821496a02ad290f080d6d3b8222f83f linux-image-lowlatency_4.4.0.247.281_amd64.deb 7b504ca47d1da66d65a7ddbaefc88a275b42fa52 linux-image-unsigned-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb c267c71014db8bd8a4bc7a0a31f7eb0c1bdd6611 linux-image-unsigned-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 37a4789aef4130cea9c2aa6bd1ca104d145bc581 linux-libc-dev_4.4.0-247.281_amd64.deb abb68a482b679bb61c997bcb887202613a07449e linux-lowlatency_4.4.0.247.281_amd64.deb 073dc2768f52ff6137fc3be47cf4921e14e175c1 linux-modules-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb 9e3c2f28d317890f0109f216c67e7de6157ac720 linux-modules-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 208ba4bb5b38ceb108d037a330d56a1439bc8da3 linux-modules-extra-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb fb7d04a2250fcad3c82cdb672e6d90d6fbb776c0 linux-source_4.4.0.247.281_all.deb 41e9bae7af2d56f5d1630e3c80b8f87d8ea59605 linux-source-4.4.0_4.4.0-247.281_all.deb b5db4010afded4526b603212b62f5ed8bf95f64b linux-tools-4.4.0-247-tuxcare.els18_4.4.0-247.281_amd64.deb 9826c3e0ff85883ac057d00e03300291fe541ea6 linux-tools-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb ed8831fd9fd620eadd54595a00b7af8bd1c92f5c linux-tools-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 3bfa466f788366defae82613e01e0a40c6dc5f91 linux-tools-common_4.4.0-247.281_all.deb 6d5c6edf1c95431f87d7a673c925fc4eb763757b linux-tools-generic_4.4.0.247.281_amd64.deb 1a9854ad33f5ec5f00f025a3384526aee542f730 linux-tools-host_4.4.0-247.281_all.deb 685d5497d41a4e1afaa0615454e6f9f4a45a8a9b linux-tools-lowlatency_4.4.0.247.281_amd64.deb 8aceb5fb42a162167c61ca40d198073f381003b5 CLSA-2023:1697744503 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb 25f14986602f5989e3036b802f9ec72ffc4fcbfe linux-buildinfo-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 80885b1e65c951fd2ff2a080d39784f79570d60c linux-cloud-tools-4.4.0-247-tuxcare.els18_4.4.0-247.281_amd64.deb d7c4c6f9f5c90c63599d0812234fc36b578df0c9 linux-cloud-tools-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb 0d48af8bd189fe3ca832fba8b4d8d0d4ef81037b linux-cloud-tools-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb ffdf577d59d3ddd823a4b81645d3cab238ed8fe2 linux-cloud-tools-common_4.4.0-247.281_all.deb 157785f76559ebcdde560e2f23c17a84f6c60c87 linux-cloud-tools-generic_4.4.0.247.281_amd64.deb f54d5a0a6170aadea3f994bb1fd71c5704c50d6a linux-cloud-tools-lowlatency_4.4.0.247.281_amd64.deb 1b0494aa9f2a07cffee34de9c6299c259ccc93d4 linux-crashdump_4.4.0.247.281_amd64.deb 830885d8f0015006bd88624e4112d473cb2fa9b4 linux-doc_4.4.0-247.281_all.deb c7100fd4d14c50ec2b06a9674d55de0c68e9460a linux-generic_4.4.0.247.281_amd64.deb ae9c488b258aca1a82c5dbf8565d2b1644f88e3b linux-headers-4.4.0-247-tuxcare.els18_4.4.0-247.281_all.deb 6f234ade0bc326795b8e92f7d441129ac987b609 linux-headers-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb b3c8ca506e5f1f7b3305d2f5233c4f76cd09adc4 linux-headers-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb ed9cf3d6d59094e7dfd5e851ce840135d659cdd5 linux-headers-generic_4.4.0.247.281_amd64.deb a6c3887356bf8d8200861837d70e078f8b27cc9e linux-headers-lowlatency_4.4.0.247.281_amd64.deb 810b123ceede3c77d021459873b77f476e3860c6 linux-image-generic_4.4.0.247.281_amd64.deb 0004c826d821496a02ad290f080d6d3b8222f83f linux-image-lowlatency_4.4.0.247.281_amd64.deb 7b504ca47d1da66d65a7ddbaefc88a275b42fa52 linux-image-unsigned-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb c267c71014db8bd8a4bc7a0a31f7eb0c1bdd6611 linux-image-unsigned-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 37a4789aef4130cea9c2aa6bd1ca104d145bc581 linux-libc-dev_4.4.0-247.281_amd64.deb abb68a482b679bb61c997bcb887202613a07449e linux-lowlatency_4.4.0.247.281_amd64.deb 073dc2768f52ff6137fc3be47cf4921e14e175c1 linux-modules-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb 9e3c2f28d317890f0109f216c67e7de6157ac720 linux-modules-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 208ba4bb5b38ceb108d037a330d56a1439bc8da3 linux-modules-extra-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb fb7d04a2250fcad3c82cdb672e6d90d6fbb776c0 linux-source_4.4.0.247.281_all.deb 41e9bae7af2d56f5d1630e3c80b8f87d8ea59605 linux-source-4.4.0_4.4.0-247.281_all.deb b5db4010afded4526b603212b62f5ed8bf95f64b linux-tools-4.4.0-247-tuxcare.els18_4.4.0-247.281_amd64.deb 9826c3e0ff85883ac057d00e03300291fe541ea6 linux-tools-4.4.0-247-tuxcare.els18-generic_4.4.0-247.281_amd64.deb ed8831fd9fd620eadd54595a00b7af8bd1c92f5c linux-tools-4.4.0-247-tuxcare.els18-lowlatency_4.4.0-247.281_amd64.deb 3bfa466f788366defae82613e01e0a40c6dc5f91 linux-tools-common_4.4.0-247.281_all.deb 6d5c6edf1c95431f87d7a673c925fc4eb763757b linux-tools-generic_4.4.0.247.281_amd64.deb 1a9854ad33f5ec5f00f025a3384526aee542f730 linux-tools-host_4.4.0-247.281_all.deb 685d5497d41a4e1afaa0615454e6f9f4a45a8a9b linux-tools-lowlatency_4.4.0.247.281_amd64.deb 8aceb5fb42a162167c61ca40d198073f381003b5 CLSA-2023:1697816288 TuxCare License Agreement 0 * SECURITY UPDATE: bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation - debian/patches/CVE-2023-41360.patch: don't read the first byte of ORF header if we are ahead of stream. - CVE-2023-41360 * SECURITY UPDATE: bgpd/bgp_packet.c processes NLRIs if the attribute length is zero - debian/patches/CVE-2023-41358.patch: do not process NLRIs if the attribute length is zero - CVE-2023-41358 * Fix documentation pdf generation Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation - debian/patches/CVE-2023-41360.patch: don't read the first byte of ORF header if we are ahead of stream. - CVE-2023-41360 * SECURITY UPDATE: bgpd/bgp_packet.c processes NLRIs if the attribute length is zero - debian/patches/CVE-2023-41358.patch: do not process NLRIs if the attribute length is zero - CVE-2023-41358 * Fix documentation pdf generation

0 tuxcare-ubuntu16.04-els quagga_0.99.24.1-2ubuntu1.4+tuxcare.els1_amd64.deb 9287815f0e881d76b5d09bddb808fd2132e846b7 quagga-doc_0.99.24.1-2ubuntu1.4+tuxcare.els1_all.deb 04a0430cee158f57ccdb121f9dd1a926d3f48e03 CLSA-2023:1698179598 TuxCare License Agreement 0 * SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip4_64 - CVE-2023-45853 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip4_64 - CVE-2023-45853

0 tuxcare-ubuntu16.04-els lib32z1_1.2.8.dfsg-2ubuntu4.3+tuxcare.els3_amd64.deb ee50ec78f0ad8b5c90b5628ce544dff097ee3b45 lib32z1-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els3_amd64.deb 9bebd9e79889b1604fcb09813c3f36120480d389 libx32z1_1.2.8.dfsg-2ubuntu4.3+tuxcare.els3_amd64.deb e7b43ee3805878fb006f985f3d3507d3b21d144b libx32z1-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els3_amd64.deb b01eb6863ebdae863ff9a62ed8c92947900dde80 zlib1g_1.2.8.dfsg-2ubuntu4.3+tuxcare.els3_amd64.deb 45ee38af2ddb2fc51aa34b407077ca8aecbf5d41 zlib1g-dev_1.2.8.dfsg-2ubuntu4.3+tuxcare.els3_amd64.deb 2fee51a6865027672bfdad1b10ef5cc1ca27ce94 CLSA-2023:1698247974 TuxCare License Agreement 0 * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 4151699db5db5101adc38b5831da988d72fffea3 linux-buildinfo-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb 0dac6feaedb0f13f42f90542c30af9eeba572794 linux-cloud-tools-4.4.0-248-tuxcare.els19_4.4.0-248.282_amd64.deb 0482274df281b5f7b13bd3e85f2995228ebc592f linux-cloud-tools-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 902fb47bf3a28876f67c85f4988e4d7a00c713c0 linux-cloud-tools-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb 059a864e2ee050d13ab2eee0f1bda5d8e150d6f4 linux-cloud-tools-common_4.4.0-248.282_all.deb cb54cd602e99d60135d30158297ac25e654f6ff8 linux-cloud-tools-generic_4.4.0.248.282_amd64.deb 4d31dac9ce16c92ef6995570fc6b5878d23e3e75 linux-cloud-tools-lowlatency_4.4.0.248.282_amd64.deb 5280a11840f50c785de450bead3468b463d638a0 linux-crashdump_4.4.0.248.282_amd64.deb c5fc5f83e1678411b976fd7a07205a7a737a1faa linux-doc_4.4.0-248.282_all.deb 2eab2a90f9e3f0cefb68111135fba39ca1a16a1f linux-generic_4.4.0.248.282_amd64.deb 423fca5e59116da0ffc9b3c0b353784df09a7777 linux-headers-4.4.0-248-tuxcare.els19_4.4.0-248.282_all.deb a9c1c10bce509258bff6c255f2ff97a7558b3066 linux-headers-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 71db3ba14c7a8e078f5ff1decd3da45a93a97ae8 linux-headers-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb e6c9938ca7cefc80d7a957ff2968de446b8ac513 linux-headers-generic_4.4.0.248.282_amd64.deb d25271a569eba709b97a020406ea50e516b62d26 linux-headers-lowlatency_4.4.0.248.282_amd64.deb fab09ef2f505351dfcf53299615bf91ed4674019 linux-image-generic_4.4.0.248.282_amd64.deb 4b72adf2f5076f087e8c214f620059e2d90c36f1 linux-image-lowlatency_4.4.0.248.282_amd64.deb b0a55e6fbb8766bed4c2d1264a7b7f78ed752027 linux-image-unsigned-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 4ae1be2d76cb73ecb719fce9fedca58519aef9c7 linux-image-unsigned-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb b05c093ce5e4c2c0af585ada2e4d255f5f669b6e linux-libc-dev_4.4.0-248.282_amd64.deb a3a9c5fd2a292930647517acd4e8ec565f984625 linux-lowlatency_4.4.0.248.282_amd64.deb 09601a1c31acc0845a5369b2b1bc109984ed385a linux-modules-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 9e35ed7e1050121694f9c710f10f2c5b97c99cbc linux-modules-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb da1489ffc740bd37e865bb2776d1bc96f029ceec linux-modules-extra-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb e4aa2d57039b8598de711a654ec7821d1c818653 linux-source_4.4.0.248.282_all.deb 08bacd7cc1f5fb4f4a5bf393533cb822a4e38f12 linux-source-4.4.0_4.4.0-248.282_all.deb 667158010b44bd5fbd52dc42fba53bc7a6878c7d linux-tools-4.4.0-248-tuxcare.els19_4.4.0-248.282_amd64.deb f3e0acf7b48f50c5daf7d6c3fbca662a707328cb linux-tools-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb df47123dea07126246dbe7fc8416eae15cac4d53 linux-tools-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb 169dcea5801948116d441923d70b2ab2f7e10f0d linux-tools-common_4.4.0-248.282_all.deb fb89a0718500f35046502484129bae44f86f22ca linux-tools-generic_4.4.0.248.282_amd64.deb 4ca212b5e62b953d49c24a9ece74769522c27837 linux-tools-host_4.4.0-248.282_all.deb b32435cf37790c7b63bcbcd8dac3b12de0fbdce3 linux-tools-lowlatency_4.4.0.248.282_amd64.deb 43832741548d7124864fa5ffa8eeaf12ee6b0fa2 CLSA-2023:1698248409 TuxCare License Agreement 0 * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 4151699db5db5101adc38b5831da988d72fffea3 linux-buildinfo-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb 0dac6feaedb0f13f42f90542c30af9eeba572794 linux-cloud-tools-4.4.0-248-tuxcare.els19_4.4.0-248.282_amd64.deb 0482274df281b5f7b13bd3e85f2995228ebc592f linux-cloud-tools-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 902fb47bf3a28876f67c85f4988e4d7a00c713c0 linux-cloud-tools-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb 059a864e2ee050d13ab2eee0f1bda5d8e150d6f4 linux-cloud-tools-common_4.4.0-248.282_all.deb cb54cd602e99d60135d30158297ac25e654f6ff8 linux-cloud-tools-generic_4.4.0.248.282_amd64.deb 4d31dac9ce16c92ef6995570fc6b5878d23e3e75 linux-cloud-tools-lowlatency_4.4.0.248.282_amd64.deb 5280a11840f50c785de450bead3468b463d638a0 linux-crashdump_4.4.0.248.282_amd64.deb c5fc5f83e1678411b976fd7a07205a7a737a1faa linux-doc_4.4.0-248.282_all.deb 2eab2a90f9e3f0cefb68111135fba39ca1a16a1f linux-generic_4.4.0.248.282_amd64.deb 423fca5e59116da0ffc9b3c0b353784df09a7777 linux-headers-4.4.0-248-tuxcare.els19_4.4.0-248.282_all.deb a9c1c10bce509258bff6c255f2ff97a7558b3066 linux-headers-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 71db3ba14c7a8e078f5ff1decd3da45a93a97ae8 linux-headers-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb e6c9938ca7cefc80d7a957ff2968de446b8ac513 linux-headers-generic_4.4.0.248.282_amd64.deb d25271a569eba709b97a020406ea50e516b62d26 linux-headers-lowlatency_4.4.0.248.282_amd64.deb fab09ef2f505351dfcf53299615bf91ed4674019 linux-image-generic_4.4.0.248.282_amd64.deb 4b72adf2f5076f087e8c214f620059e2d90c36f1 linux-image-lowlatency_4.4.0.248.282_amd64.deb b0a55e6fbb8766bed4c2d1264a7b7f78ed752027 linux-image-unsigned-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 4ae1be2d76cb73ecb719fce9fedca58519aef9c7 linux-image-unsigned-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb b05c093ce5e4c2c0af585ada2e4d255f5f669b6e linux-libc-dev_4.4.0-248.282_amd64.deb a3a9c5fd2a292930647517acd4e8ec565f984625 linux-lowlatency_4.4.0.248.282_amd64.deb 09601a1c31acc0845a5369b2b1bc109984ed385a linux-modules-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb 9e35ed7e1050121694f9c710f10f2c5b97c99cbc linux-modules-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb da1489ffc740bd37e865bb2776d1bc96f029ceec linux-modules-extra-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb e4aa2d57039b8598de711a654ec7821d1c818653 linux-source_4.4.0.248.282_all.deb 08bacd7cc1f5fb4f4a5bf393533cb822a4e38f12 linux-source-4.4.0_4.4.0-248.282_all.deb 667158010b44bd5fbd52dc42fba53bc7a6878c7d linux-tools-4.4.0-248-tuxcare.els19_4.4.0-248.282_amd64.deb f3e0acf7b48f50c5daf7d6c3fbca662a707328cb linux-tools-4.4.0-248-tuxcare.els19-generic_4.4.0-248.282_amd64.deb df47123dea07126246dbe7fc8416eae15cac4d53 linux-tools-4.4.0-248-tuxcare.els19-lowlatency_4.4.0-248.282_amd64.deb 169dcea5801948116d441923d70b2ab2f7e10f0d linux-tools-common_4.4.0-248.282_all.deb fb89a0718500f35046502484129bae44f86f22ca linux-tools-generic_4.4.0.248.282_amd64.deb 4ca212b5e62b953d49c24a9ece74769522c27837 linux-tools-host_4.4.0-248.282_all.deb b32435cf37790c7b63bcbcd8dac3b12de0fbdce3 linux-tools-lowlatency_4.4.0.248.282_amd64.deb 43832741548d7124864fa5ffa8eeaf12ee6b0fa2 CLSA-2023:1698312412 TuxCare License Agreement 0 * SECURITY UPDATE: Assign a serial number for messages from the driver - debian/patches/CVE-2023-34969.patch: Fix assertion failure when a monitor is active and a message from the driver cannot be delivered. - CVE-2020-34969 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Assign a serial number for messages from the driver - debian/patches/CVE-2023-34969.patch: Fix assertion failure when a monitor is active and a message from the driver cannot be delivered. - CVE-2020-34969

0 tuxcare-ubuntu16.04-els dbus_1.10.6-1ubuntu3.6+tuxcare.els2_amd64.deb eb4353b3988cce829d76a2a5d892dfb8938507a0 dbus-1-doc_1.10.6-1ubuntu3.6+tuxcare.els2_all.deb a1e4b065f4a7fda1624f2045c399344e6986fb3f dbus-tests_1.10.6-1ubuntu3.6+tuxcare.els2_amd64.deb 058b9c564f16d55579e4b9b32bbe1cc81356bacd dbus-user-session_1.10.6-1ubuntu3.6+tuxcare.els2_all.deb a67afd4c3b5009746b48409c725d2914bbe12670 dbus-x11_1.10.6-1ubuntu3.6+tuxcare.els2_amd64.deb d72ef7d860ec9b22aaacc0e973e534333fa05063 libdbus-1-3_1.10.6-1ubuntu3.6+tuxcare.els2_amd64.deb bc579e88c0e2d533a5bcf0abd6510a6ba621fa49 libdbus-1-dev_1.10.6-1ubuntu3.6+tuxcare.els2_amd64.deb 161f9984158e6389fecf5c8a0803a310a71f8bd9 CLSA-2023:1698312539 TuxCare License Agreement 0 * SECURITY UPDATE: a fix of buffer-overflow in trunc_string() - debian/patches/CVE-2023-5344.patch - CVE-2023-5344 * SECURITY UPDATE: segfault in exmode - debian/patches/CVE-2023-5441.patch - CVE-2023-5441 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a fix of buffer-overflow in trunc_string() - debian/patches/CVE-2023-5344.patch - CVE-2023-5344 * SECURITY UPDATE: segfault in exmode - debian/patches/CVE-2023-5441.patch - CVE-2023-5441

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 07939585ed958014c41bb77839bc7a4f82430e14 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 114d4870a2f79bb76b0f11fffc088db753c68686 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 221aefcb1911a9d5c35a4fbd385357c54232e640 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 86dac3ed786fdc7d32114c4e6b51ef49aa469ce1 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els47_all.deb 90477f69df80515fcbcf5d32b424b1d148495c8a vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb f174d8afcdf13e40ec2a0ca5f18d677c22e53a75 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 410eb2797f45c893a9fdb31c3cbb9ca32bbb69eb vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 7d6a0eeef0bb9b02ebef79c8200ff6a61637645d vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb e71b690b37a1229a2794e77e82e857556ff37e88 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb fffa9cc98740f38cbf7bf1aab0d38055491f470e vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 46c55584636d238749f19b3ecc0348c042b0811c vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els47_all.deb e13d4fa7da96d79fb023c72aa789d3b82d6f7af2 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb 119d5c18885eae06c3dda84bda61bf7869800569 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb dae07a08630a8103d6af9ab267bbb4d74ca2e7f5 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els47_all.deb 16556a5df31a18232de169eeddc59543d097dfa7 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els47_amd64.deb c2059a76f4cab590a468738ecdba2795ce8c878c CLSA-2023:1698949348 TuxCare License Agreement 0 * SECURITY UPDATE: mod_macro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in mod_macro - CVE-2023-31122 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_macro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in mod_macro - CVE-2023-31122

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els12_amd64.deb 09fd6c36cbdc8f772252005bb78e5c355f89e569 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els12_amd64.deb bec02c52ada72aa9b95dbee5d267046ec2ed5a80 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els12_all.deb 16cdc70433f87f69aa26f458425874b2133f007a apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els12_amd64.deb 769d75eac1b52d670b19444eaf09d2c9b2ea3ffa apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els12_all.deb 021a69e3d9c1551ba18b249e5e2981d09109e41d apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els12_amd64.deb 4493e43139c5b70a5bb092e41d50bd2f944359d9 apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els12_amd64.deb 93a9b0fe56edf5f4a2518a6d57b9b29ee85b13b5 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els12_amd64.deb d360d6b10295f04e9a7b531b28419a5d144539c1 CLSA-2023:1699380175 TuxCare License Agreement 0 * SECURITY UPDATE: memory leak in stab_demangle_v3_arg - debian/patches/CVE-2022-47007.patch: free dt on failure path - CVE-2022-47007 * SECURITY UPDATE: memory leak in make_tempdir - debian/patches/CVE-2022-47008.patch: free template on all failure paths - CVE-2022-47008 * SECURITY UPDATE: memory leak in pr_function_type - debian/patches/CVE-2022-47010.patch: free "s" on failure path - CVE-2022-47010 * SECURITY UPDATE: memory leak in parse_stab_struct_fields - debian/patches/CVE-2022-47011.patch: free "fields" on failure path - CVE-2022-47011 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory leak in stab_demangle_v3_arg - debian/patches/CVE-2022-47007.patch: free dt on failure path - CVE-2022-47007 * SECURITY UPDATE: memory leak in make_tempdir - debian/patches/CVE-2022-47008.patch: free template on all failure paths - CVE-2022-47008 * SECURITY UPDATE: memory leak in pr_function_type - debian/patches/CVE-2022-47010.patch: free "s" on failure path - CVE-2022-47010 * SECURITY UPDATE: memory leak in parse_stab_struct_fields - debian/patches/CVE-2022-47011.patch: free "fields" on failure path - CVE-2022-47011

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 98e54e1a4c0e6080e19c8696b7099e444a513002 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 47344e4d0d20686989185cc02dbffa866ff2ba76 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 6e6ce6a5e5aada8bc92f2d5796d74bfe87c93cce binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb ce3aa1bb91be0427486a1b93ac24b535fe00a8b3 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 9e0096b4a879d0ed83d74c2f934f175b340f7604 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 53b173c3bedfef71299fa7601f0ba98e9ff23314 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_all.deb cdc5bf4d61f2afa14dd3b7e23e8abf5a340538be binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 6572e5c4e7a5b0cc921d2ef2adc4f2523c8dbf7b binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 3c1da6c4161ea3317165c2820d6c9d1a53a5e182 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 273ac5bfe79d10006df1ad7e763524696c891864 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb cba84bde3d5827e12e23923a58db40e7d8cf04b3 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 7ebddb443ac5545bfa0f01918e9f8613f5883f38 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb af7623a8418a0a4b53b9da7e8f13d67e7fb4c8e6 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 4a61a2e132f1e40c8b13a88d07f1d1a2a9f7f8d3 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 9426ba2abe3d753deb7c2d03731b090c4f2b3d64 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb f27f21d43e4eb3811a84818bdc46be71d05fb27a binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb ad04bdd432f03f12b0b7b36a330110d3d1b2b9a6 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 6f1173db932ca7c99b515ce3b1126bcdd9788143 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb d52d30f694a804ae51434c8c2e6d149088d713b0 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 7a546a317e7f824f82c55dae02d7356d3575b0ba binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb 3a90b73c814bb7110e267088b2188f8ebfcb5f35 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb f29291ebceb09d5fc84d1aac083cc4dd721cd813 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_all.deb a39ae0173758e7249ce276018bb58e02e9f0198d binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els12_amd64.deb acc802dcb2ab0ebbae5464b862bd05ddf9aa2d77 CLSA-2023:1699380309 TuxCare License Agreement 0 * SECURITY UPDATE: fix an attempt to allocate an unreasonably large amount of memory when parsing a corrupt ELF file - debian/patches/CVE-2022-48063.patch: Check for excessively large sections - CVE-2022-48063 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix an attempt to allocate an unreasonably large amount of memory when parsing a corrupt ELF file - debian/patches/CVE-2022-48063.patch: Check for excessively large sections - CVE-2022-48063

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb aee5df1bd45b32944f486edb18f02c7bbb008d24 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 39bd4cbb1054b0b3921dd376a716d1e5e6a52034 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb d0db37c277e1a719a8255557fbc63ed14f0fa7ff binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb ca1d9db74a47586fdcfbf2e760711503e67096b8 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 382a5d4c267ec7f76313f09f200e07f01a1ef195 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 1fb83d680f751c73c48b6f17f102a23c21fadd9b binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_all.deb 00c874446126e3f31634cddb99768811520a16df binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb d9a56b6a7d695356c46e306398bd75a6fbaf1c3f binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb cf183e08eb00301e350e190173065b6c048f0fb3 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb baac3a4f30ac695685c565158bef3f6f3f9e4f62 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb caa2808783d5c96db6381d62fc5246aabeb00d80 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb c723e02490f75d606d8fa6f993b2fcb5c6d78b20 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 047f64d0ad1e9c0de80d08e4ad3c90cc15aa191e binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb f611b1b8312672cd961f773efa6b6473a1116d94 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 1dc2c0ab7813583d10c4761ecb6f2935b9428321 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 80375dc34bf8c8a560ff391516b3b93a6e75b4ab binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 3faee9b28f08892db33bbf3ec4ecf619ee5151f2 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 462ee6439695bbfd6f51a355942888c5ff30fe54 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 8d9d1d66e14025364b0f41c5cd55903e6816a978 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 23683efd651125ba53f1cae9e792ad784d52e488 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb a4171e949af64382c8753c87acd2671fec3a9e02 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb 3fb1df058422942a3683fb61c3c0f954f05eee4e binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_all.deb f5dca8fda7340b94a7ff9c1bf63e1e0a0379254a binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els11_amd64.deb cff7cd9d922fe387c6c8ef5650bc2015d8a6b70a CLSA-2023:1699467659 TuxCare License Agreement 0 * SECURITY UPDATE: a heap-based overflow - debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to line zero - CVE-2023-0288 * SECURITY UPDATE: an out-of-bounds write - debian/patches/CVE-2023-0054.patch: check the return value of vim_regsub() - CVE-2023-0054 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a heap-based overflow - debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to line zero - CVE-2023-0288 * SECURITY UPDATE: an out-of-bounds write - debian/patches/CVE-2023-0054.patch: check the return value of vim_regsub() - CVE-2023-0054

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb b8b28de14ee81eb56ea14b61280c8719e3b91ce4 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb c6689f24648b8a4ea9e280c3568a66e0f5da7dac vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb f0195128b2611cac6e2c176127743ca51d1263ea vim-common_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 31747dcbc259029bdde8ecbc19f4ea008b9dc6ed vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els48_all.deb f2e6a7ba5e7ea14cfeecebc07e544fbe8715c664 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 0255fcf7259da954757157b8734757c00bf88ea6 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb fb3daebb7f369c859178a559908dec2a9fcad394 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb f6d300a1ade5dfa87fe6d665445b0787585bd31f vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 401df3c989f571097f0157d6281578e483b23306 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb fed291455c5cf8f597d7f1bcbae510c16cbfcd3e vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 09f9468454717eacff55acd9b491120d616931c6 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els48_all.deb 39acf95d3cdac4cd56f81f9f2908b7878580266a vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 5bcf43f6d2d20cce70408526b54af6f3c7d8fdde vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 7b47da947415bc98a59861b97d19c96c3d4e019a vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els48_all.deb 253ee1be9344e8e224224c0280347a2d46809b81 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els48_amd64.deb 8420bdab3d5b6e692850c22b2b4bf1d67eb4a882 CLSA-2023:1699907659 TuxCare License Agreement 0 * SECURITY UPDATE: An unauthenticated user may be able to access recently printed documents. The config file /etc/cups/cupsd.conf should be edited manually in case the cups has been already installed in the system: the <Limit Send-Document> and <Limit CUPS-Get-Document> sections should be changed according to the patch. - debian/patches/CVE-2023-32360.patch: Require authentication for CUPS-Get-Document. - CVE-2023-32360 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: An unauthenticated user may be able to access recently printed documents. The config file /etc/cups/cupsd.conf should be edited manually in case the cups has been already installed in the system: the <Limit Send-Document> and <Limit CUPS-Get-Document> sections should be changed according to the patch. - debian/patches/CVE-2023-32360.patch: Require authentication for CUPS-Get-Document. - CVE-2023-32360

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 47b05fb2872a03f47a717f32ba19be272c680952 cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 2085c62d131823128500858a5eff0d52b1795ba9 cups-client_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 1b720544e6f6adbbe3c218babe6a6396ac70708e cups-common_2.1.3-4ubuntu0.11+tuxcare.els5_all.deb 432a375086de91f77ae8a3fae54e0d6fc585e67d cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 34c5c5bb8d91964fb7cda50eec02fa3a6952aa28 cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb feed38fcb525b3adb3533042c8d1348ec55c9e21 cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb ae103881ca226e417b269907fca229ce95ea923a cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb de81f50eaa01114037089a5cd8d6616940b077c4 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els5_all.deb 4ae1009a844859e34e24c8103472c9f1784acf99 libcups2_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb eeeefc6d23eecad696eae0b5480e331d65e344e0 libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb b281ad7f3e3427213ceab233950c80799db10207 libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 4ba7d0f0f71331e6eedb54af83b1a8660d393083 libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 0779366c99fe02f4ee2a31cf900677b43114a539 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 56dd2bcae6357f3f520352cd7d1ef2f47210c0b9 libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 0deee608f9ff7cda05964d976fb389f438a33e1c libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 8990e51ba0d034bfa375204c094e3d8dd624ae21 libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 156b8004a8a63af004ba167939b3f711e608fe3a libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 6851d85fbc3e72469db3a9b761b9d52188961048 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els5_amd64.deb 5e5a1acd74144625312ebabd3599c24fe399eff4 CLSA-2023:1699907901 TuxCare License Agreement 0 * SECURITY UPDATE: possible weak randomness in nonce value - debian/patches/php-7.0-CVE-2023-3247.patch: Fix missing randomness check for SOAP HTTP Digest Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible weak randomness in nonce value - debian/patches/php-7.0-CVE-2023-3247.patch: Fix missing randomness check for SOAP HTTP Digest

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 7cde36863feb29f9c7a85c47df8ed39c1c346d08 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 44c29ad582df5fb5afa2ac9961f58aa5b95a81da php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_all.deb b4dc992dd7d455bb5f2b1e490ff6c58bd2241d84 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 27d3e407f3bb3ebab198abf9d4b8779c857f11ba php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 4813afd79e034bf10237f73b62f1138230ae1a2b php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 1b3e814374e8afeeb3a71cf7dbfaf6e79dc15dfa php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 25effb30985053d96bbc773e9b1a1986a5b6a480 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 56cdf09a99680df48bdcb396be765d47492982a2 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 1b63dfd9ff146736a39664675f3164fef8107501 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 7a648b65354da236522bf7cbfa935ae1bffb8335 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 96a26c4f145b96ccda98851e09663d4952c02173 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 31ab7d27496c0ddefe8e19d158ec41f72a8bb471 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 65adc3fa1aded50f641e4a478c63e09df445188e php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 723aec7fd8f6681b745770fff9f4686f660a5ea5 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 67dfebcbddb4fa21a7bbdbc6f331cf9ca26da60c php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 9f6a1d65e4508f228f824a758534fbd727d88500 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb eb5eb3d5a29e1bbd77a5915e7d5cb5e95a5d4def php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 49d1860bead4755981acb3ae6642a3383acd3aef php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 3c4615a67b60fc77511ebbb611705354437c5f78 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 769f59b48f142868c3658e08e622d79b3136accd php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 9d223b0d9dbb50f72c69738979d8614496140c2f php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 6903f1753fb4c92b1c7a41759b74e7b5fc12e107 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 96ac8d34800bc75bf1c6b946f0588ce9e7266fa5 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb c13fa8e65e72857b6bbef65c54fd2d88022fc91a php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb c11e97ae28e6d97cabe05238b1a24cd666494c0c php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 4810c706113e0add5998a34d8944a775926bccaf php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 32d2526056f3c721a05d8b08b558147fc1731ad2 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb fc43b9cd3b1b346b616256a1ada50907d6843ca5 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 4b18833f41b0a3c4119605da5719ec3186febc6d php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 06c68d51512e1c44418257b9745b7369b4a9501b php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 7b1a0a448986bec01bffc850bbfb589ac9d51ba3 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 012434b05895449b03380c96951a99ba08b31e34 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb da5cd5a0a70e43d003b5abb63833fea2548aadc9 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 15d328f5e9b25a7881e3e5b1de6db0a63b900bd4 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 5182d28220a62d26b3c0938ce33423282e4f996e php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 1c30504191095faf1c3143982a4d04fdae3a162e php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb efe382bb8b2756af931b8edd72641c36f6b42915 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_all.deb 00be99a3828d919494ee97416d48aaa06bba0cee php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els7_amd64.deb 77e185a84fde4b209c9a32f448050d357eb9f3fb CLSA-2023:1700160963 TuxCare License Agreement 0 * SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix string_is_ip_address() - CVE-2023-42117 * SECURITY UPDATE: dnsdb out-of-bounds read information disclosure - debian/patches/CVE-2023-42119.patch: harden dnsdb against crafted DNS responses - CVE-2023-42119 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix string_is_ip_address() - CVE-2023-42117 * SECURITY UPDATE: dnsdb out-of-bounds read information disclosure - debian/patches/CVE-2023-42119.patch: harden dnsdb against crafted DNS responses - CVE-2023-42119

0 tuxcare-ubuntu16.04-els exim4_4.86.2-2ubuntu2.6+tuxcare.els5_all.deb 889955e863fc53be458ca1af328ed61a8aaf82ec exim4-base_4.86.2-2ubuntu2.6+tuxcare.els5_amd64.deb 0e6c387b65d5f1f9d69cc4fa48cb9ea1f20203d0 exim4-config_4.86.2-2ubuntu2.6+tuxcare.els5_all.deb a5c357ccb5e31fa2953450691f66ca70019f60e9 exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els5_amd64.deb 392e3c04f8b2adfd13a3bde0c6684045b86d2aca exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els5_amd64.deb 7ef3146345701dbf6a9d7cb04689cffbd3e4952e exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els5_amd64.deb d106afea814e8788d5926b089e307eadd98e93a3 eximon4_4.86.2-2ubuntu2.6+tuxcare.els5_amd64.deb f007dd3fdf1b19dff0d6876b21a53848c51a46f9 CLSA-2023:1700161076 TuxCare License Agreement 0 * SECURITY UPDATE: Remote authenticated user can trigger a kadmind crash - debian/patches/CVE-2023-36054.patch: ensure array count consistency in kadm5 RPC - CVE-2023-36054 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Remote authenticated user can trigger a kadmind crash - debian/patches/CVE-2023-36054.patch: ensure array count consistency in kadm5 RPC - CVE-2023-36054

0 tuxcare-ubuntu16.04-els krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 9a409bb4433064a63fb08f7563043988e2bbcf16 krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_all.deb 9650b8538fe9925f3cf0eb1202e73117aabbb44a krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 41077d201d6fb389ad0551ccdb28a5dadc22047d krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb bb5dd7135d5a4646259e86a32e56097df5d8a6f2 krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb ed92709d4765868daac9023ec51b1824b64c1a06 krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb b67516c908b0b398c9a30eec4b352f3bd0f6d609 krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_all.deb 06cf5299955c1e032c01d398534be6d591968222 krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb c2e6fd09bc8563a04e3b28a4dfc9ab813a2a5627 krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb d6f6f956ec8a181875e5c152b7b3ebd89c3e1ce1 krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 50b30208b0fca2229add6953e08b4c8c39067524 krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 2902d95d6011ed120367650a478fac52f4aabb18 libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 42f3ce0077c464023b80a6bf5ca71249ffa109d3 libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb e95c34ccbd222be9d2284530cc7a1858e6afee85 libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb c3a137a3f764dacbbb0099caaf6e06b91c37c731 libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 9381547961642b6b0304e4daa5c9b1439142848c libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 72c46c5cfa6614e030b16d27d46bcb1b8947d97c libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb c34888b261f67c6dd097c60b4b0d6e6a60627ce1 libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 6d97faf3d475158ab456ce8d2289a7799a4c9304 libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb df0c7c916ab2f40f1120dcfb751180855019bd81 libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 0dcc4fdb2a16ab1c77ce2978cc8f68e802e5a500 libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb d119c5d896a2c161dd5df8cfb61edcaac37d338f libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els3_amd64.deb 2ff1c43be75a11830d84529667cd90c9c09afa26 CLSA-2023:1700161185 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els3_amd64.deb 6d039b3f4536fd12ad312f928c763491b37560df squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els3_amd64.deb 1b52cf81dce663817908355f247745bdaf667261 squid-common_3.5.12-1ubuntu7.17+tuxcare.els3_all.deb 4be5111227b8344bd3b915bb798cc7c8fd620f2e squid-purge_3.5.12-1ubuntu7.17+tuxcare.els3_amd64.deb 44023ead873d96b02b24be3f519aab8d087a3383 squid3_3.5.12-1ubuntu7.17+tuxcare.els3_all.deb a31b3cee78c8cc708afd465945998a0c41bd6b62 squidclient_3.5.12-1ubuntu7.17+tuxcare.els3_amd64.deb 0360afabcc3312a5ad2788ca0d4f631c1f46c264 CLSA-2023:1700593371 TuxCare License Agreement 0 * Backport upstream releases 8u382 to 16.04 LTS * CVEs fixed in 8u382: - CVE-2023-22045: OpenJDK incorrectly handled array accesses. - CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings. Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream releases 8u382 to 16.04 LTS * CVEs fixed in 8u382: - CVE-2023-22045: OpenJDK incorrectly handled array accesses. - CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings.

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 2ba296c2f6f635fbcdd2862bb3975622cb78c0fb openjdk-8-doc_8u382-ga-0ubuntu1~16.04+tuxcare.els1_all.deb fd34bb95a7ea2c8a2e8fa6b5cee6261f3bae0f49 openjdk-8-jdk_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb d1424b8fbdbf5729051caac5addab7f1b2ee9122 openjdk-8-jdk-headless_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 5b454901ee3ffc368337bac35ff6c270f07ac44e openjdk-8-jre_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 9e4a16bf65895cc7fc12828396861ed51f3ba50c openjdk-8-jre-headless_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 86ff6fd72e3ba0015ea25cf9e55ba423b4cb478b openjdk-8-jre-jamvm_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 827a2133183ca16d91f886cccaa8c29722875120 openjdk-8-jre-zero_8u382-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 9f54db622ed2fd0c3662836dd4b495f72bec4c01 openjdk-8-source_8u382-ga-0ubuntu1~16.04+tuxcare.els1_all.deb d8697b4aee2ebba8fbe7c22e0991fc288f8befe9 CLSA-2023:1700593531 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of service could be encountered if a DH key or DH parameters check experience long delays. - debian/patches/CVE-2023-3446.patch: Adds check to prevent the testing of an excessively large modulus in DH_check(). - CVE-2023-3446 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service could be encountered if a DH key or DH parameters check experience long delays. - debian/patches/CVE-2023-3446.patch: Adds check to prevent the testing of an excessively large modulus in DH_check(). - CVE-2023-3446

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els9_amd64.deb 423a76beef7c2aec320c20c4f3890d271d5ad60b libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els9_all.deb 49986adf8b943affdfb7c2a2c10446fa6c1a7f7a libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els9_amd64.deb f33f361373f6ab7ffaa09c32eb748f20143359d1 openssl_1.0.2g-1ubuntu4.21+tuxcare.els9_amd64.deb 7faaabc7131db0560734b4263352341fff7b132c CLSA-2023:1700835091 TuxCare License Agreement 0 * SECURITY UPDATE: open socket out of the dedicated directory - debian/patches/CVE-2023-3961.patch: prevents a traversal out the dedicated directory - CVE-2023-3961 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: open socket out of the dedicated directory - debian/patches/CVE-2023-3961.patch: prevents a traversal out the dedicated directory - CVE-2023-3961

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 405e74d6a61a47b4f73f021ef5f2f67671f58bb6 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 0881ce2d7e51123443fd69fb55a4cf05498f684d libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 0cbc20bd2d3117b359edf54aedbd6ba11de5ce98 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 4ef10ee38333ab7b65aae10ea5ef4fcbbac77092 libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 67906bb1467ad868b7bf23ef44192c2b2bf5d99f libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 00ef03542f1096cc99c9a7b3db9bd07e03ec30dc libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb bf81319fc38f2bbd7e436f4254a9e0443bd62467 libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb ed295e9e929519d8b3e04dadc093831d8302b7ed python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 38436e7c100627fef595c4a145835f9dc32dcf6c registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 52464fa5eb7175666a2cde2a4fbb2b7afbb25966 samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb dd50277faf220d1809fe0356f97b2fe7c16eb7f2 samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_all.deb 63627d97ad5e4bf09ecc487c60b3a64a9f35ebd5 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb fa8c8e99daca47fe5c2245890248e65c67770263 samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 1d77ff12de35ec4f78a580bc7f12d0b4f8fc028e samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb b9211e8054db1d949446318fbf1aa991044f5519 samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 98e2a1881a4ba1b635cef409f966feaecd200ee3 samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 04d0c5c42262a20dc00b39db767a8fab6ad17dd7 samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 22a71fd3a807ecb31fe15b89e6dfeea62764fc38 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb 9fdd0b7c1d0278791dda631568457030840f7d35 winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els6_amd64.deb ea64d16185039ded513489972999a0614d14c0b6 CLSA-2023:1701284544 TuxCare License Agreement 0 * CVE-2020-12321 - linux-firmware: Update firmware file for Intel Bluetooth 9260 - linux-firmware: Update firmware file for Intel Bluetooth 9560 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2020-12321 - linux-firmware: Update firmware file for Intel Bluetooth 9260 - linux-firmware: Update firmware file for Intel Bluetooth 9560

0 tuxcare-ubuntu16.04-els linux-firmware_1.157.23+tuxcare.els1_all.deb 32b9859181beb387f3721bae72367755f915af2b CLSA-2023:1701446494 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow in the TLV parser - debian/patches/CVE-2022-3515.patch: detect a possible overflow directly in the TLV parser - CVE-2022-3515 * SECURITY UPDATE: integer overflow in the CRL signature parser - debian/patches/CVE-2022-47629.patch: fix an integer overflow in the CRL signature parser - CVE-2022-47629 * Enable internal tests Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow in the TLV parser - debian/patches/CVE-2022-3515.patch: detect a possible overflow directly in the TLV parser - CVE-2022-3515 * SECURITY UPDATE: integer overflow in the CRL signature parser - debian/patches/CVE-2022-47629.patch: fix an integer overflow in the CRL signature parser - CVE-2022-47629 * Enable internal tests

0 tuxcare-ubuntu16.04-els libksba-dev_1.3.3-1ubuntu0.16.04.1+tuxcare.els1_amd64.deb 4f6afe1d33f2fe4818d044ed758c15a5e4354814 libksba8_1.3.3-1ubuntu0.16.04.1+tuxcare.els1_amd64.deb 3543f9fa171bbb3b22b167622ce25993982b50a0 CLSA-2023:1701706444 TuxCare License Agreement 0 * SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016.patch: ps: fix possible buffer overflow in -C option. - CVE-2023-4016 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016.patch: ps: fix possible buffer overflow in -C option. - CVE-2023-4016

0 tuxcare-ubuntu16.04-els libprocps4_3.3.10-4ubuntu2.5+tuxcare.els1_amd64.deb 5dd995651c696ec4c22c14bc19dad3275f183722 libprocps4-dev_3.3.10-4ubuntu2.5+tuxcare.els1_amd64.deb e4aaf871ae8abdaa75b90d8797079ff238ef3511 procps_3.3.10-4ubuntu2.5+tuxcare.els1_amd64.deb a34294c77a205497da253e7a940249431f69d698 CLSA-2023:1701799960 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2022-3629 - vsock: Fix memory leak in vsock_connect() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/debug: Add SCHED_WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2022-3629 - vsock: Fix memory leak in vsock_connect() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/debug: Add SCHED_WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 33ba817c0de920572bda75e6faa5e4596b921d03 linux-buildinfo-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb cc213ef1590163eb7bb6a60086970f5a86643e98 linux-cloud-tools-4.4.0-249-tuxcare.els20_4.4.0-249.283_amd64.deb 83fc1583a0c40fdfb65d45dc1d3a5d1ab566d38c linux-cloud-tools-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 8daa1ffd53e375ecce08bb255f5db9e626337fa4 linux-cloud-tools-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb 339b0f8f3cef196def9d1bbe774e1ea069ed099c linux-cloud-tools-common_4.4.0-249.283_all.deb af797b1261a501cd177a7f56e9e9331bcf1054d3 linux-cloud-tools-generic_4.4.0.249.283_amd64.deb 9840913dcddbd31a18f0448d984c9756d6775a41 linux-cloud-tools-lowlatency_4.4.0.249.283_amd64.deb f453c2f347c92053b9c4224dfbd5324388370057 linux-crashdump_4.4.0.249.283_amd64.deb 3b7b8b27f2ef9dbef037eb2268ce5b8fdd77158b linux-doc_4.4.0-249.283_all.deb 04efc26f6e8fb5cae72cc64e8010636f6dad898e linux-generic_4.4.0.249.283_amd64.deb 237bedb8ea9709467551c990a9005e3e6c655140 linux-headers-4.4.0-249-tuxcare.els20_4.4.0-249.283_all.deb b8de62ff194f22407d44d72ed8c04b0ff0c42eb9 linux-headers-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 5e32778c45b5b2106bc7a0a60460e5de1e426955 linux-headers-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb 41d0cc960c8c0529debdfbaa2ce3bad550360050 linux-headers-generic_4.4.0.249.283_amd64.deb 6639c6d7e1c1449ba1ab559fb4e47385882be0bc linux-headers-lowlatency_4.4.0.249.283_amd64.deb 166a087d3b4a2e1b003b2f071ed297de15b9946d linux-image-generic_4.4.0.249.283_amd64.deb 1475ed4a3167115d8b03f92453377315a6be9fda linux-image-lowlatency_4.4.0.249.283_amd64.deb 66fda7cd057cc012c7718fcd1940c8268e970d56 linux-image-unsigned-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb b7aa4070e875fbb6834a23719530358cdb00c8fd linux-image-unsigned-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb cf210c8326cb5ee2ce89aec17a7d15457d806f94 linux-libc-dev_4.4.0-249.283_amd64.deb 4a2b207e2f5e98f0cf72e94c72ec924232cff9fe linux-lowlatency_4.4.0.249.283_amd64.deb 9079e358a850ddc8a0896bc690a310b7f6fba62f linux-modules-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 0645f97f8bddf54f03a6c19da38f668f0fdf1348 linux-modules-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb dcc8ce9de8e9f854c650c4a178c244a4ab8b0e3d linux-modules-extra-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb b6b0f1ffd4e5d83c6f61850590074a39fa09c9c0 linux-source_4.4.0.249.283_all.deb 5a0b6b70a1a5060a2167b3bff15aa798c84d7ab7 linux-source-4.4.0_4.4.0-249.283_all.deb 629164820766d9e20762117507a0de88002015ca linux-tools-4.4.0-249-tuxcare.els20_4.4.0-249.283_amd64.deb 335492c72653941c30e5c240b3bd71792990a034 linux-tools-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb d08176a1e247dcb80f303e14b3498559c856af09 linux-tools-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb b37525914f26bf2612b3d8ec5bbbb247ae8e97ab linux-tools-common_4.4.0-249.283_all.deb 606493e6ae2659ea96dd843862615abbfef2784a linux-tools-generic_4.4.0.249.283_amd64.deb f77117ed07750f1d920432df6d40dbb5dedc25a3 linux-tools-host_4.4.0-249.283_all.deb e38b0a877dd5755e8f87f681a654002e40fc4f66 linux-tools-lowlatency_4.4.0.249.283_amd64.deb 0c190f21dd67ed85f30a1410841145d9e9a587ac CLSA-2023:1701801241 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2022-3629 - vsock: Fix memory leak in vsock_connect() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/debug: Add SCHED_WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2022-3629 - vsock: Fix memory leak in vsock_connect() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/debug: Add SCHED_WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 33ba817c0de920572bda75e6faa5e4596b921d03 linux-buildinfo-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb cc213ef1590163eb7bb6a60086970f5a86643e98 linux-cloud-tools-4.4.0-249-tuxcare.els20_4.4.0-249.283_amd64.deb 83fc1583a0c40fdfb65d45dc1d3a5d1ab566d38c linux-cloud-tools-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 8daa1ffd53e375ecce08bb255f5db9e626337fa4 linux-cloud-tools-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb 339b0f8f3cef196def9d1bbe774e1ea069ed099c linux-cloud-tools-common_4.4.0-249.283_all.deb af797b1261a501cd177a7f56e9e9331bcf1054d3 linux-cloud-tools-generic_4.4.0.249.283_amd64.deb 9840913dcddbd31a18f0448d984c9756d6775a41 linux-cloud-tools-lowlatency_4.4.0.249.283_amd64.deb f453c2f347c92053b9c4224dfbd5324388370057 linux-crashdump_4.4.0.249.283_amd64.deb 3b7b8b27f2ef9dbef037eb2268ce5b8fdd77158b linux-doc_4.4.0-249.283_all.deb 04efc26f6e8fb5cae72cc64e8010636f6dad898e linux-generic_4.4.0.249.283_amd64.deb 237bedb8ea9709467551c990a9005e3e6c655140 linux-headers-4.4.0-249-tuxcare.els20_4.4.0-249.283_all.deb b8de62ff194f22407d44d72ed8c04b0ff0c42eb9 linux-headers-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 5e32778c45b5b2106bc7a0a60460e5de1e426955 linux-headers-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb 41d0cc960c8c0529debdfbaa2ce3bad550360050 linux-headers-generic_4.4.0.249.283_amd64.deb 6639c6d7e1c1449ba1ab559fb4e47385882be0bc linux-headers-lowlatency_4.4.0.249.283_amd64.deb 166a087d3b4a2e1b003b2f071ed297de15b9946d linux-image-generic_4.4.0.249.283_amd64.deb 1475ed4a3167115d8b03f92453377315a6be9fda linux-image-lowlatency_4.4.0.249.283_amd64.deb 66fda7cd057cc012c7718fcd1940c8268e970d56 linux-image-unsigned-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb b7aa4070e875fbb6834a23719530358cdb00c8fd linux-image-unsigned-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb cf210c8326cb5ee2ce89aec17a7d15457d806f94 linux-libc-dev_4.4.0-249.283_amd64.deb 4a2b207e2f5e98f0cf72e94c72ec924232cff9fe linux-lowlatency_4.4.0.249.283_amd64.deb 9079e358a850ddc8a0896bc690a310b7f6fba62f linux-modules-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb 0645f97f8bddf54f03a6c19da38f668f0fdf1348 linux-modules-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb dcc8ce9de8e9f854c650c4a178c244a4ab8b0e3d linux-modules-extra-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb b6b0f1ffd4e5d83c6f61850590074a39fa09c9c0 linux-source_4.4.0.249.283_all.deb 5a0b6b70a1a5060a2167b3bff15aa798c84d7ab7 linux-source-4.4.0_4.4.0-249.283_all.deb 629164820766d9e20762117507a0de88002015ca linux-tools-4.4.0-249-tuxcare.els20_4.4.0-249.283_amd64.deb 335492c72653941c30e5c240b3bd71792990a034 linux-tools-4.4.0-249-tuxcare.els20-generic_4.4.0-249.283_amd64.deb d08176a1e247dcb80f303e14b3498559c856af09 linux-tools-4.4.0-249-tuxcare.els20-lowlatency_4.4.0-249.283_amd64.deb b37525914f26bf2612b3d8ec5bbbb247ae8e97ab linux-tools-common_4.4.0-249.283_all.deb 606493e6ae2659ea96dd843862615abbfef2784a linux-tools-generic_4.4.0.249.283_amd64.deb f77117ed07750f1d920432df6d40dbb5dedc25a3 linux-tools-host_4.4.0-249.283_all.deb e38b0a877dd5755e8f87f681a654002e40fc4f66 linux-tools-lowlatency_4.4.0.249.283_amd64.deb 0c190f21dd67ed85f30a1410841145d9e9a587ac CLSA-2023:1701971295 TuxCare License Agreement 0 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_all.deb 04c1d3da4b614225b519f7c1aae28e4006f45efe libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb fab3d7eedc56d3536e30ec854b37cbd080a640ee libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb cb821feb89aa745d4d396fdf707d0c15dd4ae9f2 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb eeee415599d38d85d88685bf43f379f4aaa9cf28 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb af69481db2c0934b0f686254e8c20c876366588c libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_all.deb ed2727e2967c875247485c1c6b4bb7de0ed50078 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb e1f447bd4ee9897fbd92a78b4cc070a628ccf271 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb 4639d13c443117a73a3ba19e1469fe75de9794b8 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_all.deb c98ca621eaee767b4aa7f178276287b53e0f2857 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_all.deb 961ba300b96eb44d7c3a16ddec77e0a1794b9b73 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els10_amd64.deb 1251f8782bbaba4dd1b50bd1d3801e56e3522e4a CLSA-2023:1702324842 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-11-14 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 - CVE-2023-23583, INTEL-SA-00950 * source: update symlinks to reflect id of the latest release, 20231114 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-11-14 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 - CVE-2023-23583, INTEL-SA-00950 * source: update symlinks to reflect id of the latest release, 20231114

0 tuxcare-ubuntu16.04-els intel-microcode_3.20231114.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb c48e4bf1201753bdfb400b2618064f1e2037084d CLSA-2023:1702420408 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service attack against Squid’s Gopher gateway due to a NULL pointer dereference bug - debian/patches/CVE-2023-46728.patch: remove support for Gopher protocol - CVE-2023-46728 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service attack against Squid’s Gopher gateway due to a NULL pointer dereference bug - debian/patches/CVE-2023-46728.patch: remove support for Gopher protocol - CVE-2023-46728

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els4_amd64.deb 217d7582d15784d8452640215aba2421fbc8dc80 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els4_amd64.deb 196c6c79ef05ee1c39244d96bc53bb00a6757772 squid-common_3.5.12-1ubuntu7.17+tuxcare.els4_all.deb 38b3a7adf108e7dac68977e4cf117e213620d40b squid-purge_3.5.12-1ubuntu7.17+tuxcare.els4_amd64.deb 08dc273fc23b910811025fbb05873b46535ca73c squid3_3.5.12-1ubuntu7.17+tuxcare.els4_all.deb b74e5ca014788f122d7b4963beef7212c44a8654 squidclient_3.5.12-1ubuntu7.17+tuxcare.els4_amd64.deb 8f961d3f680b608056edf2523240ec3a74e57098 CLSA-2023:1702573269 TuxCare License Agreement 0 * SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_all.deb 6983529c0d22b07e02c8730e6f8eb8f03160e9ad libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb 0885ba33b6b6c14de37ec84e9aa611c55242c387 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb 986097f66d76b56cdd76991f7c6dc70c6bf6f461 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb c1d61ec1841ea75b17fae5ede991b0ed24712bd6 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb fdb548c5fcc2f51a06a20e274e583fcd81e553b0 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_all.deb b194ffd96ddacba03b2b796f70db1ffe04898f1e python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb 0d92c9beb869d597acf00e10cee26ebf0bf5edcc python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb 93b52da3f482689ed91213c92df3d2fe3796bb9f python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_all.deb 0f73c97fc412ab9749ae5cbfc2718a30b54a3e75 python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_all.deb 1669d97ee7be938e251f49c79b3d536d6f4d947c python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els11_amd64.deb 4106d46725c9f95f61614264d850c90fbdc1bfea CLSA-2023:1702573449 TuxCare License Agreement 0 * SECURITY UPDATE: Update to 5.7.44 to fix security issues - CVE-2023-22053, CVE-2023-22084, CVE-2023-22015, CVE-2023-22026, CVE-2023-22028 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.44 to fix security issues - CVE-2023-22053, CVE-2023-22084, CVE-2023-22015, CVE-2023-22026, CVE-2023-22028

0 tuxcare-ubuntu16.04-els libmysqlclient-dev_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 3d59ede3d3089f5875bddb6621af3410686c16d7 libmysqlclient20_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 0064529296ffb2bd9fc6ccf53944bd71ffdf84e0 libmysqld-dev_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 4c012d0977d31fe4f2eb462d1b52867372cbbd68 mysql-client_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_all.deb 15354ff421fa91986f2bbc78b83446018cb700d5 mysql-client-5.7_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb b5f61658f491609e539a3d70780c1c8aa9b22167 mysql-client-core-5.7_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 842696c383f9e6b787e71e14602a5b097b3850ca mysql-common_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_all.deb a1ce2cd791cada6a3143728d5589ce7b55246e48 mysql-server_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_all.deb 656fb3b061555de9c66df604c02db5887f0ae079 mysql-server-5.7_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 46f7a7c3a1469dd41311766b82166bd4c116d7ad mysql-server-core-5.7_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 7dd2bb11412832abf31a1ff78db84ea329fd1bbf mysql-source-5.7_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a1df20c21e9790b0f13cc9e1e4d46b94b3110aad mysql-testsuite_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_all.deb 026919f8a4cb5215758737284e9f749a3ad07e1a mysql-testsuite-5.7_5.7.44-0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 28fc90c6f8c3e5088720f7f5d384fd8101497df2 CLSA-2023:1703008559 TuxCare License Agreement 0 * SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact - debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header - CVE-2023-45539 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact - debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header - CVE-2023-45539

0 tuxcare-ubuntu16.04-els haproxy_1.6.3-1ubuntu0.3+tuxcare.els1_amd64.deb 6816e403e715f46529cbeda39a0120b006a2f60c haproxy-doc_1.6.3-1ubuntu0.3+tuxcare.els1_all.deb fa808c2fbed8ac248641f6e9b80e87b873a2d914 vim-haproxy_1.6.3-1ubuntu0.3+tuxcare.els1_all.deb 670e20efab604f29d9aaa80375f963fb13e1e9d7 CLSA-2023:1703184270 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 * SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper process startup fails - CVE-2023-49286 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 * SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper process startup fails - CVE-2023-49286

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els5_amd64.deb 9aa8d442f723aa62fad84a84d54cee8d97b18398 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els5_amd64.deb 1b138af22349a95a20000bed3983118046d5f5b4 squid-common_3.5.12-1ubuntu7.17+tuxcare.els5_all.deb b490e2c45e7324968ec9bf40d174c0eb4e42665e squid-purge_3.5.12-1ubuntu7.17+tuxcare.els5_amd64.deb c983f01f3b11c5844bc2606daaa067dab9ecd3b2 squid3_3.5.12-1ubuntu7.17+tuxcare.els5_all.deb 5ddf5a212e1764823821327831954d471cde8f9a squidclient_3.5.12-1ubuntu7.17+tuxcare.els5_amd64.deb 8e01014223461430134ff80a236412369c7fff3a CLSA-2023:1703611827 TuxCare License Agreement 0 * SECURITY UPDATE: potential DoS attack via CPU and RAM exhaustion - debian/patches/CVE-2022-48564.patch: Improve validation of Plist files that prevent DoS when processing malformed Apple Property List files in binary format - CVE-2022-48564 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: potential DoS attack via CPU and RAM exhaustion - debian/patches/CVE-2022-48564.patch: Improve validation of Plist files that prevent DoS when processing malformed Apple Property List files in binary format - CVE-2022-48564 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_all.deb df0a1f08cf9830ffa239c2aa7a8b1d8a986f3826 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 0f8a152e146769c5596797ac23b831b7ca306807 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 266c7bfbedbdee522a9fa68fe24588ac38afeda5 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 7d9fd7652c5675f7d9fe3337027bb89b2a6425ae libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 73ae0194d94e7d5cf4af4fdefa1687aa7b2bb7aa libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_all.deb 8c09523311360cf4091509813703dad5f656851c python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 548a8d2f08f9da89c8a0be6efffe2e8f5222f0e2 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 70011a2a1f76f4c26b2948b45dcb5c6afb1f2d50 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_all.deb 2cbe4fc2cec5483c44995a825e32b51db4f3b343 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_all.deb 071a1eca8b37000d23953ae97b2983c6aef16637 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 6bfd3001774e830a0fef7831adb7661dc0a8851c python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els13_amd64.deb 4245785388cf4e845f62cf63fea89c664a18127e CLSA-2023:1703611900 TuxCare License Agreement 0 * SECURITY UPDATE: possible OS command injection - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in command line - CVE-2023-51385 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible OS command injection - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in command line - CVE-2023-51385

0 tuxcare-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els4_amd64.deb cdd8a814edd8fe7305e763a588ca49688e1d6226 openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els4_amd64.deb 157abab02f9fee65169934b65c7311109bbfb36d openssh-server_7.2p2-4ubuntu2.10+tuxcare.els4_amd64.deb 859ac1d2e8a67c365756a7b012ce213bae3bfcde openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els4_amd64.deb c4abe41686ca60320cb96eb403e797d2e0d110c3 ssh_7.2p2-4ubuntu2.10+tuxcare.els4_all.deb 71e733cc862a5bb4bfad04b0408fb3979a0a64ba ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els4_amd64.deb af5b7929510f87d97611174e6760eeaa55a92036 ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els4_all.deb 4209e040b41d663f0de03937f10546118b4477f4 CLSA-2023:1703612003 TuxCare License Agreement 0 * Backport upstream releases 8u392 to 16.04 LTS * CVEs fixed in 8u392: - CVE-2023-22067: IOR deserialization issue in CORBA - CVE-2023-22081: Certificate path validation issue * Drop applied CVE-2022-40433.patch (changes are already in the sources) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream releases 8u392 to 16.04 LTS * CVEs fixed in 8u392: - CVE-2023-22067: IOR deserialization issue in CORBA - CVE-2023-22081: Certificate path validation issue * Drop applied CVE-2022-40433.patch (changes are already in the sources)

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 576355e4a8fb2c3973d05e4ac7b264d2f2336200 openjdk-8-doc_8u392-ga-0ubuntu1~16.04+tuxcare.els1_all.deb c07146d7af983657f0b6b55db3e9c6f9a6810afb openjdk-8-jdk_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 471f051e1f99d41b42bbdfbc46fe9a4ea0d02846 openjdk-8-jdk-headless_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 9387a3ba5698c1283e49e34839a63dfd2cb5eff7 openjdk-8-jre_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb ed03de09514cd39b5d1c55d0352a873510796a54 openjdk-8-jre-headless_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 4c18af9e0c61d459b53714bf7bc219e1d2560d10 openjdk-8-jre-jamvm_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 673cfe7d2a862b1de80adb3d44afcb60acd9e13f openjdk-8-jre-zero_8u392-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 6423e41d03c2988c16a015c58961676479b35e82 openjdk-8-source_8u392-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 51a76415c52b6e998292789220499719a05461ee CLSA-2024:1705077885 TuxCare License Agreement 0 * SECURITY UPDATE: use-after-free in win_close() - debian/patches/CVE-2023-48231.patch: check window is valid, before accessing it - CVE-2023-48231 * SECURITY UPDATE: overflow with count for :s command - debian/patches/CVE-2023-48233.patch: abort the :s command if the count is too large - CVE-2023-48233 * SECURITY UPDATE: overflow in nv_z_get_count - debian/patches/CVE-2023-48234.patch: break out, if count is too large - CVE-2023-48234 * SECURITY UPDATE: overflow in ex address parsing - debian/patches/CVE-2023-48235.patch: verify that lnum is positive, before substracting from LONG_MAX - CVE-2023-48235 * SECURITY UPDATE: overflow in get_number - debian/patches/CVE-2023-48236.patch: return 0 when the count gets too large - CVE-2023-48236 * SECURITY UPDATE: overflow in shift_line - debian/patches/CVE-2023-48237.patch: allow a max indent of INT_MAX - CVE-2023-48237 * SECURITY UPDATE: overflow in :history - debian/patches/CVE-2023-46246.patch: check that value fits into int - CVE-2023-46246 * SECURITY UPDATE: recursive command line loop may cause a crash - debian/patches/CVE-2022-1771.patch: limit recursion of getcmdline() - CVE-2022-1771 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use-after-free in win_close() - debian/patches/CVE-2023-48231.patch: check window is valid, before accessing it - CVE-2023-48231 * SECURITY UPDATE: overflow with count for :s command - debian/patches/CVE-2023-48233.patch: abort the :s command if the count is too large - CVE-2023-48233 * SECURITY UPDATE: overflow in nv_z_get_count - debian/patches/CVE-2023-48234.patch: break out, if count is too large - CVE-2023-48234 * SECURITY UPDATE: overflow in ex address parsing - debian/patches/CVE-2023-48235.patch: verify that lnum is positive, before substracting from LONG_MAX - CVE-2023-48235 * SECURITY UPDATE: overflow in get_number - debian/patches/CVE-2023-48236.patch: return 0 when the count gets too large - CVE-2023-48236 * SECURITY UPDATE: overflow in shift_line - debian/patches/CVE-2023-48237.patch: allow a max indent of INT_MAX - CVE-2023-48237 * SECURITY UPDATE: overflow in :history - debian/patches/CVE-2023-46246.patch: check that value fits into int - CVE-2023-46246 * SECURITY UPDATE: recursive command line loop may cause a crash - debian/patches/CVE-2022-1771.patch: limit recursion of getcmdline() - CVE-2022-1771

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb 7d4f3669baa834bbc601d4e5a77ea050a37ddf1b vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb 3ae6c76754f8fff45a6fc326a6180c32af5cc9ed vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb bc1935010effb51d1e46361d4e8b80b30046ebd3 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb f6af01185887fdf185e63c8e7fda13d542f2f80b vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els49_all.deb 81617602d8448bb3db0423ba46d8a6884fad33fa vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb 028505a3288d4f09026450607e28634c94b29e55 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb e3d30883be83fa8989181a703ca39e98f65d99c2 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb fc521cfba1686113547d3e84a5d93fa46ffdf16b vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb fbe9585665a2e6d92faba0e1db32a70479885402 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb cf1b654f21cc7318e4cc6b3d9c740ab2153631c3 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb 8ad0b264cbda0a858cb3eeb6fbfa0dbc05acfe05 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els49_all.deb 80380d9d781e01efa8befa6dabec0ea9bda8549d vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb ad177deba327bdc74c8f2884e5e7cd87e1dea314 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb afd2262be47d0ac63013588c4e6096cc02567152 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els49_all.deb 24be222f718ca2086cb1d5a7bb9278fb93ed6784 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb 0b4c2a81bcece9fac9ad654c27edef34cf997987 CLSA-2024:1705078045 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 1a63c93675c01dba419d3b86227bc88384c64832 linux-buildinfo-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 9ee01ea1341d81c548444d37db8d50468d73f1f1 linux-cloud-tools-4.4.0-250-tuxcare.els21_4.4.0-250.284_amd64.deb edd4964eee05bb519fbe849732316567e2d24ab7 linux-cloud-tools-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb b9063557076019974a72aeee31d62ee375d304d3 linux-cloud-tools-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb fb95a80a647799183da9764e0692a4dd174db98a linux-cloud-tools-common_4.4.0-250.284_all.deb 76b2147e41ee410b6fab2208ba6a656685e8ceaa linux-cloud-tools-generic_4.4.0.250.284_amd64.deb 3d8cf4457107db87b2292926caffd54269d62926 linux-cloud-tools-lowlatency_4.4.0.250.284_amd64.deb ab81e4d3184b397c27cf8a9efd639a7d065cbbe0 linux-crashdump_4.4.0.250.284_amd64.deb aa87a63d54512f61e1643aa4ba64abea2c16aa0e linux-doc_4.4.0-250.284_all.deb bb51b246972fdc4a19b598258b6ea1abbe37b7be linux-generic_4.4.0.250.284_amd64.deb 1026be439c922ebf34adace98eb6e8fa6fc59179 linux-headers-4.4.0-250-tuxcare.els21_4.4.0-250.284_all.deb e74fd9c967e0666a65b1f9b45f1848877ef13f25 linux-headers-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 4b98f95631db1a555067dde15d3f54030991a3ba linux-headers-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 8380f4770773cd010206c2c0b0914f2e029a697d linux-headers-generic_4.4.0.250.284_amd64.deb d9051f41a517ba3dcb9ffac80ee9ae94305686dc linux-headers-lowlatency_4.4.0.250.284_amd64.deb 07850cc691effcfa444ebb0a302b9884ca26f788 linux-image-generic_4.4.0.250.284_amd64.deb c5cff2ce3bb570a7a960b4ad21355bee1774e07a linux-image-lowlatency_4.4.0.250.284_amd64.deb f1a64a0116929229a42ad536c4bdc595fa2e4a9d linux-image-unsigned-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 8c318e782dbe2a4f1ae011f6d1b5e38d1b9bea0a linux-image-unsigned-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 7681d3016cd120f5e167cdd67dffe36102fdd240 linux-libc-dev_4.4.0-250.284_amd64.deb 68972356006600b726be445f05ba58cf69ec0437 linux-lowlatency_4.4.0.250.284_amd64.deb 02d532b748be8ade750427c36e30f695be72c858 linux-modules-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb b8af82662e2631d4f6faee719fe409f1f8c2f783 linux-modules-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb d4936fa782ebe84ed3a2b6b837804630d50062b2 linux-modules-extra-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 0fc1ef112dd3f178df2f3449b4775c8c6eb9d327 linux-source_4.4.0.250.284_all.deb 78af18afa92ecfec3b163150d61b3b10f5449f28 linux-source-4.4.0_4.4.0-250.284_all.deb cc385156e7c163ab692febb6ce5e0db0e2925313 linux-tools-4.4.0-250-tuxcare.els21_4.4.0-250.284_amd64.deb c6a4b6102120f69a711f122a026e4977b6a6ea5e linux-tools-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 5b7d937584c2f0d2bc2193423b8f7e2a774261e7 linux-tools-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 0d124a21b9c801a425c59ae855b840bc84ab7566 linux-tools-common_4.4.0-250.284_all.deb 1676776c386d3778cabb134a8ba621ae3900612f linux-tools-generic_4.4.0.250.284_amd64.deb 981ad1c39d43535fcf3ca5f37ecc328cd590ab48 linux-tools-host_4.4.0-250.284_all.deb 5e680cd0476c2d104ea86f402f144b41bbdd612b linux-tools-lowlatency_4.4.0.250.284_amd64.deb 382e0a91fc5644c4a073d5cd8dda767557b662db CLSA-2024:1705078162 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 1a63c93675c01dba419d3b86227bc88384c64832 linux-buildinfo-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 9ee01ea1341d81c548444d37db8d50468d73f1f1 linux-cloud-tools-4.4.0-250-tuxcare.els21_4.4.0-250.284_amd64.deb edd4964eee05bb519fbe849732316567e2d24ab7 linux-cloud-tools-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb b9063557076019974a72aeee31d62ee375d304d3 linux-cloud-tools-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb fb95a80a647799183da9764e0692a4dd174db98a linux-cloud-tools-common_4.4.0-250.284_all.deb 76b2147e41ee410b6fab2208ba6a656685e8ceaa linux-cloud-tools-generic_4.4.0.250.284_amd64.deb 3d8cf4457107db87b2292926caffd54269d62926 linux-cloud-tools-lowlatency_4.4.0.250.284_amd64.deb ab81e4d3184b397c27cf8a9efd639a7d065cbbe0 linux-crashdump_4.4.0.250.284_amd64.deb aa87a63d54512f61e1643aa4ba64abea2c16aa0e linux-doc_4.4.0-250.284_all.deb bb51b246972fdc4a19b598258b6ea1abbe37b7be linux-generic_4.4.0.250.284_amd64.deb 1026be439c922ebf34adace98eb6e8fa6fc59179 linux-headers-4.4.0-250-tuxcare.els21_4.4.0-250.284_all.deb e74fd9c967e0666a65b1f9b45f1848877ef13f25 linux-headers-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 4b98f95631db1a555067dde15d3f54030991a3ba linux-headers-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 8380f4770773cd010206c2c0b0914f2e029a697d linux-headers-generic_4.4.0.250.284_amd64.deb d9051f41a517ba3dcb9ffac80ee9ae94305686dc linux-headers-lowlatency_4.4.0.250.284_amd64.deb 07850cc691effcfa444ebb0a302b9884ca26f788 linux-image-generic_4.4.0.250.284_amd64.deb c5cff2ce3bb570a7a960b4ad21355bee1774e07a linux-image-lowlatency_4.4.0.250.284_amd64.deb f1a64a0116929229a42ad536c4bdc595fa2e4a9d linux-image-unsigned-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 8c318e782dbe2a4f1ae011f6d1b5e38d1b9bea0a linux-image-unsigned-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 7681d3016cd120f5e167cdd67dffe36102fdd240 linux-libc-dev_4.4.0-250.284_amd64.deb 68972356006600b726be445f05ba58cf69ec0437 linux-lowlatency_4.4.0.250.284_amd64.deb 02d532b748be8ade750427c36e30f695be72c858 linux-modules-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb b8af82662e2631d4f6faee719fe409f1f8c2f783 linux-modules-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb d4936fa782ebe84ed3a2b6b837804630d50062b2 linux-modules-extra-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 0fc1ef112dd3f178df2f3449b4775c8c6eb9d327 linux-source_4.4.0.250.284_all.deb 78af18afa92ecfec3b163150d61b3b10f5449f28 linux-source-4.4.0_4.4.0-250.284_all.deb cc385156e7c163ab692febb6ce5e0db0e2925313 linux-tools-4.4.0-250-tuxcare.els21_4.4.0-250.284_amd64.deb c6a4b6102120f69a711f122a026e4977b6a6ea5e linux-tools-4.4.0-250-tuxcare.els21-generic_4.4.0-250.284_amd64.deb 5b7d937584c2f0d2bc2193423b8f7e2a774261e7 linux-tools-4.4.0-250-tuxcare.els21-lowlatency_4.4.0-250.284_amd64.deb 0d124a21b9c801a425c59ae855b840bc84ab7566 linux-tools-common_4.4.0-250.284_all.deb 1676776c386d3778cabb134a8ba621ae3900612f linux-tools-generic_4.4.0.250.284_amd64.deb 981ad1c39d43535fcf3ca5f37ecc328cd590ab48 linux-tools-host_4.4.0-250.284_all.deb 5e680cd0476c2d104ea86f402f144b41bbdd612b linux-tools-lowlatency_4.4.0.250.284_amd64.deb 382e0a91fc5644c4a073d5cd8dda767557b662db CLSA-2024:1705941172 TuxCare License Agreement 0 * Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificares were updated: # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificares were updated: # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"

0 tuxcare-ubuntu16.04-els ca-certificates_20231207~16.04.1ubuntu0.1+tuxcare.els1_all.deb af553d5a352a7882117ba218aac268eb3398749b CLSA-2024:1706026686 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service in HTTP Request parsing - debian/patches/CVE-2023-50269.patch: Limit the number of allowed X-Forwarded-For hops - CVE-2023-50269 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service in HTTP Request parsing - debian/patches/CVE-2023-50269.patch: Limit the number of allowed X-Forwarded-For hops - CVE-2023-50269

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els6_amd64.deb 29f74ca4996d5e8bd04644b5843dae684b28890b squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els6_amd64.deb e59691df1cd3739b2be0c7124f1fdbd59723d415 squid-common_3.5.12-1ubuntu7.17+tuxcare.els6_all.deb cc39bde8b7466759f128ec9277e5f4e7cb97d51f squid-purge_3.5.12-1ubuntu7.17+tuxcare.els6_amd64.deb 4278bb5ef4bd62dd6ef1a026a9930751b795c168 squid3_3.5.12-1ubuntu7.17+tuxcare.els6_all.deb 738ba7e9e1f7aac39f7e3e73949335c1e9270d41 squidclient_3.5.12-1ubuntu7.17+tuxcare.els6_amd64.deb 9b84e314a05cd2ca5fc4e39e60d192bb42077ead CLSA-2024:1706026767 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service attack - debian/patches/CVE-2023-39804.patch: Fix handling of extended header prefixes. - CVE-2023-39804.patch Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service attack - debian/patches/CVE-2023-39804.patch: Fix handling of extended header prefixes. - CVE-2023-39804.patch

0 tuxcare-ubuntu16.04-els tar_1.28-2.1ubuntu0.2+tuxcare.els2_amd64.deb 933970ffab63376c9c79199618961df33a7e637a tar-scripts_1.28-2.1ubuntu0.2+tuxcare.els2_amd64.deb aa79b0fe9f0af87c942376da0e7db3a7ee25dd16 CLSA-2024:1706545934 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE- url: https://ubuntu.com/security/CVE-2022-48619 - Input: add bounds checking to input_set_capability() * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * kernel crash : net_sched race condition in tcindex_destroy() (LP: #1825942) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - RCU, workqueue: Implement rcu_work * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE- url: https://ubuntu.com/security/CVE-2022-48619 - Input: add bounds checking to input_set_capability() * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * kernel crash : net_sched race condition in tcindex_destroy() (LP: #1825942) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - RCU, workqueue: Implement rcu_work * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 9c1803f8fea6ef0aa0c23bd6e73cc0fe0cb09a53 linux-buildinfo-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 8247f0fd2bb24c9134b4e725955d73cfcd3b857c linux-cloud-tools-4.4.0-251-tuxcare.els22_4.4.0-251.285_amd64.deb 16bde3141bbe3e3f108fd8487f442c81be2b4804 linux-cloud-tools-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 0bec7fd601c2314f935ad6c3bf4d2b2973b564d3 linux-cloud-tools-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 89d6f842ebb790885aaf40e1ad1af679d0f2652d linux-cloud-tools-common_4.4.0-251.285_all.deb 2bba992a03d9ac2733e0de7a57ec51771fbd433a linux-cloud-tools-generic_4.4.0.251.285_amd64.deb 5e9cbec8b4b75e624990490ece77038ccf050120 linux-cloud-tools-lowlatency_4.4.0.251.285_amd64.deb aca71d4945e6aa1fc5dc0089bb7ac362150cefc6 linux-crashdump_4.4.0.251.285_amd64.deb 8ba2d3389be615114220878d1d6e689e0db04322 linux-doc_4.4.0-251.285_all.deb bf27dc5a7e5cbd110d6e4db490e639e4c37ee10f linux-generic_4.4.0.251.285_amd64.deb d6f75d6e653bced02993c9aecac70cc9c135d755 linux-headers-4.4.0-251-tuxcare.els22_4.4.0-251.285_all.deb 115bb1000cb76ec542b9ff42220e8467486e9e08 linux-headers-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 5404a48e566c9e8c0b7f86c5728be57b80a4733d linux-headers-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 08eb1446e591f2c53fab73cfb4e30d8284fba53a linux-headers-generic_4.4.0.251.285_amd64.deb 8137967e64dd71c5bd42b45fc6bb434cff543d0e linux-headers-lowlatency_4.4.0.251.285_amd64.deb 8bc43b957e023e4d8a4750e3ec2398e8805966d2 linux-image-generic_4.4.0.251.285_amd64.deb 0b31ddb27f721dec5aebddce2f0992be0ff02871 linux-image-lowlatency_4.4.0.251.285_amd64.deb c3c7c5c58801a7ed52e5aee9149233d5bebe5b80 linux-image-unsigned-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 4067c917d4ba010e5226e00c1b56a7137813e6f0 linux-image-unsigned-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 742a1bb81b40299fab75c418ed8930478dc46664 linux-libc-dev_4.4.0-251.285_amd64.deb 1f0bc8e50d479db2e61c7c02bee01a58554f532d linux-lowlatency_4.4.0.251.285_amd64.deb 28c356a532f0f80a34f2baabb6e325834f452683 linux-modules-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb f7d408b97fee6de8adec79305ef65b9278f615ed linux-modules-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb fbd048cdb31abfe6021cea3c48847da0df6591b3 linux-modules-extra-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb bbbf1d2482302509e96896309abdcc2a513a64e0 linux-source_4.4.0.251.285_all.deb 75d06e1ca95bdd31a412baef9c481e4eaa9f9167 linux-source-4.4.0_4.4.0-251.285_all.deb 9902c99dc272dbf777ce4dc99a852db980e2dce1 linux-tools-4.4.0-251-tuxcare.els22_4.4.0-251.285_amd64.deb ea58aab645a28084c4e9124d7f855c4cf4d39758 linux-tools-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 59c3e5a7d71171dcaf29d259addcf3ed174a5ca4 linux-tools-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb b588d57b27a95182dd2f2dbbe50fee1787a9c4cd linux-tools-common_4.4.0-251.285_all.deb e43fc8f1d20de730dedb1a418134765ce8701825 linux-tools-generic_4.4.0.251.285_amd64.deb e82ee2ae322eb28e6f97b5284539941b74bbfce4 linux-tools-host_4.4.0-251.285_all.deb d8884ada2ad2415d049e794fa5ffcc287ef18ca7 linux-tools-lowlatency_4.4.0.251.285_amd64.deb e7a19377253bee9c807138a8f95013435399b60e CLSA-2024:1706546252 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE- url: https://ubuntu.com/security/CVE-2022-48619 - Input: add bounds checking to input_set_capability() * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * kernel crash : net_sched race condition in tcindex_destroy() (LP: #1825942) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - RCU, workqueue: Implement rcu_work * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) // CVE- url: https://ubuntu.com/security/CVE-2022-48619 - Input: add bounds checking to input_set_capability() * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * kernel crash : net_sched race condition in tcindex_destroy() (LP: #1825942) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - RCU, workqueue: Implement rcu_work * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 9c1803f8fea6ef0aa0c23bd6e73cc0fe0cb09a53 linux-buildinfo-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 8247f0fd2bb24c9134b4e725955d73cfcd3b857c linux-cloud-tools-4.4.0-251-tuxcare.els22_4.4.0-251.285_amd64.deb 16bde3141bbe3e3f108fd8487f442c81be2b4804 linux-cloud-tools-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 0bec7fd601c2314f935ad6c3bf4d2b2973b564d3 linux-cloud-tools-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 89d6f842ebb790885aaf40e1ad1af679d0f2652d linux-cloud-tools-common_4.4.0-251.285_all.deb 2bba992a03d9ac2733e0de7a57ec51771fbd433a linux-cloud-tools-generic_4.4.0.251.285_amd64.deb 5e9cbec8b4b75e624990490ece77038ccf050120 linux-cloud-tools-lowlatency_4.4.0.251.285_amd64.deb aca71d4945e6aa1fc5dc0089bb7ac362150cefc6 linux-crashdump_4.4.0.251.285_amd64.deb 8ba2d3389be615114220878d1d6e689e0db04322 linux-doc_4.4.0-251.285_all.deb bf27dc5a7e5cbd110d6e4db490e639e4c37ee10f linux-generic_4.4.0.251.285_amd64.deb d6f75d6e653bced02993c9aecac70cc9c135d755 linux-headers-4.4.0-251-tuxcare.els22_4.4.0-251.285_all.deb 115bb1000cb76ec542b9ff42220e8467486e9e08 linux-headers-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 5404a48e566c9e8c0b7f86c5728be57b80a4733d linux-headers-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 08eb1446e591f2c53fab73cfb4e30d8284fba53a linux-headers-generic_4.4.0.251.285_amd64.deb 8137967e64dd71c5bd42b45fc6bb434cff543d0e linux-headers-lowlatency_4.4.0.251.285_amd64.deb 8bc43b957e023e4d8a4750e3ec2398e8805966d2 linux-image-generic_4.4.0.251.285_amd64.deb 0b31ddb27f721dec5aebddce2f0992be0ff02871 linux-image-lowlatency_4.4.0.251.285_amd64.deb c3c7c5c58801a7ed52e5aee9149233d5bebe5b80 linux-image-unsigned-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 4067c917d4ba010e5226e00c1b56a7137813e6f0 linux-image-unsigned-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb 742a1bb81b40299fab75c418ed8930478dc46664 linux-libc-dev_4.4.0-251.285_amd64.deb 1f0bc8e50d479db2e61c7c02bee01a58554f532d linux-lowlatency_4.4.0.251.285_amd64.deb 28c356a532f0f80a34f2baabb6e325834f452683 linux-modules-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb f7d408b97fee6de8adec79305ef65b9278f615ed linux-modules-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb fbd048cdb31abfe6021cea3c48847da0df6591b3 linux-modules-extra-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb bbbf1d2482302509e96896309abdcc2a513a64e0 linux-source_4.4.0.251.285_all.deb 75d06e1ca95bdd31a412baef9c481e4eaa9f9167 linux-source-4.4.0_4.4.0-251.285_all.deb 9902c99dc272dbf777ce4dc99a852db980e2dce1 linux-tools-4.4.0-251-tuxcare.els22_4.4.0-251.285_amd64.deb ea58aab645a28084c4e9124d7f855c4cf4d39758 linux-tools-4.4.0-251-tuxcare.els22-generic_4.4.0-251.285_amd64.deb 59c3e5a7d71171dcaf29d259addcf3ed174a5ca4 linux-tools-4.4.0-251-tuxcare.els22-lowlatency_4.4.0-251.285_amd64.deb b588d57b27a95182dd2f2dbbe50fee1787a9c4cd linux-tools-common_4.4.0-251.285_all.deb e43fc8f1d20de730dedb1a418134765ce8701825 linux-tools-generic_4.4.0.251.285_amd64.deb e82ee2ae322eb28e6f97b5284539941b74bbfce4 linux-tools-host_4.4.0-251.285_all.deb d8884ada2ad2415d049e794fa5ffcc287ef18ca7 linux-tools-lowlatency_4.4.0.251.285_amd64.deb e7a19377253bee9c807138a8f95013435399b60e CLSA-2024:1707379486 TuxCare License Agreement 0 * Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els7_amd64.deb d3d019dc01a46f5f25e0b4c5baab2397c802958f libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els7_amd64.deb 0661085a369a82bda49e9dfc28178f639a4717c7 libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els7_amd64.deb 6b9154750edf61cd181e9b9a81c320e5595af8e3 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els7_all.deb 4ef4e769b160cc6a6a9f31aee3e9d013b796625f libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els7_amd64.deb 6d3e3f1521e2b0e5ffceff4c3dd52a8f6fe6eaac CLSA-2024:1707420378 TuxCare License Agreement 0 * SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795

0 tuxcare-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els5_amd64.deb ef4c5889635a9432979a75f5ca486a4ae561db36 openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els5_amd64.deb 96c7765e927563fb4edbf2c4ca102b6571f80d27 openssh-server_7.2p2-4ubuntu2.10+tuxcare.els5_amd64.deb 0ccfa1d58555ece9c418b140308990fdd2c04272 openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els5_amd64.deb 4c02d26145023a41bfef44d63d4f70c66847548b ssh_7.2p2-4ubuntu2.10+tuxcare.els5_all.deb 1efae115b4370b35561455da1288162c36a25005 ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els5_amd64.deb 8cf5d7d5f14d1d535c4a8dec9f3c516e592afc58 ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els5_all.deb 59325c5514a406465a7295e27680e20efc88a2d0 CLSA-2024:1707420507 TuxCare License Agreement 0 * SECURITY UPDATE: A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. - debian/patches/CVE-2023-5869.patch: Detect integer overflow while computing new array dimensions. - CVE-2023-5869 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. - debian/patches/CVE-2023-5869.patch: Detect integer overflow while computing new array dimensions. - CVE-2023-5869

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb 92db160c0eac3c1c5c282e58e998e271216b864c libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb e5f2d968d8ae114c5a59d3da5c878c1af447aac4 libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb ed3d63ada8df36fec739db11ba31f1be79388b74 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb 75d55a13455cd84eeb18be6e441797ba6942baeb libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb 3b703725059364e7b8320a6e422d3d762918110f libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb 9a50fea6f3a7e15fc5693958df4798b537369c14 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb a2e9d772d3fe83a1cf2691a0a6b704d0db6b9fb6 postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb c0d7b7211b8f4ed9aef4c5cd4ecf7ce41308dccf postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb ba5407e9cd3c75d474b797799984a6545d59ccc0 postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_all.deb 03c9674032cd61f652a7705c785bf2466838c3d7 postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb 54c959eb38be8793803f51c6b7e4ea8539a017ad postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb 48870419c7cd545ccf91f13bf7c57949a006c1ea postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb f92cd5dd4019e42ae18f97eba1fad7f4fdbd6a47 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb a9c60c1df28547c10c9b40316665b2b959ad9271 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb bcca4ebd40b832c91f8ddbff8009a619adb86c02 CLSA-2024:1708024614 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2023-12-05: + Update Microcode for 19h family: sig 0x00a10f12, sig 0x00a10f11, sig 0x00aa0f02; + Update Microcode for 17h family: sig 0x00830f10; None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2023-12-05: + Update Microcode for 19h family: sig 0x00a10f12, sig 0x00a10f11, sig 0x00aa0f02; + Update Microcode for 17h family: sig 0x00830f10;

0 tuxcare-ubuntu16.04-els amd64-microcode_3.20231205.1ubuntu0.16.04.2+tuxcare.els1_amd64.deb 3ee9cf49cb1bfb8106a97d6452fbcae9237fe508 CLSA-2024:1708094944 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb 2179afae7559e44a0a9510713647ce3761f55671 linux-buildinfo-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb 406ba80c60257f7ade5c16608c2ec67fe6538bdb linux-cloud-tools-4.4.0-252-tuxcare.els23_4.4.0-252.286_amd64.deb 64503dded0fed9a2137275aea0b5d329cd1e59d2 linux-cloud-tools-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb cc8cb4cc81e04b9ee07ec3348efb717c91c85a62 linux-cloud-tools-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb af4475957a957cb4f010c00f907d80aff4b025ee linux-cloud-tools-common_4.4.0-252.286_all.deb 30a28a191684e078d3b11800830e6dcba9d87b43 linux-cloud-tools-generic_4.4.0.252.286_amd64.deb 1819f5577d5ba8a49127221db10729221c9c270c linux-cloud-tools-lowlatency_4.4.0.252.286_amd64.deb c5bdbebd48a71a007c5444a72a8616ae8c40d2b9 linux-crashdump_4.4.0.252.286_amd64.deb d62268ff7bc35ca56e7ee5b088b5dfa7246f4ec4 linux-doc_4.4.0-252.286_all.deb e6709aa787577b4de6efc4368af621df08dd04e2 linux-generic_4.4.0.252.286_amd64.deb 3e50e03ffdedbd1d22c41e4c18cffa6eed01a70d linux-headers-4.4.0-252-tuxcare.els23_4.4.0-252.286_all.deb dce3cf0de60dea21e6527d2c2a91379013877fa9 linux-headers-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb d9313cde6d8752f0de6495ccf2f22dfcb9d88a53 linux-headers-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb b24a0672857130b3e7c7de0c7262835f998c1f21 linux-headers-generic_4.4.0.252.286_amd64.deb a9be6987625fc5ce67add380cef4a3623cd5fdc5 linux-headers-lowlatency_4.4.0.252.286_amd64.deb 483b57fae4243811a08aa986333bd37062cd9ce1 linux-image-generic_4.4.0.252.286_amd64.deb 0323956aedf048f9b768406787cc4283e4b9f6be linux-image-lowlatency_4.4.0.252.286_amd64.deb 29619984d891c21ddee99e5cf9d7a0ef127163b8 linux-image-unsigned-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb fa4148a37c4068be13ec26ec908f9e0df836a24a linux-image-unsigned-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb f859b676e3340687b75e10b4fe1a17d33a9015d2 linux-libc-dev_4.4.0-252.286_amd64.deb 25e675ca5a3db8b8b4cc4647f6666b9b3dc6cd87 linux-lowlatency_4.4.0.252.286_amd64.deb 4a0d3c65368971f475ce1dd564ca76abd6bbfe53 linux-modules-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb c9aad0229cf584b1c015511111352e3ae3ff73f8 linux-modules-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb 37a5a3aa6c3954073b7c88ecbc714422541c6b3e linux-modules-extra-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb 4d287df0b94d6040c6809776db52d15a06865fc4 linux-source_4.4.0.252.286_all.deb 5e4b188ba38779aa2cb405811cdf1d35fa539796 linux-source-4.4.0_4.4.0-252.286_all.deb 17b21526ecf9f39191fcd55614a456a47f33ef50 linux-tools-4.4.0-252-tuxcare.els23_4.4.0-252.286_amd64.deb d3f63349ba26460c8f38a53808f30099c1a20e6b linux-tools-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb b975ef5424f036d05d35417779c359bdea374a63 linux-tools-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb b69d0d85883e66635a49c30adf6788090940ebc7 linux-tools-common_4.4.0-252.286_all.deb d2c55fe271c3d3183a103d893d632656d3f6dc07 linux-tools-generic_4.4.0.252.286_amd64.deb bf20f936343098960e97b5104778a180fe18deea linux-tools-host_4.4.0-252.286_all.deb 93066d9ebaf8af6be0c6349f94718fbd6c1cfa34 linux-tools-lowlatency_4.4.0.252.286_amd64.deb 4cb95d8b0b157d2fc1ab3d89eb8dcea93e2e70ec CLSA-2024:1708094049 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb 2179afae7559e44a0a9510713647ce3761f55671 linux-buildinfo-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb 406ba80c60257f7ade5c16608c2ec67fe6538bdb linux-cloud-tools-4.4.0-252-tuxcare.els23_4.4.0-252.286_amd64.deb 64503dded0fed9a2137275aea0b5d329cd1e59d2 linux-cloud-tools-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb cc8cb4cc81e04b9ee07ec3348efb717c91c85a62 linux-cloud-tools-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb af4475957a957cb4f010c00f907d80aff4b025ee linux-cloud-tools-common_4.4.0-252.286_all.deb 30a28a191684e078d3b11800830e6dcba9d87b43 linux-cloud-tools-generic_4.4.0.252.286_amd64.deb 1819f5577d5ba8a49127221db10729221c9c270c linux-cloud-tools-lowlatency_4.4.0.252.286_amd64.deb c5bdbebd48a71a007c5444a72a8616ae8c40d2b9 linux-crashdump_4.4.0.252.286_amd64.deb d62268ff7bc35ca56e7ee5b088b5dfa7246f4ec4 linux-doc_4.4.0-252.286_all.deb e6709aa787577b4de6efc4368af621df08dd04e2 linux-generic_4.4.0.252.286_amd64.deb 3e50e03ffdedbd1d22c41e4c18cffa6eed01a70d linux-headers-4.4.0-252-tuxcare.els23_4.4.0-252.286_all.deb dce3cf0de60dea21e6527d2c2a91379013877fa9 linux-headers-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb d9313cde6d8752f0de6495ccf2f22dfcb9d88a53 linux-headers-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb b24a0672857130b3e7c7de0c7262835f998c1f21 linux-headers-generic_4.4.0.252.286_amd64.deb a9be6987625fc5ce67add380cef4a3623cd5fdc5 linux-headers-lowlatency_4.4.0.252.286_amd64.deb 483b57fae4243811a08aa986333bd37062cd9ce1 linux-image-generic_4.4.0.252.286_amd64.deb 0323956aedf048f9b768406787cc4283e4b9f6be linux-image-lowlatency_4.4.0.252.286_amd64.deb 29619984d891c21ddee99e5cf9d7a0ef127163b8 linux-image-unsigned-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb fa4148a37c4068be13ec26ec908f9e0df836a24a linux-image-unsigned-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb f859b676e3340687b75e10b4fe1a17d33a9015d2 linux-libc-dev_4.4.0-252.286_amd64.deb 25e675ca5a3db8b8b4cc4647f6666b9b3dc6cd87 linux-lowlatency_4.4.0.252.286_amd64.deb 4a0d3c65368971f475ce1dd564ca76abd6bbfe53 linux-modules-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb c9aad0229cf584b1c015511111352e3ae3ff73f8 linux-modules-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb 37a5a3aa6c3954073b7c88ecbc714422541c6b3e linux-modules-extra-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb 4d287df0b94d6040c6809776db52d15a06865fc4 linux-source_4.4.0.252.286_all.deb 5e4b188ba38779aa2cb405811cdf1d35fa539796 linux-source-4.4.0_4.4.0-252.286_all.deb 17b21526ecf9f39191fcd55614a456a47f33ef50 linux-tools-4.4.0-252-tuxcare.els23_4.4.0-252.286_amd64.deb d3f63349ba26460c8f38a53808f30099c1a20e6b linux-tools-4.4.0-252-tuxcare.els23-generic_4.4.0-252.286_amd64.deb b975ef5424f036d05d35417779c359bdea374a63 linux-tools-4.4.0-252-tuxcare.els23-lowlatency_4.4.0-252.286_amd64.deb b69d0d85883e66635a49c30adf6788090940ebc7 linux-tools-common_4.4.0-252.286_all.deb d2c55fe271c3d3183a103d893d632656d3f6dc07 linux-tools-generic_4.4.0.252.286_amd64.deb bf20f936343098960e97b5104778a180fe18deea linux-tools-host_4.4.0-252.286_all.deb 93066d9ebaf8af6be0c6349f94718fbd6c1cfa34 linux-tools-lowlatency_4.4.0.252.286_amd64.deb 4cb95d8b0b157d2fc1ab3d89eb8dcea93e2e70ec CLSA-2024:1708427636 TuxCare License Agreement 0 * SECURITY UPDATE: Use-after-free in xmlValidatePopElement() - debian/patches/CVE-2024-25062.patch: Fix use-after-free if XML Reader when used with DTD validation and XInclude expansion - CVE-2024-25062 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use-after-free in xmlValidatePopElement() - debian/patches/CVE-2024-25062.patch: Fix use-after-free if XML Reader when used with DTD validation and XInclude expansion - CVE-2024-25062

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7_amd64.deb d61836cb6a46d975bdbef230b5154af67940c2ea libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7_amd64.deb 1ef17f13ee55910dedfe9598323017290a4f7d84 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7_all.deb bff6880402ac2dd1acd9b3fb41045623fa4c2d07 libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7_amd64.deb 588e49d2eb099b314899551da730ded66b8c1253 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els7_amd64.deb e954d23f7a355d91315fafbbe36542494d1df075 CLSA-2024:1708427752 TuxCare License Agreement 0 * Fix: possible segfault in the CVE-2023-48795 fix - debian/patches/CVE-2023-48795-post-fix.patch None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fix: possible segfault in the CVE-2023-48795 fix - debian/patches/CVE-2023-48795-post-fix.patch

0 tuxcare-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els6_amd64.deb da05b91b1b17a3997652f8f12a78ed1e5621fe0b openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els6_amd64.deb 436716c3f18fb32254805bcd06407a32ba13c80c openssh-server_7.2p2-4ubuntu2.10+tuxcare.els6_amd64.deb d99b1a29ef9e91c8bb0607530520022ddb79e053 openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els6_amd64.deb 5959d04c227f9a5c75ade2df114a9d810faa8fa2 ssh_7.2p2-4ubuntu2.10+tuxcare.els6_all.deb 5ac23c7f5720973a28c703febfe9b90db9911206 ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els6_amd64.deb 418534a6e2f44d23f6afc400d01225044c0c57cf ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els6_all.deb cc779854d7cc29285d5bac99dc583e22c062a46e CLSA-2024:1709562163 TuxCare License Agreement 0 * SECURITY UPDATE: KeyTrap denial of service vulnerability - debian/patches/CVE-2023-50387-20230-50868.patch: Fix DNSSEC verification complexity issue by updating verification function signatures. - debian/patches/CVE-2023-50387-fix-1.patch: Allow the original CVE-2023-50387 patch to work if multiple threads support is disabled. - debian/patches/CVE-2023-50387-fix-2.patch: Fix a leak. - CVE-2023-50387 - CVE-2023-50868 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: KeyTrap denial of service vulnerability - debian/patches/CVE-2023-50387-20230-50868.patch: Fix DNSSEC verification complexity issue by updating verification function signatures. - debian/patches/CVE-2023-50387-fix-1.patch: Allow the original CVE-2023-50387 patch to work if multiple threads support is disabled. - debian/patches/CVE-2023-50387-fix-2.patch: Fix a leak. - CVE-2023-50387 - CVE-2023-50868

0 tuxcare-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb b9227e6a11f47b8ccefe8fc8f43ba993dd264d02 bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_all.deb 314a3975101f96b55ea28c42af49541ca2812db9 bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 51a7ffd120ebc20a8025dfdb95b4d3a4ebda5b32 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 22f0ca746889441a1307b1b63d0f3c78b585ff30 dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 290eb118a15decb8006afde36352f6d8520f2edd host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_all.deb 0adb0e0fc993c2fc8d3391ccedb21a4a27a6dd22 libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb a398b55259ba51f8cea050b7cf3c6f6c7d7db119 libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb ceab8f8e092195ce22419e0f318d63f8bcf33cbc libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb e0473778a644e22763b20f7ecf09c61aac3c9369 libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb d118d0326c7a668c7f660fa9905e559f98e0e113 libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 3a4d54579a8a68adbd00d694ab3403f5277f6c61 libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 790357ff3e367d4274a9ec27b2c4eea7c83e0bc3 libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 32afd16f76effa50e5f626ec3fc4e96a4cbde7cd libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb c2ca6d284359f88245f1b6da2a13debb3d1fc71a libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 92d856c01f297620872cf78116379e2a8f8f8687 libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 4ab0bf4188dfcae50a14564214b160926947e002 libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb e14fa734301a09d19e3913c8201d7ded2b4c5ee4 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 6026ef960044ebc580658bbf706fe2a6c4478cd6 libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb a7fb46f5bd525d3092e1cb0cea1f17f2a60743cb liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 081317e393fe1fc5dd1d17830a690b2be2ef487b lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els7_amd64.deb 0608aa48725d55cc467153604411212d9f2078d3 CLSA-2024:1709562273 TuxCare License Agreement 0 * SECURITY UPDATE: SMTP smuggling because of <LF>.<CR><LF> support - debian/patches/CVE-2023-51766.patch: reject "dot, LF" as ending data phase. Testcase for "smtp smuggling". - CVE-2023-51766 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: SMTP smuggling because of <LF>.<CR><LF> support - debian/patches/CVE-2023-51766.patch: reject "dot, LF" as ending data phase. Testcase for "smtp smuggling". - CVE-2023-51766

0 tuxcare-ubuntu16.04-els exim4_4.86.2-2ubuntu2.6+tuxcare.els6_all.deb cb450302401429c6eaf53d1db9f246f09d2d8f61 exim4-base_4.86.2-2ubuntu2.6+tuxcare.els6_amd64.deb 2a1e0f95c25c86ebd133116d948a9cad4aabc988 exim4-config_4.86.2-2ubuntu2.6+tuxcare.els6_all.deb a1ff82a8eb5a99b12bdf1e5090705f095b51d2ad exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els6_amd64.deb f7d9db5c22e1ed1271c71070e29fb2ddcd8c04c8 exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els6_amd64.deb 92f97764e5ecb1b7cde15bfa22ef03a00243be68 exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els6_amd64.deb 26d3d97f66ed6fe9117cdcb122be18cef1cc8589 eximon4_4.86.2-2ubuntu2.6+tuxcare.els6_amd64.deb c766307f28f1e9c259b3a9279ead3416f2e84ad5 CLSA-2024:1709562366 TuxCare License Agreement 0 * SECURITY UPDATE: A flaw fixed when the getaddrinfo function may access memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4806.patch: fix the flaw - CVE-2023-4806 * SECURITY UPDATE: In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4813.patch: fix the flaw - CVE-2023-4813 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A flaw fixed when the getaddrinfo function may access memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4806.patch: fix the flaw - CVE-2023-4806 * SECURITY UPDATE: In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4813.patch: fix the flaw - CVE-2023-4813

0 tuxcare-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els6_all.deb 3db2131f186ff5e19acab2e3ac12dd0b18460e3b glibc-source_2.23-0ubuntu11.5+tuxcare.els6_all.deb ed163ffb5df8a05bcff21bb8a51e3dc00e3a506a libc-bin_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb a643f4cf02d5184400ac8568731cd9f56ddb82bc libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 273ced0bd971740f94b632d3e575ec2b924f6d21 libc6_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 7258f16d6d3ed94075c0a319d10fc5c8eed86074 libc6-dev_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 212cd6abe0e35db73ea28b53237a66c78977190f libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 3d3389dfde63155322bdd38ced80072245edfafe libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 7db9105a559659b1d4f28713687556aa538492bd libc6-i386_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 3ee813bb0c50a32e6b7238f50e80396a40305bfb libc6-pic_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 912d2d3c52d5caa19a139a05f70e6b9afd3f1187 libc6-x32_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb d2f8f5f610c98aa3f9f0508286e50c6aa159159e locales_2.23-0ubuntu11.5+tuxcare.els6_all.deb 3bdbc6124097adad1918834b2f793d5768cdbd90 locales-all_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb 6c57f47f5aa9686c0716cf913b97db13c0fc6d73 multiarch-support_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb a068e375405a1d326283afdbd3b143cb574a200d nscd_2.23-0ubuntu11.5+tuxcare.els6_amd64.deb ba874a30e4feaaf6401a61f0a63c05daf1eee111 CLSA-2024:1709562468 TuxCare License Agreement 0 * SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to config_parser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault - debian/patches/CVE-2023-6004-02.patch: allow multiple '@' in usernames - debian/patches/CVE-2023-6004-03.patch: simplify the hostname parsing in ssh_options_set - debian/patches/CVE-2023-6004-04.patch: add function to check allowed characters of a hostname - debian/patches/CVE-2023-6004-05.patch: add test for ssh_check_hostname_syntax - debian/patches/CVE-2023-6004-06.patch: check for valid syntax of a hostname if it is a domain name - debian/patches/CVE-2023-6004-07.patch: add test for proxycommand injection - debian/patches/CVE-2023-6004-08.patch: add test for ssh_is_ipaddr - debian/patches/CVE-2023-6004-09.patch: add ipv6 link-local check for an ip address - debian/patches/CVE-2023-6004-10.patch: add tests for ipv6 link-local - debian/patches/CVE-2023-6004-regression1.patch: fix regression in IPv6 addresses in hostname parsing - debian/patches/CVE-2023-6004-regression2.patch: increase test coverage for IPv6 address parsing as hostnames - CVE-2023-6004 * SECURITY UPDATE: Unchecked return values for digests may cause DoS - debian/patches/CVE-2023-6918-1.patch: systematically check return values when calculating digests - debian/patches/CVE-2023-6918-2.patch: detect context init failures - debian/patches/CVE-2023-6918-3.patch: code coverage for ssh_get_pubkey_hash() - CVE-2023-6918 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to config_parser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault - debian/patches/CVE-2023-6004-02.patch: allow multiple '@' in usernames - debian/patches/CVE-2023-6004-03.patch: simplify the hostname parsing in ssh_options_set - debian/patches/CVE-2023-6004-04.patch: add function to check allowed characters of a hostname - debian/patches/CVE-2023-6004-05.patch: add test for ssh_check_hostname_syntax - debian/patches/CVE-2023-6004-06.patch: check for valid syntax of a hostname if it is a domain name - debian/patches/CVE-2023-6004-07.patch: add test for proxycommand injection - debian/patches/CVE-2023-6004-08.patch: add test for ssh_is_ipaddr - debian/patches/CVE-2023-6004-09.patch: add ipv6 link-local check for an ip address - debian/patches/CVE-2023-6004-10.patch: add tests for ipv6 link-local - debian/patches/CVE-2023-6004-regression1.patch: fix regression in IPv6 addresses in hostname parsing - debian/patches/CVE-2023-6004-regression2.patch: increase test coverage for IPv6 address parsing as hostnames - CVE-2023-6004 * SECURITY UPDATE: Unchecked return values for digests may cause DoS - debian/patches/CVE-2023-6918-1.patch: systematically check return values when calculating digests - debian/patches/CVE-2023-6918-2.patch: detect context init failures - debian/patches/CVE-2023-6918-3.patch: code coverage for ssh_get_pubkey_hash() - CVE-2023-6918

0 tuxcare-ubuntu16.04-els libssh-4_0.6.3-4.3ubuntu0.6+tuxcare.els1_amd64.deb 7663d07aae408e87523e2b56143c35aadc7dff86 libssh-dev_0.6.3-4.3ubuntu0.6+tuxcare.els1_amd64.deb ba0c87366a92d25be72b1690d04bde758ceb4868 libssh-doc_0.6.3-4.3ubuntu0.6+tuxcare.els1_all.deb db15cd41681ceae93d675eb8ff69ca17818ebaa2 libssh-gcrypt-4_0.6.3-4.3ubuntu0.6+tuxcare.els1_amd64.deb 6f95b9b58f0696bce454cc85f05cc9b81ac74039 libssh-gcrypt-dev_0.6.3-4.3ubuntu0.6+tuxcare.els1_amd64.deb 63985f215e124c3c2b852d339ef3d82ebd3dad40 CLSA-2024:1709839661 TuxCare License Agreement 0 * SECURITY UPDATE: Heap use-after-free flaw in coders/bmp.c in ImageMagick - debian/patches/CVE-2023-5341.patch: Check BMP file size to fix ImproperImageHeader caused by poc provided by Hardik Shah of Vehere (Dawn Treaders team) - CVE-2023-5341 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap use-after-free flaw in coders/bmp.c in ImageMagick - debian/patches/CVE-2023-5341.patch: Check BMP file size to fix ImproperImageHeader caused by poc provided by Hardik Shah of Vehere (Dawn Treaders team) - CVE-2023-5341

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb 6df8d865f8d939fe093cdaa0a149f5b80ad30266 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb 5143e008f8fcc3e00890ac5b489b15c4a0a1b7cc imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 50bb306b7c39f7b9bc88066329efaf9c3233ecd9 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 0ef42ca9f371a86ad7947d6541ea0babca6937d3 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 02df7c625d1ee847e1ae0921c253284b13b3dd2b libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb bbff7476ec46b43678e1b2f3eb30012bc74720b9 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb b2a82574d80a5488b1e8d6cedfe8d72f764a6f1a libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb e97894c4dc0a592c6e3490adbfaa3415181a2aa7 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb d9dacd4e4fec0a380b0658905baec6547b696ea4 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb be6005d9475e2d2c3b66cbd20cd1a86494df05df libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb e3e24f2b75ff639d65ecab7332f51214205dd144 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 463347c8c504bc4226e1256ef1527ba3eb43408b libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb 327e1944916d9a65246a8835e266aac293df6fc3 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb c3cf4ded0bf35c3413ee90a6639f60f03b9980f9 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb 52c5425add9c7700401702048aa2c9625eaf414a libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 4b05324e2003b516c60b9ed387b0d48f57ee5b4c libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 5d78713ce7b28e808d26337afad1738382a31a16 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb 651fb0fdfe1ba59b1d8636dc081e5ae098563649 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els10_amd64.deb 261a219e53c4a4ff9732ab86cfb73a3b9dc8ce26 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 508ec76306b5917cf86e90b9b9e6f6aa4fded141 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els10_all.deb 531af5a8a61e5a362db3121973284a8659a524f7 CLSA-2024:1709839769 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of service could be encountered when generating excessively long DH keys or checking excessively long DH keys or parameters. - debian/patches/CVE-2023-5678.patch: Make DH_check_pub_key() and DH_generate_key() safer yet. - CVE-2023-5678. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service could be encountered when generating excessively long DH keys or checking excessively long DH keys or parameters. - debian/patches/CVE-2023-5678.patch: Make DH_check_pub_key() and DH_generate_key() safer yet. - CVE-2023-5678.

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els10_amd64.deb c2ed846c8f6a194212a19d11fa1ef038390d3dab libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els10_all.deb 69b600d26167c3dd38b4e89cf021158af9ee2579 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els10_amd64.deb 09149158f7f5814172deb22da199ff87fab387d1 openssl_1.0.2g-1ubuntu4.21+tuxcare.els10_amd64.deb 1f94fb6b1e23ffb47fb4867ab7747435f8c7674a CLSA-2024:1710436449 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb 0589997141da6068429a95d6f8349f86e2791e83 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb 5fe055822067375e6bd774be64d962b732783f77 squid-common_3.5.12-1ubuntu7.17+tuxcare.els7_all.deb f5039fa0119094c9f9876d31459b8b8f30f40101 squid-purge_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb fe753f18afb73ecceca1ccfffbd80abcba22edf0 squid3_3.5.12-1ubuntu7.17+tuxcare.els7_all.deb 3c9db077ab41630da3a564c187c48ae1bf5542a2 squidclient_3.5.12-1ubuntu7.17+tuxcare.els7_amd64.deb 9845536bd14ec98b298a67b0e962ea33dab36784 CLSA-2024:1710436524 TuxCare License Agreement 0 * SECURITY UPDATE: stack-buffer-overflow in option callback func - debian/patches/CVE-2024-22667.patch: pass size of errbuf down the call stack, use snprintf() instead of sprintf() - CVE-2024-22667 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack-buffer-overflow in option callback func - debian/patches/CVE-2024-22667.patch: pass size of errbuf down the call stack, use snprintf() instead of sprintf() - CVE-2024-22667

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb 7b47cdf145e3ce453b9b07e59422acb47809263b vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb ae188100a9bdb01687ac5644d38fe8e16c0a950e vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb cc37528f2f1bfb0c0074ff5a7e08d41d948b1cfe vim-common_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb f0f32482662485db50bb6f34b11262e3753120c9 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els50_all.deb b58b005de42a258863bd9d7519cc42cedae2ad56 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb 96a92fb18db9c072700b7ce05445f8b6f1712786 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb cd832d90ee865a0eff232b1ba4335f50dd0bb27a vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb bdce4c0a3083519b24f73f0e755ba8660b8f8eb1 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb eb55d1e5ab2ad36e0128f8e755834048daeacf10 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb 4f740eb926cc22c2bd0a464a034bb78176391acf vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb d46134041343526b4808678c741cfb2128eb0d93 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els50_all.deb 8130df3fcdb81fdcb26923c83b0c49affa7140a5 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb e7019fd4e0eca47a02d1d8626e68cc8a303a1907 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb ea67ef59ac6abe15060b83525e914f8acfa9f8a1 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els50_all.deb 1ee7324bc709bf72b39be207bb96a712969e4b33 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els50_amd64.deb 9c919a11a386d160b137520d2601e80acc0bbdcf CLSA-2024:1710786562 TuxCare License Agreement 0 * SECURITY UPDATE: Improper cookie domain verification allows malicious HTTP server to set 'super cookies' in package - debian/control: Build-Depends: add libpsl-dev - debian/patches/CVE-2023-46218.patch: Lowercase domain names before PSL checks to ensure proper comparison - CVE-2023-46218 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper cookie domain verification allows malicious HTTP server to set 'super cookies' in package - debian/control: Build-Depends: add libpsl-dev - debian/patches/CVE-2023-46218.patch: Lowercase domain names before PSL checks to ensure proper comparison - CVE-2023-46218

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb c7c972aedb292425640c93768cf065266080ec62 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb ad308ff5cc6606f7b95610bf63293442553c9478 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb d2fa39051c32f2eb69f3ad85628dd979232a47f4 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb a955bbeced9dd0a716c01d790a3a42d3b3837fcd libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els11_all.deb c188fa5d15bb93fd73bf013ef4d97b6a7e5421c9 libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb 8a3442036ff25f9b5c8b7a698e877eafe4b2385a libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb 311ca09d4e2f4f7943c9e7b244b8841c7d573dec libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els11_amd64.deb 1432a7ef72e6ce8b9ff12507a0df7677df7be53f CLSA-2024:1710786990 TuxCare License Agreement 0 * SECURITY UPDATE: Potential Denial of Service via processing maliciously formatted PKCS12 file - debian/patches/CVE-2024-0727.patch: Fix decode error causing NULL pointer in PKCS12_unpack_p7data, PKCS12_unpack_p7encdata, PKCS12_unpack_authsafes, SMIME_write_PKCS7, pkcs12_gen_mac and newpass_p12 functions - CVE-2024-0727 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Potential Denial of Service via processing maliciously formatted PKCS12 file - debian/patches/CVE-2024-0727.patch: Fix decode error causing NULL pointer in PKCS12_unpack_p7data, PKCS12_unpack_p7encdata, PKCS12_unpack_authsafes, SMIME_write_PKCS7, pkcs12_gen_mac and newpass_p12 functions - CVE-2024-0727

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els11_amd64.deb f5fa1ecd40023e0fb346bed53a6a62759121ac82 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els11_all.deb b2227b34ab92540a3484933591833758dd61b224 libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els11_amd64.deb 3d9cb742525e43a3df48f2d8fdecaabb06134bfb openssl_1.0.2g-1ubuntu4.21+tuxcare.els11_amd64.deb dc9aa384953f3b698634ade68088bd4691ef476f CLSA-2024:1710945589 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666) // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets * Bionic update to 4.15.8 stable release (LP: #1755179) // CVE-url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: don't use inet_shutdown on ppp session destroy - l2tp: fix race in pppol2tp_release with session object destroy * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set * Bionic update: upstream stable patchset 2019-07-29 (LP: #1838349) // CVE- url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Fix debugfs NULL pointer dereference Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666) // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets * Bionic update to 4.15.8 stable release (LP: #1755179) // CVE-url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: don't use inet_shutdown on ppp session destroy - l2tp: fix race in pppol2tp_release with session object destroy * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set * Bionic update: upstream stable patchset 2019-07-29 (LP: #1838349) // CVE- url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Fix debugfs NULL pointer dereference

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 59d23913177859167dc425599ae59d8b2e8111b5 linux-buildinfo-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb 2b29b2b5e578418aba868719409e3d451a28d1f5 linux-cloud-tools-4.4.0-253-tuxcare.els24_4.4.0-253.287_amd64.deb d9857b77900b2a8c9f1c1627bc06aa90b0010875 linux-cloud-tools-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb f5a6d82f5194b03c1c4e54c9aa96dd3b650813dc linux-cloud-tools-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb b96813a6f8e44a5e6635a47d4cb0c5b330d20752 linux-cloud-tools-common_4.4.0-253.287_all.deb 48b2888afe50f3594f18e649f23717e800bd930c linux-cloud-tools-generic_4.4.0.253.287_amd64.deb 19d7252c4830663bc92c0877a9d30cb12d744fc2 linux-cloud-tools-lowlatency_4.4.0.253.287_amd64.deb 7da466174df7ee768112a655a5a9cc375d11365a linux-crashdump_4.4.0.253.287_amd64.deb 84f2508fa17e2d479e14aa9fedc0e4e50169d7ea linux-doc_4.4.0-253.287_all.deb 48553787373abddc97fdddc0c218a89c3a26f0de linux-generic_4.4.0.253.287_amd64.deb a97e489b71c47fd8042a6f3097cb9043b74541ae linux-headers-4.4.0-253-tuxcare.els24_4.4.0-253.287_all.deb f579f8076c9fe495aedb0c7f6cf2b09dbba47c4d linux-headers-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb a0a8f641c30075bfd8db5cda9c6212de3024e772 linux-headers-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb ca19820391c00bdcf6a4ef7f7ad736d369cbd754 linux-headers-generic_4.4.0.253.287_amd64.deb 628154175b4e2308cbca908b80dcfb6b26adf02c linux-headers-lowlatency_4.4.0.253.287_amd64.deb 72e5a9e8a346a352927254528bad6ec5a0da62dc linux-image-generic_4.4.0.253.287_amd64.deb 82e39e806698c8194ee5b02413bbfcf8e4ea9bb9 linux-image-lowlatency_4.4.0.253.287_amd64.deb dc0b0411add9ccafa8a4a13cd97729b76fd3e032 linux-image-unsigned-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 4bf8863d9934848c9e2d800682c60a00486099a2 linux-image-unsigned-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb eb0cfb3bcefeba901c280081d515cf2038e7ef93 linux-libc-dev_4.4.0-253.287_amd64.deb 53448d38e94cd5750ff9986d2e457ccb11536243 linux-lowlatency_4.4.0.253.287_amd64.deb d15b8c7987fde9ebb924b8a1e5e664a922674a37 linux-modules-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 5f64d33c84aba94708ddc4b35b51227d174bd4ee linux-modules-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb f3c9e0b27a101a98c875316e7eb2556125805024 linux-modules-extra-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 166ecb475ce9e09b6e4aebe2218d8c5059b28bed linux-source_4.4.0.253.287_all.deb d578a4fb11433d78699b635367a887db29bb469d linux-source-4.4.0_4.4.0-253.287_all.deb 497d3f5e176196faa7a879b5aab2e2aeb519ac1a linux-tools-4.4.0-253-tuxcare.els24_4.4.0-253.287_amd64.deb fd7d3253641838a16a587e292195a29d53c4c4ce linux-tools-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb a818be0f97ee68cd2b9abc360f9cd7e6ff5eef34 linux-tools-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb a0605fd7ebab337e7a0608369fa058d1d36364df linux-tools-common_4.4.0-253.287_all.deb 84a19e3a11e28b90d7d3602a226b9475b4b3f8a2 linux-tools-generic_4.4.0.253.287_amd64.deb 8db77f07ed6b74ce9d2501f6825e8294fad3fbf3 linux-tools-host_4.4.0-253.287_all.deb b3610eafd343f455c18080efd6e10a8d21c33a0d linux-tools-lowlatency_4.4.0.253.287_amd64.deb d8480865eb387d3350d7081e5d7c62b2c2046c55 CLSA-2024:1710945846 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666) // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets * Bionic update to 4.15.8 stable release (LP: #1755179) // CVE-url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: don't use inet_shutdown on ppp session destroy - l2tp: fix race in pppol2tp_release with session object destroy * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set * Bionic update: upstream stable patchset 2019-07-29 (LP: #1838349) // CVE- url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Fix debugfs NULL pointer dereference None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666) // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets * Bionic update to 4.15.8 stable release (LP: #1755179) // CVE-url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: don't use inet_shutdown on ppp session destroy - l2tp: fix race in pppol2tp_release with session object destroy * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set * Bionic update: upstream stable patchset 2019-07-29 (LP: #1838349) // CVE- url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Fix debugfs NULL pointer dereference

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 59d23913177859167dc425599ae59d8b2e8111b5 linux-buildinfo-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb 2b29b2b5e578418aba868719409e3d451a28d1f5 linux-cloud-tools-4.4.0-253-tuxcare.els24_4.4.0-253.287_amd64.deb d9857b77900b2a8c9f1c1627bc06aa90b0010875 linux-cloud-tools-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb f5a6d82f5194b03c1c4e54c9aa96dd3b650813dc linux-cloud-tools-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb b96813a6f8e44a5e6635a47d4cb0c5b330d20752 linux-cloud-tools-common_4.4.0-253.287_all.deb 48b2888afe50f3594f18e649f23717e800bd930c linux-cloud-tools-generic_4.4.0.253.287_amd64.deb 19d7252c4830663bc92c0877a9d30cb12d744fc2 linux-cloud-tools-lowlatency_4.4.0.253.287_amd64.deb 7da466174df7ee768112a655a5a9cc375d11365a linux-crashdump_4.4.0.253.287_amd64.deb 84f2508fa17e2d479e14aa9fedc0e4e50169d7ea linux-doc_4.4.0-253.287_all.deb 48553787373abddc97fdddc0c218a89c3a26f0de linux-generic_4.4.0.253.287_amd64.deb a97e489b71c47fd8042a6f3097cb9043b74541ae linux-headers-4.4.0-253-tuxcare.els24_4.4.0-253.287_all.deb f579f8076c9fe495aedb0c7f6cf2b09dbba47c4d linux-headers-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb a0a8f641c30075bfd8db5cda9c6212de3024e772 linux-headers-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb ca19820391c00bdcf6a4ef7f7ad736d369cbd754 linux-headers-generic_4.4.0.253.287_amd64.deb 628154175b4e2308cbca908b80dcfb6b26adf02c linux-headers-lowlatency_4.4.0.253.287_amd64.deb 72e5a9e8a346a352927254528bad6ec5a0da62dc linux-image-generic_4.4.0.253.287_amd64.deb 82e39e806698c8194ee5b02413bbfcf8e4ea9bb9 linux-image-lowlatency_4.4.0.253.287_amd64.deb dc0b0411add9ccafa8a4a13cd97729b76fd3e032 linux-image-unsigned-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 4bf8863d9934848c9e2d800682c60a00486099a2 linux-image-unsigned-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb eb0cfb3bcefeba901c280081d515cf2038e7ef93 linux-libc-dev_4.4.0-253.287_amd64.deb 53448d38e94cd5750ff9986d2e457ccb11536243 linux-lowlatency_4.4.0.253.287_amd64.deb d15b8c7987fde9ebb924b8a1e5e664a922674a37 linux-modules-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 5f64d33c84aba94708ddc4b35b51227d174bd4ee linux-modules-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb f3c9e0b27a101a98c875316e7eb2556125805024 linux-modules-extra-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb 166ecb475ce9e09b6e4aebe2218d8c5059b28bed linux-source_4.4.0.253.287_all.deb d578a4fb11433d78699b635367a887db29bb469d linux-source-4.4.0_4.4.0-253.287_all.deb 497d3f5e176196faa7a879b5aab2e2aeb519ac1a linux-tools-4.4.0-253-tuxcare.els24_4.4.0-253.287_amd64.deb fd7d3253641838a16a587e292195a29d53c4c4ce linux-tools-4.4.0-253-tuxcare.els24-generic_4.4.0-253.287_amd64.deb a818be0f97ee68cd2b9abc360f9cd7e6ff5eef34 linux-tools-4.4.0-253-tuxcare.els24-lowlatency_4.4.0-253.287_amd64.deb a0605fd7ebab337e7a0608369fa058d1d36364df linux-tools-common_4.4.0-253.287_all.deb 84a19e3a11e28b90d7d3602a226b9475b4b3f8a2 linux-tools-generic_4.4.0.253.287_amd64.deb 8db77f07ed6b74ce9d2501f6825e8294fad3fbf3 linux-tools-host_4.4.0-253.287_all.deb b3610eafd343f455c18080efd6e10a8d21c33a0d linux-tools-lowlatency_4.4.0.253.287_amd64.deb d8480865eb387d3350d7081e5d7c62b2c2046c55 CLSA-2024:1711492417 TuxCare License Agreement 0 * SECURITY UPDATE: Execution of arbitrary SQL functions as the command issuer because of late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY - debian/patches/CVE-2024-0985.patch: run REFRESH MATERIALIZED VIEW CONCURRENTLY in right security context - CVE-2024-0985 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Execution of arbitrary SQL functions as the command issuer because of late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY - debian/patches/CVE-2024-0985.patch: run REFRESH MATERIALIZED VIEW CONCURRENTLY in right security context - CVE-2024-0985

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 3fca4b733bf3415a8e2104fa4bdeddbcbde1718f libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 957e67b164ec14593ad887f2990603bb57562802 libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 254d5de01f566098b2fe3c4522d4563f0358830a libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 7d0f5eeac7e277d1a1db3997198bbbcafea8a4a6 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb d2a3a31fa53986d3ec1fd859ab3e09c1185e605b libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb e7e3ea194f96cac4d1524b9776bbc5e7d16272d3 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 7d809b0bc8d47d9e63dfbc8aab865ac5e9bc0fea postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 1e40dd49ff8949ec612e34fe868c722b81ce2917 postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 5636bd5bfe008176638e3bbed06ce348d7c759d7 postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_all.deb 53438584dbd8ed7dd7d035933835b02ab0e8f08d postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 3bc710528d68eab2aef6508c6fd97daece7bb251 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 8a9063a48c015db848110856ac0265f5d03fa5c5 postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 3819e0d504d00ed82272741f46a64b710c31a73f postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 3f48b1f975e5df695ffde5822d4f0bb7de09727c postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb 6721217034600e5a8b85dab0a66116dcccb95f3a CLSA-2024:1711564218 TuxCare License Agreement 0 * New upstream 2024a version: - Kazakhstan unifies on UTC+5 beginning 2024-03-01. - Palestine springs forward a week later after Ramadan. - zic no longer pretends to support indefinite-past DST. - localtime no longer mishandles Ciudad Juárez in 2422. * New upstream 2023d version: - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. - Vostok, Antarctica changed time zones on 2023-12-18. - Casey, Antarctica changed time zones five times since 2020. - Code and data fixes for Palestine timestamps starting in 2072. - A new data file zonenow.tab for timestamps starting now. * Install zonenow.tab. * Update make-systemv.patch. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New upstream 2024a version: - Kazakhstan unifies on UTC+5 beginning 2024-03-01. - Palestine springs forward a week later after Ramadan. - zic no longer pretends to support indefinite-past DST. - localtime no longer mishandles Ciudad Juárez in 2422. * New upstream 2023d version: - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. - Vostok, Antarctica changed time zones on 2023-12-18. - Casey, Antarctica changed time zones five times since 2020. - Code and data fixes for Palestine timestamps starting in 2072. - A new data file zonenow.tab for timestamps starting now. * Install zonenow.tab. * Update make-systemv.patch.

0 tuxcare-ubuntu16.04-els tzdata_2024a-0ubuntu0.16.04+tuxcare.els1_all.deb d76cde0f05febcc291785616241407590cd385c1 CLSA-2024:1712671933 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service (blocked login process) via mkfifo - debian/patches-applied/CVE-2024-22365.patch: pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations - CVE-2024-22365 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service (blocked login process) via mkfifo - debian/patches-applied/CVE-2024-22365.patch: pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations - CVE-2024-22365

0 tuxcare-ubuntu16.04-els libpam-cracklib_1.1.8-3.2ubuntu2.3+tuxcare.els2_amd64.deb fd58b27386f5c3e2baa980b27b6532f471414d0d libpam-doc_1.1.8-3.2ubuntu2.3+tuxcare.els2_all.deb d745f46fa9d79cdc63a8e4036853879948b8f0d5 libpam-modules_1.1.8-3.2ubuntu2.3+tuxcare.els2_amd64.deb 184ab1b39a9dcec4efbb5f9387bda6c3f3e02cb4 libpam-modules-bin_1.1.8-3.2ubuntu2.3+tuxcare.els2_amd64.deb 0eeab6aff434f2a86992ee2366c7cbf5d5fdea2a libpam-runtime_1.1.8-3.2ubuntu2.3+tuxcare.els2_all.deb 3e4c94fbf15d295bf5856a59d465637f2926b030 libpam0g_1.1.8-3.2ubuntu2.3+tuxcare.els2_amd64.deb c0de9a8739a6279aa683d767ea62dc0055adc496 libpam0g-dev_1.1.8-3.2ubuntu2.3+tuxcare.els2_amd64.deb d51e3c3ea10b5d697193c9118c435290fd18b4db CLSA-2024:1712836996 TuxCare License Agreement 0 * SECURITY UPDATE: http2: push headers better cleanup - debian/patches/CVE-2024-2398.patch: provide common cleanup method for push headers - CVE-2024-2398 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: http2: push headers better cleanup - debian/patches/CVE-2024-2398.patch: provide common cleanup method for push headers - CVE-2024-2398

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 2b144d97bd42da84237c8bfb0678b212144c17d8 libcurl3_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 3bdf6eba7a4cd0cd9f55dcf4f3b63d613f226513 libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 67bf83ce8e6d8db9787146483bb24688930dad73 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 08bc5cd576e0ebd63561dab5b61704ceb3497bb6 libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els12_all.deb 4c7dd2241bad5af997b0c573e9cfb8d7a9d7940b libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 1e1ce7b796f8ec2c64a8d18b82aed4d325f8a635 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 6c254b1685fd90dcba0c12e394c816ff5d42c14b libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els12_amd64.deb 4fc50cadee92cb7849838e4731dfb563c5b51e4e CLSA-2024:1712837462 TuxCare License Agreement 0 * SECURITY UPDATE: Fix incompatible pointer-to-integer types - debian/patch/CVE-2024-1013.patch: PostgreSQL driver: Fix incompatible pointer-to-integer types. This change is required to avoid a build failure with GCC 14. - CVE-2024-1013 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix incompatible pointer-to-integer types - debian/patch/CVE-2024-1013.patch: PostgreSQL driver: Fix incompatible pointer-to-integer types. This change is required to avoid a build failure with GCC 14. - CVE-2024-1013

0 tuxcare-ubuntu16.04-els libodbc1_2.3.1-4.1+tuxcare.els2_amd64.deb 313a9a92cb71d7362c31e90916fa8e2cad24cf22 odbcinst_2.3.1-4.1+tuxcare.els2_amd64.deb cd877f7752a6f6bf54f1977e9e7060169aab7216 odbcinst1debian2_2.3.1-4.1+tuxcare.els2_amd64.deb 0fd3f31f872dfc00df98dfcb9c5c8f85b178b6c6 unixodbc_2.3.1-4.1+tuxcare.els2_amd64.deb 6f75ccf5d103be3c6e17538098512d1c2af204db unixodbc-dev_2.3.1-4.1+tuxcare.els2_amd64.deb c04eee9d7b61b024c8da3f6f38ecd19b5909c9a7 CLSA-2024:1713523762 TuxCare License Agreement 0 * SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. - CVE-2022-48624 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. - CVE-2022-48624

0 tuxcare-ubuntu16.04-els less_481-2.1ubuntu0.2+tuxcare.els1_amd64.deb d704a3acb0461b66967b2758f734d005e49a62f2 CLSA-2024:1713790844 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration * CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix use-after-free in tw_timer_handler * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46939 - tracing: Restructure trace_clock_global() to never block * CVE-url: https://ubuntu.com/security/CVE-2021-46933 - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // CVE- url: https://ubuntu.com/security/CVE-2021-46924 - NFC: st21nfca: Fix memory leak in device probe and remove * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: convert DVB device types into an enum - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration * CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix use-after-free in tw_timer_handler * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46939 - tracing: Restructure trace_clock_global() to never block * CVE-url: https://ubuntu.com/security/CVE-2021-46933 - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // CVE- url: https://ubuntu.com/security/CVE-2021-46924 - NFC: st21nfca: Fix memory leak in device probe and remove * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: convert DVB device types into an enum - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb a1c18b9c105bb66fb05782ba132ec236f64ca4bd linux-buildinfo-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 01a3296864339e646464dba7b49ee96184af7192 linux-cloud-tools-4.4.0-254-tuxcare.els25_4.4.0-254.288_amd64.deb 5fe2e60505b8b142cc2aa8f46a96303bf8aa3e47 linux-cloud-tools-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb ad1afd710d9769118a9447e5c22fcac3c11c8179 linux-cloud-tools-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb c04211a424038a68f0d8499299ac914f6d5365cf linux-cloud-tools-common_4.4.0-254.288_all.deb b15711e857eb1488f5810afb4e4829b002603b34 linux-cloud-tools-generic_4.4.0.254.288_amd64.deb 4a5fb811bc908ef598f87afd46179019d9c05ecf linux-cloud-tools-lowlatency_4.4.0.254.288_amd64.deb 8799ae952f1f7d910ee59e171cbf1db39a64c4d1 linux-crashdump_4.4.0.254.288_amd64.deb 02b1106b078abc926f99a9f98200b2f402bed76c linux-doc_4.4.0-254.288_all.deb b3e4addf6df5cc3295d624050e4cd14dc0330c6e linux-generic_4.4.0.254.288_amd64.deb 366fdcbf4eca43cfbe43cd2e1645be2f7719ccef linux-headers-4.4.0-254-tuxcare.els25_4.4.0-254.288_all.deb 37af18d43b7b0fcd5da527ee27c21fe52a0e1741 linux-headers-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb cdbd12d1ba7b74650b3d816670aa4b601a556fa4 linux-headers-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 51aa97e12a8c5686538c64f176a6ec47662b15b7 linux-headers-generic_4.4.0.254.288_amd64.deb f5f5bf38452e67c6e443771f0386e2602c1dcdfd linux-headers-lowlatency_4.4.0.254.288_amd64.deb 2c8978553c4d2b0a5fb752564d894aeb0dd28554 linux-image-generic_4.4.0.254.288_amd64.deb fd5b2fd7a50d615d58dacb1160d1b7c0e558aa37 linux-image-lowlatency_4.4.0.254.288_amd64.deb e717b585e675934b36e92d11fe219edbf70c9b72 linux-image-unsigned-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb 2c070910628cbd512f0a557c78fb9856e422f63a linux-image-unsigned-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 9e8d9aa60ab9baf1f50e58d198d5e4ba226f72f6 linux-libc-dev_4.4.0-254.288_amd64.deb a3dabe20e77bcfe2e1b320632b9f47d84e5d13e4 linux-lowlatency_4.4.0.254.288_amd64.deb add60e42c96a24d290efa041357ef2c8f3cc6a38 linux-modules-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb 43d42d22e643327f7accfef56ebd4b1420ceee43 linux-modules-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb e9a2896c6bf47dfe173201ad6a2821dfb552c471 linux-modules-extra-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb b9e829f104890c67349ea90b124243841eb1c950 linux-source_4.4.0.254.288_all.deb 2fe8779463869bae4f9768fc893c5e92b36e56e8 linux-source-4.4.0_4.4.0-254.288_all.deb f8e37177b64cf3b8f125d869fc3521f09633a701 linux-tools-4.4.0-254-tuxcare.els25_4.4.0-254.288_amd64.deb 95e2b32e246201d2d7e584ce2ef8a480eec0a273 linux-tools-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb 86a522bfb64639ae474f6a910173495654c48f1b linux-tools-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 7b3ec1fc82b2d278fab4a8cb948108a5d4aa13a5 linux-tools-common_4.4.0-254.288_all.deb 0476242128f8c3a5ec6295c3eb520602a281265f linux-tools-generic_4.4.0.254.288_amd64.deb e63f8f7be037dde60a28f2e7619b66f58dab343b linux-tools-host_4.4.0-254.288_all.deb 658ea7fced87472dee25ce9a073d059cb1892d20 linux-tools-lowlatency_4.4.0.254.288_amd64.deb 4561ea5f5cc82b5089119e8c90c75de6cabd079b CLSA-2024:1713791075 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration * CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix use-after-free in tw_timer_handler * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46939 - tracing: Restructure trace_clock_global() to never block * CVE-url: https://ubuntu.com/security/CVE-2021-46933 - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // CVE- url: https://ubuntu.com/security/CVE-2021-46924 - NFC: st21nfca: Fix memory leak in device probe and remove * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: convert DVB device types into an enum - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device() None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration * CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix use-after-free in tw_timer_handler * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46939 - tracing: Restructure trace_clock_global() to never block * CVE-url: https://ubuntu.com/security/CVE-2021-46933 - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // CVE- url: https://ubuntu.com/security/CVE-2021-46924 - NFC: st21nfca: Fix memory leak in device probe and remove * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: convert DVB device types into an enum - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb a1c18b9c105bb66fb05782ba132ec236f64ca4bd linux-buildinfo-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 01a3296864339e646464dba7b49ee96184af7192 linux-cloud-tools-4.4.0-254-tuxcare.els25_4.4.0-254.288_amd64.deb 5fe2e60505b8b142cc2aa8f46a96303bf8aa3e47 linux-cloud-tools-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb ad1afd710d9769118a9447e5c22fcac3c11c8179 linux-cloud-tools-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb c04211a424038a68f0d8499299ac914f6d5365cf linux-cloud-tools-common_4.4.0-254.288_all.deb b15711e857eb1488f5810afb4e4829b002603b34 linux-cloud-tools-generic_4.4.0.254.288_amd64.deb 4a5fb811bc908ef598f87afd46179019d9c05ecf linux-cloud-tools-lowlatency_4.4.0.254.288_amd64.deb 8799ae952f1f7d910ee59e171cbf1db39a64c4d1 linux-crashdump_4.4.0.254.288_amd64.deb 02b1106b078abc926f99a9f98200b2f402bed76c linux-doc_4.4.0-254.288_all.deb b3e4addf6df5cc3295d624050e4cd14dc0330c6e linux-generic_4.4.0.254.288_amd64.deb 366fdcbf4eca43cfbe43cd2e1645be2f7719ccef linux-headers-4.4.0-254-tuxcare.els25_4.4.0-254.288_all.deb 37af18d43b7b0fcd5da527ee27c21fe52a0e1741 linux-headers-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb cdbd12d1ba7b74650b3d816670aa4b601a556fa4 linux-headers-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 51aa97e12a8c5686538c64f176a6ec47662b15b7 linux-headers-generic_4.4.0.254.288_amd64.deb f5f5bf38452e67c6e443771f0386e2602c1dcdfd linux-headers-lowlatency_4.4.0.254.288_amd64.deb 2c8978553c4d2b0a5fb752564d894aeb0dd28554 linux-image-generic_4.4.0.254.288_amd64.deb fd5b2fd7a50d615d58dacb1160d1b7c0e558aa37 linux-image-lowlatency_4.4.0.254.288_amd64.deb e717b585e675934b36e92d11fe219edbf70c9b72 linux-image-unsigned-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb 2c070910628cbd512f0a557c78fb9856e422f63a linux-image-unsigned-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 9e8d9aa60ab9baf1f50e58d198d5e4ba226f72f6 linux-libc-dev_4.4.0-254.288_amd64.deb a3dabe20e77bcfe2e1b320632b9f47d84e5d13e4 linux-lowlatency_4.4.0.254.288_amd64.deb add60e42c96a24d290efa041357ef2c8f3cc6a38 linux-modules-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb 43d42d22e643327f7accfef56ebd4b1420ceee43 linux-modules-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb e9a2896c6bf47dfe173201ad6a2821dfb552c471 linux-modules-extra-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb b9e829f104890c67349ea90b124243841eb1c950 linux-source_4.4.0.254.288_all.deb 2fe8779463869bae4f9768fc893c5e92b36e56e8 linux-source-4.4.0_4.4.0-254.288_all.deb f8e37177b64cf3b8f125d869fc3521f09633a701 linux-tools-4.4.0-254-tuxcare.els25_4.4.0-254.288_amd64.deb 95e2b32e246201d2d7e584ce2ef8a480eec0a273 linux-tools-4.4.0-254-tuxcare.els25-generic_4.4.0-254.288_amd64.deb 86a522bfb64639ae474f6a910173495654c48f1b linux-tools-4.4.0-254-tuxcare.els25-lowlatency_4.4.0-254.288_amd64.deb 7b3ec1fc82b2d278fab4a8cb948108a5d4aa13a5 linux-tools-common_4.4.0-254.288_all.deb 0476242128f8c3a5ec6295c3eb520602a281265f linux-tools-generic_4.4.0.254.288_amd64.deb e63f8f7be037dde60a28f2e7619b66f58dab343b linux-tools-host_4.4.0-254.288_all.deb 658ea7fced87472dee25ce9a073d059cb1892d20 linux-tools-lowlatency_4.4.0.254.288_amd64.deb 4561ea5f5cc82b5089119e8c90c75de6cabd079b CLSA-2024:1714066065 TuxCare License Agreement 0 * SECURITY UPDATE: improper handling of user input vulnerability - debian/patches/CVE-2024-3096.patch: Disallow null character in bcrypt password to prevent password_verify from erroneously returning true - CVE-2024-3096 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper handling of user input vulnerability - debian/patches/CVE-2024-3096.patch: Disallow null character in bcrypt password to prevent password_verify from erroneously returning true - CVE-2024-3096

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 2060cfce6e9bd53deb237eee23f7418f140ecc80 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 1fb98d4c0da8fb68fd993db104f1295c6c2cf716 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_all.deb 2dd2b7572a41464c0874a755ef9a606dc9c2af52 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb a81b7efa2e4d29bca59370caeb76aa713e099e3e php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 7ad2ee2d57c891690e4f5143b91be52bebefb8df php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb e0c41dfde970db88aef978cb68802b99031529b4 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 9363c36d794581fac6639c06658dfa2b6765a438 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb cdd59e1703e7db3b6b92d52f9c7fe0926d6cb67f php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb cd5efb1501defd5a5411043e92119472d99d6d08 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 849534c67c0347b1472782e59580f0f14ad3eb18 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 2864d0ef7f0763d6d8371a50abeb6beea6bb2fdc php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb d23521a18bd32de947c81dca15a61bab01f98e04 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 1a8da7f3c02262ace972a72cbd7ca1239e6ce61a php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 03ce32a9ede002bb4a559a49e1ad7591617b3d8b php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb a689d3cc872f49c47a67f2afff43997806fafe09 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 3de0f7c4acf882f585c4714ffb8a8f5f962c5111 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 4c5c201cff1073e8f1ecb7c058fcd16530bdd4f9 php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 9ea2fda3406a577d6fa0f655588ae4bf22fa8b18 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb f3185c61b2b54e8b490b3092ceac638e74bb5c32 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 4b7075b778948ada8313bce2f917329c44cececf php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 932c1e57cc975507c41300f1dc0b9e307cecd01e php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 92ba59196fb6218c3aedbb8339753def0db4f00e php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 55cee6dc7f4deb867448567dba9588f8cf7e4896 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb f367fcd806302d3152f1a7a5a80dbb628c8eb02b php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb b89c174ae8b43797de000418c5735a385b494caf php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb e0f0a2c21e0693bb65fd3f064e0ebf1aa4d8154c php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb c464aaab787f72beaaa2cd0d805f1f655fecb166 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 0851535d404b1a30146694f828a3e8e0d144c0f5 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb f99f758207e45ae6e029fe2c1fc6da573c11b738 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 609ea13de6ab1ca5b45ee088948260a34fede290 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 2a93f111455f86c0993173d03490fd4e27277b6c php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 299b9926df39ca8e3f98d7e43685c209ea277498 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb b33458a1e8a6de9bcdc877792df066ceb0baca8d php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 9f86a51af753dcc87f6eeb708bbcb6232bde60f6 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb b96c8450a264742fdec79ce0473fec2ba6b2318c php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 01cf8a3bcc76be1c755b8a413762e6018265bbf7 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 97ad6664f729b9d02766e70ec1c7ffda53cc195b php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_all.deb b763d09c731e201c51b9925feced96e68b988a50 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els8_amd64.deb 692b463e787c2db8bbf3ba74cd48ecc4d339f31e CLSA-2024:1714073393 TuxCare License Agreement 0 * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47194 - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46955 - openvswitch: fix stack OOB read while fragmenting IPv4 packets * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46966 - ACPI: custom_method: fix potential use-after-free issue * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2019-25162 - i2c: Fix a potential use after free * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-46906 - HID: usbhid: fix info leak in hid_submit_ctrl * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) // CVE- url: https://ubuntu.com/security/CVE-2021-46905 - net: hso: fix NULL-deref on disconnect regression * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE- url: https://ubuntu.com/security/CVE-2021-46904 - net: hso: fix null-ptr-deref during tty device unregistration * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47194 - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46955 - openvswitch: fix stack OOB read while fragmenting IPv4 packets * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46966 - ACPI: custom_method: fix potential use-after-free issue * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2019-25162 - i2c: Fix a potential use after free * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-46906 - HID: usbhid: fix info leak in hid_submit_ctrl * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) // CVE- url: https://ubuntu.com/security/CVE-2021-46905 - net: hso: fix NULL-deref on disconnect regression * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE- url: https://ubuntu.com/security/CVE-2021-46904 - net: hso: fix null-ptr-deref during tty device unregistration * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb a5e934c95cd3d12cf8179b0fa274c07ed8e7bf07 linux-buildinfo-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 45b2aa4d651ffb7bbc805fbe9d8d80b63b485051 linux-cloud-tools-4.4.0-255-tuxcare.els26_4.4.0-255.289_amd64.deb be3a7c8ffd42f29d3dee12b8a4ba1de4a932c172 linux-cloud-tools-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 5eadbcc99550ce4563f546e5ae17bc64f332f526 linux-cloud-tools-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb c96621858c476e85d11e878b6ebe087db9644bb1 linux-cloud-tools-common_4.4.0-255.289_all.deb e759ff3b3031f8622e85a82eb640ed994b477952 linux-cloud-tools-generic_4.4.0.255.289_amd64.deb f77c482d0a081ac93ea6cef1eb2751fd64f6eaf2 linux-cloud-tools-lowlatency_4.4.0.255.289_amd64.deb 86b43cd5aa1fd7741f7d0d861a9a7e3cda6d1e71 linux-crashdump_4.4.0.255.289_amd64.deb 9940dcf9011d0e6230c8fd46eef5cabb7c637735 linux-doc_4.4.0-255.289_all.deb f21ff6bc9fa54f6b88fa9d179de2ddc666ea1f51 linux-generic_4.4.0.255.289_amd64.deb 3b5a7a7a64be42d9a495842afad2e97ed06d45f5 linux-headers-4.4.0-255-tuxcare.els26_4.4.0-255.289_all.deb 7055b48f8bbbdb8df986a76c7cbc710b82e8f3fe linux-headers-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 9603cffcc4d78519e87235b650d120cc17aaaf0b linux-headers-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 0011f37b71fa359941cec0129d7b0d07b9b6070a linux-headers-generic_4.4.0.255.289_amd64.deb 83cb3bac544e3299af2384a955a544b5334834a9 linux-headers-lowlatency_4.4.0.255.289_amd64.deb ad9e37b8c868bd871d8d5713a23b15c66d6cf44c linux-image-generic_4.4.0.255.289_amd64.deb 08105bf213e470145ecadb3951209528074cc621 linux-image-lowlatency_4.4.0.255.289_amd64.deb 52364a6d7aa2d139e1df8889f9293c52011027e6 linux-image-unsigned-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 949d989382e662e74afd26dadf00c60ef4bbceaf linux-image-unsigned-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb a40f346d3fc690cf3076dc8af7847bc697382897 linux-libc-dev_4.4.0-255.289_amd64.deb 4615eee18d133f91e164ed09b879e10643811229 linux-lowlatency_4.4.0.255.289_amd64.deb 42c83fa6d54f6d1ce1560d0f0c9528c115537aff linux-modules-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb b4691fa260f62c0f3a2150bea3b10bfb83787706 linux-modules-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 8fab7b97da66ff87bd501ab57d3406aad46c8018 linux-modules-extra-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb cb91c177701a3a94b4e66b39e74344dc39aefb45 linux-source_4.4.0.255.289_all.deb e1096fdd9608e1956675dbbe91f5de4f5f3f24b2 linux-source-4.4.0_4.4.0-255.289_all.deb 8ca24870b2d7ed6da2be97649e95a23b52353d01 linux-tools-4.4.0-255-tuxcare.els26_4.4.0-255.289_amd64.deb 41d766c8771e8eb8e7b2208ebac3c7c6f8999af7 linux-tools-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 73f91b79c9c7a419fc6ec1a0c9f36f37982f5f2e linux-tools-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 32ccb0b610bdc128b1f4dd8dddf72ecb7b26ea23 linux-tools-common_4.4.0-255.289_all.deb d9b5819c803056ed74649bb80c51565f88540ffe linux-tools-generic_4.4.0.255.289_amd64.deb e89b84c0e827b6ea602e63376cabf00feac8ad04 linux-tools-host_4.4.0-255.289_all.deb b7476b759985177d08a8119d6b73aea298ad8ee4 linux-tools-lowlatency_4.4.0.255.289_amd64.deb 2c638277a66b8c20d9b51e917605518331cd3400 CLSA-2024:1714073581 TuxCare License Agreement 0 * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47194 - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46955 - openvswitch: fix stack OOB read while fragmenting IPv4 packets * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46966 - ACPI: custom_method: fix potential use-after-free issue * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2019-25162 - i2c: Fix a potential use after free * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-46906 - HID: usbhid: fix info leak in hid_submit_ctrl * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) // CVE- url: https://ubuntu.com/security/CVE-2021-46905 - net: hso: fix NULL-deref on disconnect regression * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE- url: https://ubuntu.com/security/CVE-2021-46904 - net: hso: fix null-ptr-deref during tty device unregistration * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47194 - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46955 - openvswitch: fix stack OOB read while fragmenting IPv4 packets * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46966 - ACPI: custom_method: fix potential use-after-free issue * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE- url: https://ubuntu.com/security/CVE-2019-25162 - i2c: Fix a potential use after free * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-46906 - HID: usbhid: fix info leak in hid_submit_ctrl * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) // CVE- url: https://ubuntu.com/security/CVE-2021-46905 - net: hso: fix NULL-deref on disconnect regression * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE- url: https://ubuntu.com/security/CVE-2021-46904 - net: hso: fix null-ptr-deref during tty device unregistration * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb a5e934c95cd3d12cf8179b0fa274c07ed8e7bf07 linux-buildinfo-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 45b2aa4d651ffb7bbc805fbe9d8d80b63b485051 linux-cloud-tools-4.4.0-255-tuxcare.els26_4.4.0-255.289_amd64.deb be3a7c8ffd42f29d3dee12b8a4ba1de4a932c172 linux-cloud-tools-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 5eadbcc99550ce4563f546e5ae17bc64f332f526 linux-cloud-tools-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb c96621858c476e85d11e878b6ebe087db9644bb1 linux-cloud-tools-common_4.4.0-255.289_all.deb e759ff3b3031f8622e85a82eb640ed994b477952 linux-cloud-tools-generic_4.4.0.255.289_amd64.deb f77c482d0a081ac93ea6cef1eb2751fd64f6eaf2 linux-cloud-tools-lowlatency_4.4.0.255.289_amd64.deb 86b43cd5aa1fd7741f7d0d861a9a7e3cda6d1e71 linux-crashdump_4.4.0.255.289_amd64.deb 9940dcf9011d0e6230c8fd46eef5cabb7c637735 linux-doc_4.4.0-255.289_all.deb f21ff6bc9fa54f6b88fa9d179de2ddc666ea1f51 linux-generic_4.4.0.255.289_amd64.deb 3b5a7a7a64be42d9a495842afad2e97ed06d45f5 linux-headers-4.4.0-255-tuxcare.els26_4.4.0-255.289_all.deb 7055b48f8bbbdb8df986a76c7cbc710b82e8f3fe linux-headers-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 9603cffcc4d78519e87235b650d120cc17aaaf0b linux-headers-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 0011f37b71fa359941cec0129d7b0d07b9b6070a linux-headers-generic_4.4.0.255.289_amd64.deb 83cb3bac544e3299af2384a955a544b5334834a9 linux-headers-lowlatency_4.4.0.255.289_amd64.deb ad9e37b8c868bd871d8d5713a23b15c66d6cf44c linux-image-generic_4.4.0.255.289_amd64.deb 08105bf213e470145ecadb3951209528074cc621 linux-image-lowlatency_4.4.0.255.289_amd64.deb 52364a6d7aa2d139e1df8889f9293c52011027e6 linux-image-unsigned-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 949d989382e662e74afd26dadf00c60ef4bbceaf linux-image-unsigned-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb a40f346d3fc690cf3076dc8af7847bc697382897 linux-libc-dev_4.4.0-255.289_amd64.deb 4615eee18d133f91e164ed09b879e10643811229 linux-lowlatency_4.4.0.255.289_amd64.deb 42c83fa6d54f6d1ce1560d0f0c9528c115537aff linux-modules-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb b4691fa260f62c0f3a2150bea3b10bfb83787706 linux-modules-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 8fab7b97da66ff87bd501ab57d3406aad46c8018 linux-modules-extra-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb cb91c177701a3a94b4e66b39e74344dc39aefb45 linux-source_4.4.0.255.289_all.deb e1096fdd9608e1956675dbbe91f5de4f5f3f24b2 linux-source-4.4.0_4.4.0-255.289_all.deb 8ca24870b2d7ed6da2be97649e95a23b52353d01 linux-tools-4.4.0-255-tuxcare.els26_4.4.0-255.289_amd64.deb 41d766c8771e8eb8e7b2208ebac3c7c6f8999af7 linux-tools-4.4.0-255-tuxcare.els26-generic_4.4.0-255.289_amd64.deb 73f91b79c9c7a419fc6ec1a0c9f36f37982f5f2e linux-tools-4.4.0-255-tuxcare.els26-lowlatency_4.4.0-255.289_amd64.deb 32ccb0b610bdc128b1f4dd8dddf72ecb7b26ea23 linux-tools-common_4.4.0-255.289_all.deb d9b5819c803056ed74649bb80c51565f88540ffe linux-tools-generic_4.4.0.255.289_amd64.deb e89b84c0e827b6ea602e63376cabf00feac8ad04 linux-tools-host_4.4.0-255.289_all.deb b7476b759985177d08a8119d6b73aea298ad8ee4 linux-tools-lowlatency_4.4.0.255.289_amd64.deb 2c638277a66b8c20d9b51e917605518331cd3400 CLSA-2024:1714728164 TuxCare License Agreement 0 * SECURITY UPDATE: possible insecure cookie abuse - debian/patches/php-7.3-CVE-2024-2756.patch: fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix - CVE-2024-2756 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible insecure cookie abuse - debian/patches/php-7.3-CVE-2024-2756.patch: fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix - CVE-2024-2756

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 68a13a5af6cf626802fc276895f5c63100aef498 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 0ba5fd3ef67d08ab8c86fd147d8ff12ddf9330a4 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_all.deb 2f996ac88fd1812cd84b057d6b9820f25223a67b php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb bb8d4bef2d0bf817ade1156fa19e13df542dfe64 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 92c49d1b913d3052c43bcdc74e9f2aa5a445d072 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb f7cd2f11d17141b7b7f30498fab908ee23cf4c46 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 9a3c115fd16ed8763aad935e025a01ac6e9aa44a php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 146ba7bf6166fa70d7a302f42414498c9a911efe php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 4600e4ff2dd323e4d577ad89d1a29093515bec38 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 647db5ae6563c9687d89506aa79d3a7fcbd3fdd1 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 3cfe7b689f2d9cb96cb118ccaedfa29b082a687c php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 6a352fa31b1315a259ec707b81209c28e841a17f php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb a4d73a9740fb31249ad0b4274b4c81538636c5f6 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 777d4e93103c8edbade104cd09dc7f650c2f5a16 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 752ec0900345ad9bf3578a57d8bc6a68c1146aae php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 6f5288830cc2f1f036c169bdd3c85c137a7f6739 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 134462b23a1acafad23bf2d455c7cb0c646c876f php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb a6627be4763e45952c5c552a008e882ad3a485ef php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb e4273895fb6a59733a5c0d7507607045abf1cbef php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb f2bd4876af6463497446ad6da6b5e232158289cb php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 1cc51ccf3da223cd87f4e2244c1a809d96717c62 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 02902c00255ce69227a67e468f371f3e408e5394 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb eb50549a3145c271083b96b26585a11a686811bb php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 8074ea146a5edc384ccacea4d92759e9e595d697 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 49a069b15c510dfeb7f6393716c5475e6aef53f2 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb a0a6b4e488c5fe9132756d6bc1caca07d6bf3119 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb b192b8709dafbb7cf32bd0c2200f6fe1fe9b3e76 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 69d0e2be41c31087ddfe28cc82dc64dc43609990 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 78562f55dba9beaeb8a3039683fa9e02f9299add php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 77cf75151c4da5c636d2bdb9dc0f073cb32f2f37 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 7fe17fb17af2a19078e615d0f58e9587641c826b php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb b4976a2a48e5284db9cf39fe3a266865a466bc28 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 2266562b20fcf616f7e524dfcb16fc10b1457256 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb fb97e8dfbad9d66a75fe6f79c9391de6b63a65c8 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 41cf6427ea8cd30ef8523647f018e07e974037b0 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb b44ad3d8311293e02371d9496015c2278b02ebcc php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 3d426e4df0e1f03499013a02e3bf6e422caf5585 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_all.deb 4b773918ba2994a8e37d5d2887b060d1575f746c php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els9_amd64.deb 3762bcde5ce7ce3dae567556ac3f91cd4051f7cf CLSA-2024:1715673753 TuxCare License Agreement 0 * SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487

0 tuxcare-ubuntu16.04-els less_481-2.1ubuntu0.2+tuxcare.els2_amd64.deb 0571a64717516221eecb29dbfbbf348e4a69862c CLSA-2024:1716269479 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix possible use-after-free in smsc75xx_bind * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix memory leak in smsc75xx_bind * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - linux/kernel.h: Add ALIGN_DOWN macro - pstore: Make ramoops_init_przs generic for other prz arrays - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2022-48659 - mm/slub: fix to return errno if kmalloc() fails * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * Bionic update: upstream stable patchset 2019-07-19 (LP: #1837257) // CVE- url: https://ubuntu.com/security/CVE-2024-26882 - ip: validate header length on virtual device xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix possible use-after-free in smsc75xx_bind * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix memory leak in smsc75xx_bind * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - linux/kernel.h: Add ALIGN_DOWN macro - pstore: Make ramoops_init_przs generic for other prz arrays - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2022-48659 - mm/slub: fix to return errno if kmalloc() fails * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * Bionic update: upstream stable patchset 2019-07-19 (LP: #1837257) // CVE- url: https://ubuntu.com/security/CVE-2024-26882 - ip: validate header length on virtual device xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 0d1339bf83411568801a79fc82c0bf426be4789d linux-buildinfo-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 6def5fa67d05752c14fb36a0453f1fd9e64b1f84 linux-cloud-tools-4.4.0-256-tuxcare.els27_4.4.0-256.290_amd64.deb 751ec5fd75ec993f6c542a20234087019b25868e linux-cloud-tools-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb ad1b577272b39fd1518f7b9f7d0c0e6557789f9a linux-cloud-tools-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 6bd9da1e672c98d4f921baed6d95faf3e3f754a3 linux-cloud-tools-common_4.4.0-256.290_all.deb 21e87da2ab63cc9b603bbd8c0cc4766e2a4a0288 linux-cloud-tools-generic_4.4.0.256.290_amd64.deb 733180fbfdc58d9a97dca1d28bfd94e5ea85737d linux-cloud-tools-lowlatency_4.4.0.256.290_amd64.deb 2851be57a2768c4a47adea8cecefa7b2889503f4 linux-crashdump_4.4.0.256.290_amd64.deb 5607a2d2032e22179be27c76ed6344842e5292c2 linux-doc_4.4.0-256.290_all.deb 3d52b0f37276e7e3ca67e8157985878d8103fe98 linux-generic_4.4.0.256.290_amd64.deb 781cc7d7f9d9678260db6ad027ff52fcc424ba06 linux-headers-4.4.0-256-tuxcare.els27_4.4.0-256.290_all.deb 453484c4a3e1725e1252832b506d0d6001b668ca linux-headers-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 56e2e4400eabd3a17f7a0e9cca34c7b41d5371e1 linux-headers-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 1994a04ae659446d709281269135b0325635f8b3 linux-headers-generic_4.4.0.256.290_amd64.deb b5534da2ecffd78e3eca0cf8a9ca673230fa8382 linux-headers-lowlatency_4.4.0.256.290_amd64.deb 99c6755a18a2e120e190a502658e6ead9f35f996 linux-image-generic_4.4.0.256.290_amd64.deb 207dd21bd0b2dc9f05d41b25d297265418cd83ce linux-image-lowlatency_4.4.0.256.290_amd64.deb 371301a929f3a35372b8492bd0d11209f3ec9b4e linux-image-unsigned-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 06dcd9ced38bcdba38bef9795e2a3946c5c8eccd linux-image-unsigned-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 6950ea743eb5a6ab86d6ce95d4f2b2edd0bab4d3 linux-libc-dev_4.4.0-256.290_amd64.deb c443592e1c6159e2b14322d316bc722d1f679150 linux-lowlatency_4.4.0.256.290_amd64.deb 7074ba1c0d2b93f6984ca50ef9cd7dd0adef77e9 linux-modules-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 712bd0cc707fb46d1a842da2882efccfe07b9a46 linux-modules-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 52546b569ac17e7c49ef656f908baa8189b13908 linux-modules-extra-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb de3000a67a46159c6696d12551d7f35e5c79929c linux-source_4.4.0.256.290_all.deb 50536eadcc6d84e62a03773014a82743f0acfc4b linux-source-4.4.0_4.4.0-256.290_all.deb 0aa3e5d01e70cdd0ca6c19a8c33dede0ccfca06d linux-tools-4.4.0-256-tuxcare.els27_4.4.0-256.290_amd64.deb ca32e60de99762d5d2bab55a0e8e2ac4f852f4f9 linux-tools-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb d9b4ab57deb92c44e3b28666aaaf41783b82fba0 linux-tools-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb f38abca6c4e17be8e75d5bd846e27cfe06fe9d4c linux-tools-common_4.4.0-256.290_all.deb 9ba67f20fedb1d63c3af17eb654e21e612be81bb linux-tools-generic_4.4.0.256.290_amd64.deb 00dfb75aa2021509bfd5ed1a204b9a4b301f2288 linux-tools-host_4.4.0-256.290_all.deb 9c7af7d816c7e333edbbdd5bec8325f566c13545 linux-tools-lowlatency_4.4.0.256.290_amd64.deb dd4bd08d5aab3f2f33748310f04730d2b896da0a CLSA-2024:1716269925 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix possible use-after-free in smsc75xx_bind * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix memory leak in smsc75xx_bind * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - linux/kernel.h: Add ALIGN_DOWN macro - pstore: Make ramoops_init_przs generic for other prz arrays - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2022-48659 - mm/slub: fix to return errno if kmalloc() fails * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * Bionic update: upstream stable patchset 2019-07-19 (LP: #1837257) // CVE- url: https://ubuntu.com/security/CVE-2024-26882 - ip: validate header length on virtual device xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix possible use-after-free in smsc75xx_bind * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix memory leak in smsc75xx_bind * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - linux/kernel.h: Add ALIGN_DOWN macro - pstore: Make ramoops_init_przs generic for other prz arrays - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2022-48659 - mm/slub: fix to return errno if kmalloc() fails * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * Bionic update: upstream stable patchset 2019-07-19 (LP: #1837257) // CVE- url: https://ubuntu.com/security/CVE-2024-26882 - ip: validate header length on virtual device xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 0d1339bf83411568801a79fc82c0bf426be4789d linux-buildinfo-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 6def5fa67d05752c14fb36a0453f1fd9e64b1f84 linux-cloud-tools-4.4.0-256-tuxcare.els27_4.4.0-256.290_amd64.deb 751ec5fd75ec993f6c542a20234087019b25868e linux-cloud-tools-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb ad1b577272b39fd1518f7b9f7d0c0e6557789f9a linux-cloud-tools-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 6bd9da1e672c98d4f921baed6d95faf3e3f754a3 linux-cloud-tools-common_4.4.0-256.290_all.deb 21e87da2ab63cc9b603bbd8c0cc4766e2a4a0288 linux-cloud-tools-generic_4.4.0.256.290_amd64.deb 733180fbfdc58d9a97dca1d28bfd94e5ea85737d linux-cloud-tools-lowlatency_4.4.0.256.290_amd64.deb 2851be57a2768c4a47adea8cecefa7b2889503f4 linux-crashdump_4.4.0.256.290_amd64.deb 5607a2d2032e22179be27c76ed6344842e5292c2 linux-doc_4.4.0-256.290_all.deb 3d52b0f37276e7e3ca67e8157985878d8103fe98 linux-generic_4.4.0.256.290_amd64.deb 781cc7d7f9d9678260db6ad027ff52fcc424ba06 linux-headers-4.4.0-256-tuxcare.els27_4.4.0-256.290_all.deb 453484c4a3e1725e1252832b506d0d6001b668ca linux-headers-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 56e2e4400eabd3a17f7a0e9cca34c7b41d5371e1 linux-headers-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 1994a04ae659446d709281269135b0325635f8b3 linux-headers-generic_4.4.0.256.290_amd64.deb b5534da2ecffd78e3eca0cf8a9ca673230fa8382 linux-headers-lowlatency_4.4.0.256.290_amd64.deb 99c6755a18a2e120e190a502658e6ead9f35f996 linux-image-generic_4.4.0.256.290_amd64.deb 207dd21bd0b2dc9f05d41b25d297265418cd83ce linux-image-lowlatency_4.4.0.256.290_amd64.deb 371301a929f3a35372b8492bd0d11209f3ec9b4e linux-image-unsigned-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 06dcd9ced38bcdba38bef9795e2a3946c5c8eccd linux-image-unsigned-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 6950ea743eb5a6ab86d6ce95d4f2b2edd0bab4d3 linux-libc-dev_4.4.0-256.290_amd64.deb c443592e1c6159e2b14322d316bc722d1f679150 linux-lowlatency_4.4.0.256.290_amd64.deb 7074ba1c0d2b93f6984ca50ef9cd7dd0adef77e9 linux-modules-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb 712bd0cc707fb46d1a842da2882efccfe07b9a46 linux-modules-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb 52546b569ac17e7c49ef656f908baa8189b13908 linux-modules-extra-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb de3000a67a46159c6696d12551d7f35e5c79929c linux-source_4.4.0.256.290_all.deb 50536eadcc6d84e62a03773014a82743f0acfc4b linux-source-4.4.0_4.4.0-256.290_all.deb 0aa3e5d01e70cdd0ca6c19a8c33dede0ccfca06d linux-tools-4.4.0-256-tuxcare.els27_4.4.0-256.290_amd64.deb ca32e60de99762d5d2bab55a0e8e2ac4f852f4f9 linux-tools-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb d9b4ab57deb92c44e3b28666aaaf41783b82fba0 linux-tools-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb f38abca6c4e17be8e75d5bd846e27cfe06fe9d4c linux-tools-common_4.4.0-256.290_all.deb 9ba67f20fedb1d63c3af17eb654e21e612be81bb linux-tools-generic_4.4.0.256.290_amd64.deb 00dfb75aa2021509bfd5ed1a204b9a4b301f2288 linux-tools-host_4.4.0-256.290_all.deb 9c7af7d816c7e333edbbdd5bec8325f566c13545 linux-tools-lowlatency_4.4.0.256.290_amd64.deb dd4bd08d5aab3f2f33748310f04730d2b896da0a CLSA-2024:1716272474 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintentional freeing in TRACE request handler - CVE-2023-49288 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintentional freeing in TRACE request handler - CVE-2023-49288

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els8_amd64.deb ebfcea674cbc22cc655dbe561ba967259c104ad4 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els8_amd64.deb 838bae7f09e9e42912e829fcb6d04f5ea86b6711 squid-common_3.5.12-1ubuntu7.17+tuxcare.els8_all.deb cf46920439ad33717698e9533f3c483c017dd7d9 squid-purge_3.5.12-1ubuntu7.17+tuxcare.els8_amd64.deb 83b551681873687cb91a86d9d845d8497ea80a01 squid3_3.5.12-1ubuntu7.17+tuxcare.els8_all.deb 55bae65a3c5f358a2045758397fedab039d61e90 squidclient_3.5.12-1ubuntu7.17+tuxcare.els8_amd64.deb 17e7a5619bacc06c29fb3329c3bdef38cb9baddf CLSA-2024:1716980150 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fixup disc_mutex handling - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fixup disc_mutex handling - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb bfc07c59a9caca58c9e230c729439b7e0f39f1cd linux-buildinfo-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 74fdfe82103e1361be1b85c9f0429a2d798f62d3 linux-cloud-tools-4.4.0-257-tuxcare.els28_4.4.0-257.291_amd64.deb faf1baba60316b9773d95eb29d16956cb0150643 linux-cloud-tools-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb 2f7c9f6409b147c36bd6fa8d2fdce2bf93dbfcf2 linux-cloud-tools-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 3fad63603b5ac6c6d9a810e61326dee5c6ec4b9a linux-cloud-tools-common_4.4.0-257.291_all.deb 7954c05cc27760fb182e53bea2ad523319be5a09 linux-cloud-tools-generic_4.4.0.257.291_amd64.deb 91320b05b4384806bcdcaefcba1978299cda8c23 linux-cloud-tools-lowlatency_4.4.0.257.291_amd64.deb 179479a1e9f30509e15530bf77360d956b62faf2 linux-crashdump_4.4.0.257.291_amd64.deb 66f95d8a2f983b80b952b443d808338bc5c62b85 linux-doc_4.4.0-257.291_all.deb c3ff71a36906cd7b8cb317019b27b82f2895e3dc linux-generic_4.4.0.257.291_amd64.deb 1dd1a31b2ac3b7dfded5507f4862ea7b372bacfc linux-headers-4.4.0-257-tuxcare.els28_4.4.0-257.291_all.deb 6da32e89bec5d904b372682bc4f4fb0dffb2efc0 linux-headers-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb 2b124361092f0ddf7a3c017eac53f3ce5b1aad3d linux-headers-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb b289af2706b59fac20e08c5dc659234c371dc086 linux-headers-generic_4.4.0.257.291_amd64.deb 6f684826da4598dc1986958b8b51c3e990e4d23b linux-headers-lowlatency_4.4.0.257.291_amd64.deb 7eeae4f4b676322907984de8a95c327eeccd3455 linux-image-generic_4.4.0.257.291_amd64.deb b85027ddefb187ae43a448fe433edbd4c7b2faee linux-image-lowlatency_4.4.0.257.291_amd64.deb 8e1e50c13eace0ae8fc5dd60b298d2d18b58215c linux-image-unsigned-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb b84d20f487d6d24e2a23f62b8c65021e4ac1777a linux-image-unsigned-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 8ccd2e00cee0e6b042d0a38ebe7e24bca4680961 linux-libc-dev_4.4.0-257.291_amd64.deb ab659b80dfa214ae5e88bc395ac9cdb7f898576a linux-lowlatency_4.4.0.257.291_amd64.deb e18589f5385bde62b95cdc6afbb28d23692aef47 linux-modules-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb de9117f2a614332526d90fd144f585e6a3652d4f linux-modules-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 11916d4ca9d14887fc050c8a18aff63095ed364d linux-modules-extra-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb 1200d6ffc90caafd8ac7a0175d7592a5d56db051 linux-source_4.4.0.257.291_all.deb 7f25a8a4b2a6aa7426355461a233c48b2536af9d linux-source-4.4.0_4.4.0-257.291_all.deb 2cb480399a47a67fe948db73e0cd08a8a2a3ead2 linux-tools-4.4.0-257-tuxcare.els28_4.4.0-257.291_amd64.deb 4ec887cc3cc49f7b25cf5f4ecc9aa791042ee8c3 linux-tools-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb be361d9e4cffd63fda471c31ac2dd5b87996e8ec linux-tools-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 0c64c9166e45565818f1f4a6b8ed202a65049a89 linux-tools-common_4.4.0-257.291_all.deb f84a78ab9397abfa70830a1d232870f3ee04a074 linux-tools-generic_4.4.0.257.291_amd64.deb 990d5633cfbf6fbffbe0d55c894a42b679b29514 linux-tools-host_4.4.0-257.291_all.deb ba561ffaf06e7fa17342a88c67c188f3fd335b77 linux-tools-lowlatency_4.4.0.257.291_amd64.deb a4b1f1b14597d24841ea65a4298fd5867a1d343b CLSA-2024:1716980332 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fixup disc_mutex handling - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fixup disc_mutex handling - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb bfc07c59a9caca58c9e230c729439b7e0f39f1cd linux-buildinfo-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 74fdfe82103e1361be1b85c9f0429a2d798f62d3 linux-cloud-tools-4.4.0-257-tuxcare.els28_4.4.0-257.291_amd64.deb faf1baba60316b9773d95eb29d16956cb0150643 linux-cloud-tools-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb 2f7c9f6409b147c36bd6fa8d2fdce2bf93dbfcf2 linux-cloud-tools-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 3fad63603b5ac6c6d9a810e61326dee5c6ec4b9a linux-cloud-tools-common_4.4.0-257.291_all.deb 7954c05cc27760fb182e53bea2ad523319be5a09 linux-cloud-tools-generic_4.4.0.257.291_amd64.deb 91320b05b4384806bcdcaefcba1978299cda8c23 linux-cloud-tools-lowlatency_4.4.0.257.291_amd64.deb 179479a1e9f30509e15530bf77360d956b62faf2 linux-crashdump_4.4.0.257.291_amd64.deb 66f95d8a2f983b80b952b443d808338bc5c62b85 linux-doc_4.4.0-257.291_all.deb c3ff71a36906cd7b8cb317019b27b82f2895e3dc linux-generic_4.4.0.257.291_amd64.deb 1dd1a31b2ac3b7dfded5507f4862ea7b372bacfc linux-headers-4.4.0-257-tuxcare.els28_4.4.0-257.291_all.deb 6da32e89bec5d904b372682bc4f4fb0dffb2efc0 linux-headers-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb 2b124361092f0ddf7a3c017eac53f3ce5b1aad3d linux-headers-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb b289af2706b59fac20e08c5dc659234c371dc086 linux-headers-generic_4.4.0.257.291_amd64.deb 6f684826da4598dc1986958b8b51c3e990e4d23b linux-headers-lowlatency_4.4.0.257.291_amd64.deb 7eeae4f4b676322907984de8a95c327eeccd3455 linux-image-generic_4.4.0.257.291_amd64.deb b85027ddefb187ae43a448fe433edbd4c7b2faee linux-image-lowlatency_4.4.0.257.291_amd64.deb 8e1e50c13eace0ae8fc5dd60b298d2d18b58215c linux-image-unsigned-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb b84d20f487d6d24e2a23f62b8c65021e4ac1777a linux-image-unsigned-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 8ccd2e00cee0e6b042d0a38ebe7e24bca4680961 linux-libc-dev_4.4.0-257.291_amd64.deb ab659b80dfa214ae5e88bc395ac9cdb7f898576a linux-lowlatency_4.4.0.257.291_amd64.deb e18589f5385bde62b95cdc6afbb28d23692aef47 linux-modules-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb de9117f2a614332526d90fd144f585e6a3652d4f linux-modules-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 11916d4ca9d14887fc050c8a18aff63095ed364d linux-modules-extra-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb 1200d6ffc90caafd8ac7a0175d7592a5d56db051 linux-source_4.4.0.257.291_all.deb 7f25a8a4b2a6aa7426355461a233c48b2536af9d linux-source-4.4.0_4.4.0-257.291_all.deb 2cb480399a47a67fe948db73e0cd08a8a2a3ead2 linux-tools-4.4.0-257-tuxcare.els28_4.4.0-257.291_amd64.deb 4ec887cc3cc49f7b25cf5f4ecc9aa791042ee8c3 linux-tools-4.4.0-257-tuxcare.els28-generic_4.4.0-257.291_amd64.deb be361d9e4cffd63fda471c31ac2dd5b87996e8ec linux-tools-4.4.0-257-tuxcare.els28-lowlatency_4.4.0-257.291_amd64.deb 0c64c9166e45565818f1f4a6b8ed202a65049a89 linux-tools-common_4.4.0-257.291_all.deb f84a78ab9397abfa70830a1d232870f3ee04a074 linux-tools-generic_4.4.0.257.291_amd64.deb 990d5633cfbf6fbffbe0d55c894a42b679b29514 linux-tools-host_4.4.0-257.291_all.deb ba561ffaf06e7fa17342a88c67c188f3fd335b77 linux-tools-lowlatency_4.4.0.257.291_amd64.deb a4b1f1b14597d24841ea65a4298fd5867a1d343b CLSA-2024:1717691587 TuxCare License Agreement 0 * SECURITY UPDATE: buffer overflow in iconv() function when converting to ISO-2022-CN-EXT character set - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences - CVE-2024-2961 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer overflow in iconv() function when converting to ISO-2022-CN-EXT character set - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences - CVE-2024-2961

0 tuxcare-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els7_all.deb c1aa96eb41c6771ab3128536a29adb0577af9d6e glibc-source_2.23-0ubuntu11.5+tuxcare.els7_all.deb a2869fb373d1b1e62b6ad7d071b8d9e5c1ae0840 libc-bin_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb 24b744acf446a6d3e18761875e7edf1121aac250 libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb d5b59caefaa17dc4c52076c441683987ed756c41 libc6_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb bb6b8f76a189b75d8bc074187702e1473dec0159 libc6-dev_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb 15e3582e3f45a3891ef1970d9c58d0aff3baedc5 libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb 59c0a78f6d49285e046b0cdca5c3fe4fc72dd79f libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb 58a174f7d0c3e785d363e3fdcb284ce4c3c2da45 libc6-i386_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb dcc854bd9707141271c100dcf00ea8b3b7faa86a libc6-pic_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb 555150f142645b0216157e5495bed61bf319b0d4 libc6-x32_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb 2e3a7ee4e370393ee14a1d9c995fecd0d3245a09 locales_2.23-0ubuntu11.5+tuxcare.els7_all.deb fed07b549661a6ff3b3d9e3233522f12bbc01393 locales-all_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb b5a16edd671a5af2e0f84e765456160a395e8355 multiarch-support_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb dbea14caa53c356ae53de9f4fb0e4547ecb17da1 nscd_2.23-0ubuntu11.5+tuxcare.els7_amd64.deb ae2646ea7a948aa1d25c57a4d1303924a0f7a85a CLSA-2024:1718202753 TuxCare License Agreement 0 * SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016-2.patch: ps: extended fix of the CVE-2023-4016 - fix possible buffer overflow in -C option. - CVE-2023-4016 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016-2.patch: ps: extended fix of the CVE-2023-4016 - fix possible buffer overflow in -C option. - CVE-2023-4016

0 tuxcare-ubuntu16.04-els libprocps4_3.3.10-4ubuntu2.5+tuxcare.els2_amd64.deb e7a0beff212ed0d9bb404fd936fbcb9f9365c6de libprocps4-dev_3.3.10-4ubuntu2.5+tuxcare.els2_amd64.deb 4a8b568f364795d2ec5ab4133216b2eed4f885b0 procps_3.3.10-4ubuntu2.5+tuxcare.els2_amd64.deb a80bb4650c36f96b7da473c96e9f402ede92b0c4 CLSA-2024:1718789388 TuxCare License Agreement 0 * SECURITY UPDATE: filter bypass in filter_var FILTER_VALIDATE_URL - debian/patches/CVE-2024-5458.patch: Fix validation of ipv6 hostname to check all conditions and extract condition to separate function - CVE-2024-5458 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: filter bypass in filter_var FILTER_VALIDATE_URL - debian/patches/CVE-2024-5458.patch: Fix validation of ipv6 hostname to check all conditions and extract condition to separate function - CVE-2024-5458

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 23add9ef3377e51fb7a9f6d465e7771a63622637 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb b97ea4a0756f58d1564c53f1674bca5b0893a9ff php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_all.deb 0854d23fc8ccaf14a273ef36bcfbbeb644b16905 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb c561324c4ebdd8f5ad2669859d14ce47932e3b4c php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb f87f1de76257e4f2b9ce3986265c44890160a03e php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 200db43a27fb56a5ea7f772e100c9541ce4a3ba8 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb ab7724a6284e7cbc6fc0599a04a696897fd8b311 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 06aab3dcdda954df6d933d2b7368ff3a713f2960 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 09ed3d610fed2e3a0bdc3c1d5cd645cd120af222 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 98baa0b570c9ca5a3de46e68b1b24a6f6a31574a php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 04ea538c228a4d1bf1c12701d7c61745f40c988b php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 402dd0e2efea73205dad02e2df0b8257e27ed858 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb f83dd826950acc668c13df501ae48ed4fe5c2d31 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 2cbe0ba159bb477d2cff0f86844d8a7047303c03 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 91100ecd31e38d4ab475b95fb15965d0066d3639 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 40030af08ed1312469ba3a81781284cfd132af81 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 1dd6849cb9acccaa07e1c697a06a06c110758af6 php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 9a74d6243f7f782698997c18e7e7d9602fc9f57a php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb dee50d3982e0ce5c2db6c80012a3093e96f541d9 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 342e669527b7e2d0a5dfc4bae319b04586bfcf38 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb e2a0075369c5437dd41e5bd82b86af40f9c4ca2d php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb d42d9f5b6893689bf263d7432d06bafa4dbc675d php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 456f8f793a75d4777aae63e191760fa615ef9126 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 5b1aa52cf885c9183f9dae7af3f306f456f6047b php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb bd3d1b9f37a1fa557a6e351cb01fb91f807b0ee0 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 687da6da94b328062592f6197f3a191e1fc083f7 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb d557090b0306b5bf2e78e32f830e00dc8addb97c php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 5189ea7a7eb5e3498dae40db0d88d934bb1eb084 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 2a242581419bd9282380b8f26237111358ceae51 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 13761ef97f6d8e62cee637468dc40fbf72c88a63 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 7fbd51d15dd3e0f7504ad8df3739550e4af3bb2c php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 8727b95e6f1fb42d7ed7293b0344dfd6d367752d php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 627a9179eeef4d16275ffc81fe8865ef5b1b81e2 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 63137e2e81aced807415f8efe95dd238898a0624 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 929361cef606d490da1cb2747bfd13d25eb85968 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb ec5ca218fb63ac98b41484dcdfce13326ba4c303 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb e46c0393c3229bec1ce65b358b5e1593e09e2f9c php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_all.deb 1a58c15487ea118d21824bb72a3bd16b57b5c8cb php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els10_amd64.deb 7053b5591cfca63ab065ba2aea57709b5aecbe46 CLSA-2024:1718973513 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() * CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * CVE-url: https://ubuntu.com/security/CVE-2021-47571 - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() * CVE-url: https://ubuntu.com/security/CVE-2021-47521 - can: sja1000: fix use after free in ems_pcmcia_add_card() * CVE-url: https://ubuntu.com/security/CVE-2021-47520 - can: pch_can: pch_can_rx_normal: fix use after free * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-27405 - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() * CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * CVE-url: https://ubuntu.com/security/CVE-2021-47571 - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() * CVE-url: https://ubuntu.com/security/CVE-2021-47521 - can: sja1000: fix use after free in ems_pcmcia_add_card() * CVE-url: https://ubuntu.com/security/CVE-2021-47520 - can: pch_can: pch_can_rx_normal: fix use after free * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-27405 - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb f5e121ce8a970a1ea74e7ea568452edd13771d38 linux-buildinfo-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 02521552fcad7996785718f6888f2246740ae23d linux-cloud-tools-4.4.0-258-tuxcare.els29_4.4.0-258.292_amd64.deb 10bf8a040986aadc1b3b7131a6167b27df03e4e4 linux-cloud-tools-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb dd6b1b855571b7e1c802d629aba0648afec0d9e3 linux-cloud-tools-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 70b23335b5f5102231a919b146d83b8238cc33e9 linux-cloud-tools-common_4.4.0-258.292_all.deb f45a1e63466008316daf63c59ee520db19fec2a1 linux-cloud-tools-generic_4.4.0.258.292_amd64.deb 848421ba161dfcb135034318bc18ad3ec6acdf89 linux-cloud-tools-lowlatency_4.4.0.258.292_amd64.deb 02808c60fa567a633c0997c9d934fa1718aeabbd linux-crashdump_4.4.0.258.292_amd64.deb 8c4e54cd34e34b759c4609038302c6801dde4202 linux-doc_4.4.0-258.292_all.deb d5076a415a680c711e1fa9abe1f8243e9b783f0c linux-generic_4.4.0.258.292_amd64.deb 04b312d031aab36ac7629670f2c3dc9338ddebbe linux-headers-4.4.0-258-tuxcare.els29_4.4.0-258.292_all.deb 5120d21bcc9b35ed70c32cd9bebd13151c7fbc94 linux-headers-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 661be986e51c2010f2af7929be550e5418e85317 linux-headers-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb e2c79ca38cf59be2604f67bb7f8e4fbda41e6650 linux-headers-generic_4.4.0.258.292_amd64.deb 1a043ca7cf35060962d418b6c720aacddfba7861 linux-headers-lowlatency_4.4.0.258.292_amd64.deb 31dea1158d03e271e9eb7d7e18837e4606a2cf9b linux-image-generic_4.4.0.258.292_amd64.deb 92857fc6e8c3e7f8479e0d559422fb5f8389caf4 linux-image-lowlatency_4.4.0.258.292_amd64.deb 4a53bcc2b704ff39f4ee82492d0d7122e402574a linux-image-unsigned-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 2af8c22f81631a34ba632ba2db2db8dc6a6e8f26 linux-image-unsigned-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 267dd81468a2324d30269bdab05d79973a9224be linux-libc-dev_4.4.0-258.292_amd64.deb 4e1a5019806ddb7d1276078cf94d2e89d29af6d4 linux-lowlatency_4.4.0.258.292_amd64.deb a024cdbdf3d7d08015aa46967baa8ee48602b260 linux-modules-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 41457fb2fe755a44bcd83c719f1ea27f41a82a1a linux-modules-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 1f5505ac5d78f8a54c47eae37489ceb405c12ed3 linux-modules-extra-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 2668465379021e46cdd275658ebe5051d5506c77 linux-source_4.4.0.258.292_all.deb 2122cf7938c7d23f4c407bdabe641273a585f5d3 linux-source-4.4.0_4.4.0-258.292_all.deb b5850b9df41b2abf9f88011e10e2e1674fe2de81 linux-tools-4.4.0-258-tuxcare.els29_4.4.0-258.292_amd64.deb 8e6e2cbad25b8a84a6717f24e132e452df33cf7d linux-tools-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 2a9c546d0e7b0403bc91a21ecd74f32e32f74923 linux-tools-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 6814802f5a9db0ff1bedc6de5a3a609ab596ec62 linux-tools-common_4.4.0-258.292_all.deb 765e6cddc9a46e17d769fb5e350b1dd3f0d38947 linux-tools-generic_4.4.0.258.292_amd64.deb b9e8183bad768e339a1b5fb22e3dcd96b4e44486 linux-tools-host_4.4.0-258.292_all.deb 147785f091db4bca7f752ffc481be39163fee4d6 linux-tools-lowlatency_4.4.0.258.292_amd64.deb 71cbd27e537c016ceb4bc195e47f96672937c7a3 CLSA-2024:1718973794 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() * CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * CVE-url: https://ubuntu.com/security/CVE-2021-47571 - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() * CVE-url: https://ubuntu.com/security/CVE-2021-47521 - can: sja1000: fix use after free in ems_pcmcia_add_card() * CVE-url: https://ubuntu.com/security/CVE-2021-47520 - can: pch_can: pch_can_rx_normal: fix use after free * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-27405 - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() * CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * CVE-url: https://ubuntu.com/security/CVE-2021-47571 - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() * CVE-url: https://ubuntu.com/security/CVE-2021-47521 - can: sja1000: fix use after free in ems_pcmcia_add_card() * CVE-url: https://ubuntu.com/security/CVE-2021-47520 - can: pch_can: pch_can_rx_normal: fix use after free * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-27405 - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb f5e121ce8a970a1ea74e7ea568452edd13771d38 linux-buildinfo-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 02521552fcad7996785718f6888f2246740ae23d linux-cloud-tools-4.4.0-258-tuxcare.els29_4.4.0-258.292_amd64.deb 10bf8a040986aadc1b3b7131a6167b27df03e4e4 linux-cloud-tools-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb dd6b1b855571b7e1c802d629aba0648afec0d9e3 linux-cloud-tools-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 70b23335b5f5102231a919b146d83b8238cc33e9 linux-cloud-tools-common_4.4.0-258.292_all.deb f45a1e63466008316daf63c59ee520db19fec2a1 linux-cloud-tools-generic_4.4.0.258.292_amd64.deb 848421ba161dfcb135034318bc18ad3ec6acdf89 linux-cloud-tools-lowlatency_4.4.0.258.292_amd64.deb 02808c60fa567a633c0997c9d934fa1718aeabbd linux-crashdump_4.4.0.258.292_amd64.deb 8c4e54cd34e34b759c4609038302c6801dde4202 linux-doc_4.4.0-258.292_all.deb d5076a415a680c711e1fa9abe1f8243e9b783f0c linux-generic_4.4.0.258.292_amd64.deb 04b312d031aab36ac7629670f2c3dc9338ddebbe linux-headers-4.4.0-258-tuxcare.els29_4.4.0-258.292_all.deb 5120d21bcc9b35ed70c32cd9bebd13151c7fbc94 linux-headers-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 661be986e51c2010f2af7929be550e5418e85317 linux-headers-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb e2c79ca38cf59be2604f67bb7f8e4fbda41e6650 linux-headers-generic_4.4.0.258.292_amd64.deb 1a043ca7cf35060962d418b6c720aacddfba7861 linux-headers-lowlatency_4.4.0.258.292_amd64.deb 31dea1158d03e271e9eb7d7e18837e4606a2cf9b linux-image-generic_4.4.0.258.292_amd64.deb 92857fc6e8c3e7f8479e0d559422fb5f8389caf4 linux-image-lowlatency_4.4.0.258.292_amd64.deb 4a53bcc2b704ff39f4ee82492d0d7122e402574a linux-image-unsigned-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 2af8c22f81631a34ba632ba2db2db8dc6a6e8f26 linux-image-unsigned-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 267dd81468a2324d30269bdab05d79973a9224be linux-libc-dev_4.4.0-258.292_amd64.deb 4e1a5019806ddb7d1276078cf94d2e89d29af6d4 linux-lowlatency_4.4.0.258.292_amd64.deb a024cdbdf3d7d08015aa46967baa8ee48602b260 linux-modules-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 41457fb2fe755a44bcd83c719f1ea27f41a82a1a linux-modules-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 1f5505ac5d78f8a54c47eae37489ceb405c12ed3 linux-modules-extra-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 2668465379021e46cdd275658ebe5051d5506c77 linux-source_4.4.0.258.292_all.deb 2122cf7938c7d23f4c407bdabe641273a585f5d3 linux-source-4.4.0_4.4.0-258.292_all.deb b5850b9df41b2abf9f88011e10e2e1674fe2de81 linux-tools-4.4.0-258-tuxcare.els29_4.4.0-258.292_amd64.deb 8e6e2cbad25b8a84a6717f24e132e452df33cf7d linux-tools-4.4.0-258-tuxcare.els29-generic_4.4.0-258.292_amd64.deb 2a9c546d0e7b0403bc91a21ecd74f32e32f74923 linux-tools-4.4.0-258-tuxcare.els29-lowlatency_4.4.0-258.292_amd64.deb 6814802f5a9db0ff1bedc6de5a3a609ab596ec62 linux-tools-common_4.4.0-258.292_all.deb 765e6cddc9a46e17d769fb5e350b1dd3f0d38947 linux-tools-generic_4.4.0.258.292_amd64.deb b9e8183bad768e339a1b5fb22e3dcd96b4e44486 linux-tools-host_4.4.0-258.292_all.deb 147785f091db4bca7f752ffc481be39163fee4d6 linux-tools-lowlatency_4.4.0.258.292_amd64.deb 71cbd27e537c016ceb4bc195e47f96672937c7a3 CLSA-2024:1719567863 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2021-47545 - perf hists: Properly release format fields - perf hist: Fix memory leak of a perf_hpp_fmt * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - updateconfigs for CONFIG_BHI_{AUTO|OFF|ON} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2021-47545 - perf hists: Properly release format fields - perf hist: Fix memory leak of a perf_hpp_fmt * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - updateconfigs for CONFIG_BHI_{AUTO|OFF|ON}

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb 565f618ce0170294b879c11ad324ae6351f1ffdd linux-buildinfo-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb 0969b378b5c7b8ac910701633262f2abcfff4a8e linux-cloud-tools-4.4.0-259-tuxcare.els30_4.4.0-259.293_amd64.deb e8deda99f7b2e9bf1beba2874cef5cef66b84573 linux-cloud-tools-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb e5a96acc3fefac072846dc5681419da22dee48c4 linux-cloud-tools-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb 6d82c2f2a33cb2dfe03935e24e13a3fc44eb0a19 linux-cloud-tools-common_4.4.0-259.293_all.deb ddaed5af199a209aa2bfe6d991e8535261214aeb linux-cloud-tools-generic_4.4.0.259.293_amd64.deb cb0fb3362c4aa7eb4c87a58bc5593845e91b5bc1 linux-cloud-tools-lowlatency_4.4.0.259.293_amd64.deb 2f83e08e5d1d347ba43129e79e6b07b9375c0ee2 linux-crashdump_4.4.0.259.293_amd64.deb 15995a2217695bf42d9c15cc6bb9bddfbf2a30e0 linux-doc_4.4.0-259.293_all.deb e90a4560aded21c5d79fe3c1ea8882b6841762e0 linux-generic_4.4.0.259.293_amd64.deb f5f51cc90e2d1b874611526a3b8b7ed3c6171495 linux-headers-4.4.0-259-tuxcare.els30_4.4.0-259.293_all.deb 0926525ec2ef14298568796e6683504b2b7db519 linux-headers-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb ac3a671da213d51987568a031418b7f80d01da1a linux-headers-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb c72d3eb26945461692b76e82cc0b856a77d0d877 linux-headers-generic_4.4.0.259.293_amd64.deb 8bd400b20d676d43b7b5b2d522b8da8db96a396c linux-headers-lowlatency_4.4.0.259.293_amd64.deb 48d4ac64756be518b8463a7b0d37021761127ec0 linux-image-generic_4.4.0.259.293_amd64.deb 9c083aab304274a6eb73d35b92314b7571744f4c linux-image-lowlatency_4.4.0.259.293_amd64.deb 594522aae7d0758b6caad9801309a41c67cb514f linux-image-unsigned-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb ecf5b026f955905ea204c3ad70ea7748d2f6f86c linux-image-unsigned-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb b71432aa421225270e61c670449efb57575348fb linux-libc-dev_4.4.0-259.293_amd64.deb 0a8217592f9ad35007ac9b84af7e4be2dec97d0b linux-lowlatency_4.4.0.259.293_amd64.deb c2313d852c14fab16bb0a2ee8658e466f31a4202 linux-modules-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb c58be3a70bc445d4208352a70b3d5fa84def3581 linux-modules-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb 0fa5df37c8670f9e896063504d4bac7a3bdf836c linux-modules-extra-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb 76fd96e1d1ef5188af7e304ae887ff0caaac0ec5 linux-source_4.4.0.259.293_all.deb 260f49c1edd7b59a9ee5cdcffaa20b73d5844ce8 linux-source-4.4.0_4.4.0-259.293_all.deb 0f45ad8e057bd2544d96379d27ce0ea5343d98e6 linux-tools-4.4.0-259-tuxcare.els30_4.4.0-259.293_amd64.deb 4d27fc855c26a5d11b0a9de2b2ff10cd8b5c9cd2 linux-tools-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb 43a8c5c467f649602aa14307dc0daeb1e4366e95 linux-tools-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb ffb349c1882d4e55b02019f1e65cf0a965f4ae28 linux-tools-common_4.4.0-259.293_all.deb 0a07948405d3d744d8038b0243ab6b347e248614 linux-tools-generic_4.4.0.259.293_amd64.deb be11cb5d3b32c6849112ba30231e151f55a016f3 linux-tools-host_4.4.0-259.293_all.deb b9e63da6f252925e9ade5a9e41cf95e2bb362e42 linux-tools-lowlatency_4.4.0.259.293_amd64.deb 598a26c5dea2eb1511dea9a0ddac1656c2a79dbd CLSA-2024:1719568080 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2021-47545 - perf hists: Properly release format fields - perf hist: Fix memory leak of a perf_hpp_fmt * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - updateconfigs for CONFIG_BHI_{AUTO|OFF|ON} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2021-47545 - perf hists: Properly release format fields - perf hist: Fix memory leak of a perf_hpp_fmt * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - updateconfigs for CONFIG_BHI_{AUTO|OFF|ON}

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb 565f618ce0170294b879c11ad324ae6351f1ffdd linux-buildinfo-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb 0969b378b5c7b8ac910701633262f2abcfff4a8e linux-cloud-tools-4.4.0-259-tuxcare.els30_4.4.0-259.293_amd64.deb e8deda99f7b2e9bf1beba2874cef5cef66b84573 linux-cloud-tools-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb e5a96acc3fefac072846dc5681419da22dee48c4 linux-cloud-tools-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb 6d82c2f2a33cb2dfe03935e24e13a3fc44eb0a19 linux-cloud-tools-common_4.4.0-259.293_all.deb ddaed5af199a209aa2bfe6d991e8535261214aeb linux-cloud-tools-generic_4.4.0.259.293_amd64.deb cb0fb3362c4aa7eb4c87a58bc5593845e91b5bc1 linux-cloud-tools-lowlatency_4.4.0.259.293_amd64.deb 2f83e08e5d1d347ba43129e79e6b07b9375c0ee2 linux-crashdump_4.4.0.259.293_amd64.deb 15995a2217695bf42d9c15cc6bb9bddfbf2a30e0 linux-doc_4.4.0-259.293_all.deb e90a4560aded21c5d79fe3c1ea8882b6841762e0 linux-generic_4.4.0.259.293_amd64.deb f5f51cc90e2d1b874611526a3b8b7ed3c6171495 linux-headers-4.4.0-259-tuxcare.els30_4.4.0-259.293_all.deb 0926525ec2ef14298568796e6683504b2b7db519 linux-headers-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb ac3a671da213d51987568a031418b7f80d01da1a linux-headers-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb c72d3eb26945461692b76e82cc0b856a77d0d877 linux-headers-generic_4.4.0.259.293_amd64.deb 8bd400b20d676d43b7b5b2d522b8da8db96a396c linux-headers-lowlatency_4.4.0.259.293_amd64.deb 48d4ac64756be518b8463a7b0d37021761127ec0 linux-image-generic_4.4.0.259.293_amd64.deb 9c083aab304274a6eb73d35b92314b7571744f4c linux-image-lowlatency_4.4.0.259.293_amd64.deb 594522aae7d0758b6caad9801309a41c67cb514f linux-image-unsigned-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb ecf5b026f955905ea204c3ad70ea7748d2f6f86c linux-image-unsigned-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb b71432aa421225270e61c670449efb57575348fb linux-libc-dev_4.4.0-259.293_amd64.deb 0a8217592f9ad35007ac9b84af7e4be2dec97d0b linux-lowlatency_4.4.0.259.293_amd64.deb c2313d852c14fab16bb0a2ee8658e466f31a4202 linux-modules-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb c58be3a70bc445d4208352a70b3d5fa84def3581 linux-modules-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb 0fa5df37c8670f9e896063504d4bac7a3bdf836c linux-modules-extra-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb 76fd96e1d1ef5188af7e304ae887ff0caaac0ec5 linux-source_4.4.0.259.293_all.deb 260f49c1edd7b59a9ee5cdcffaa20b73d5844ce8 linux-source-4.4.0_4.4.0-259.293_all.deb 0f45ad8e057bd2544d96379d27ce0ea5343d98e6 linux-tools-4.4.0-259-tuxcare.els30_4.4.0-259.293_amd64.deb 4d27fc855c26a5d11b0a9de2b2ff10cd8b5c9cd2 linux-tools-4.4.0-259-tuxcare.els30-generic_4.4.0-259.293_amd64.deb 43a8c5c467f649602aa14307dc0daeb1e4366e95 linux-tools-4.4.0-259-tuxcare.els30-lowlatency_4.4.0-259.293_amd64.deb ffb349c1882d4e55b02019f1e65cf0a965f4ae28 linux-tools-common_4.4.0-259.293_all.deb 0a07948405d3d744d8038b0243ab6b347e248614 linux-tools-generic_4.4.0.259.293_amd64.deb be11cb5d3b32c6849112ba30231e151f55a016f3 linux-tools-host_4.4.0-259.293_all.deb b9e63da6f252925e9ade5a9e41cf95e2bb362e42 linux-tools-lowlatency_4.4.0.259.293_amd64.deb 598a26c5dea2eb1511dea9a0ddac1656c2a79dbd CLSA-2024:1719920973 TuxCare License Agreement 0 * SECURITY UPDATE: tack-based buffer overflow in netgroup cache - debian/patches/any/CVE-2024-33599.patch: fix buffer overflow in netgroup cache - CVE-2024-33599 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: tack-based buffer overflow in netgroup cache - debian/patches/any/CVE-2024-33599.patch: fix buffer overflow in netgroup cache - CVE-2024-33599

0 tuxcare-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els8_all.deb 07371814968f87459c3a974a5b60cfc55414cd40 glibc-source_2.23-0ubuntu11.5+tuxcare.els8_all.deb 64a7a29fa66cd46a57e4d1a1ff7db2ef6e6a9c81 libc-bin_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb ea0532d142bce340f25199be77f3fc0ae307b841 libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb 314e4892ecad532fec9bfd9ee37e1c642d1a7b70 libc6_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb c1e84b0a90e5db6b782d1c71f82c1f1fa9818406 libc6-dev_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb da8d313f50d50400808bee6802eb1bd398ee2013 libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb 20f75531fd8827cd2352844bfbeceea0fcfab549 libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb ae2b8aae6be7f47fb74b28a892978f45328611bc libc6-i386_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb 6d107f713a43119e1bd0c13c51789f283eb675f6 libc6-pic_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb 7a88b7576928f0debd4af2d686ac46a48fa1bbae libc6-x32_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb 1d8f7a32a13f616cab2f4fc2bd7980388c7b8efb locales_2.23-0ubuntu11.5+tuxcare.els8_all.deb e66f9140aee26c367911dcac7165556797ee0d50 locales-all_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb e039f72e6a8d68d69ef73b12ca13118caa99198d multiarch-support_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb 5e79e8c2d63a0813d9b550427d81b1d6aff21491 nscd_2.23-0ubuntu11.5+tuxcare.els8_amd64.deb e43537767ecf38f71f3476fe92174a39e93965ac CLSA-2024:1721401321 TuxCare License Agreement 0 * SECURITY UPDATE: eval() on content received via HTTP in test suite - debian/patches/CVE-2020-27619.patch: No longer call eval() on content received via HTTP in the CJK codec tests - CVE-2020-27619 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: eval() on content received via HTTP in test suite - debian/patches/CVE-2020-27619.patch: No longer call eval() on content received via HTTP in the CJK codec tests - CVE-2020-27619

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_all.deb 03c6841af9d9ce4bee50e31e36e7659e5e640315 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb e0360febb18227b665e69d92942b944225db3754 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb 5b4e8bb973c673521544010f17bbc1c0ab992425 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb 2ea71f5cfb3a19dd74338512792a8705b3ba4cfb libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb e95a51234d6f71f85d789ea43e631c1b39460d0b libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_all.deb a7e7668888e3cbcf16163404cfeb841eba1902c6 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb 6c28ad4a293d897d7ecb6f3d4947e980a16f79b1 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb cab22e6a85378893134c065c4017453695425b24 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_all.deb ed7f473517e93a3ae512f4693faa25278ef5e00b python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_all.deb e67ee75022a660a95f9bcfa1a881d48169d60026 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els12_amd64.deb 15280c0eb48bd1c8ed3086fe435f98acc50a3ba4 CLSA-2024:1721658474 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb 89ad935261d9b34f65a79771ef07719e3225ff45 linux-buildinfo-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb a77cdaba5edfa7ddf58ee61b7efca3bec17494de linux-cloud-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb cd5a1b5eeb1fe72a617b1b0255bce8d6f5d211a2 linux-cloud-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb 0855de6b293479752378706bbd73c47a8c6a3ea8 linux-cloud-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb 21bc131bc9f47b4ded9b6649036fc0c8d55492d6 linux-cloud-tools-common_4.4.0-260.294_all.deb 7d3aeec640eb7d0de93749b01e60e17b81335b37 linux-cloud-tools-generic_4.4.0.260.294_amd64.deb 0c6eb0b75e9f1fd0457f2a4e129200d461d8d93e linux-cloud-tools-lowlatency_4.4.0.260.294_amd64.deb 243ab156e23b82510a61154e65cae83500fbeb56 linux-crashdump_4.4.0.260.294_amd64.deb 44d91c8998a57a3cf874dbf6adb2ceef6d22dfd8 linux-doc_4.4.0-260.294_all.deb 8f48e04ac6e030ed7fdeff4ced3578683e5706a6 linux-generic_4.4.0.260.294_amd64.deb 5bd28db2737316b76029a758d7c5834ff65ff41d linux-headers-4.4.0-260-tuxcare.els31_4.4.0-260.294_all.deb 29ed26e6931f8793d2fcb1642087feda4ca48d57 linux-headers-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb 80f550d18720bb458f73e8d381e7d9b23a687db1 linux-headers-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb df41f78a272d71284b300a0d5d751ade3f84e1f6 linux-headers-generic_4.4.0.260.294_amd64.deb 57f7c82a6523b4aa0b44b1097a8101cd1187b9b7 linux-headers-lowlatency_4.4.0.260.294_amd64.deb b98959e6f585b5654b470501973dbcb316d26059 linux-image-generic_4.4.0.260.294_amd64.deb e173f514eca70bddebd8b0442a80739a68c3d68b linux-image-lowlatency_4.4.0.260.294_amd64.deb 45393828019b5cb0fd48042f5fa7e9e2e3d8db22 linux-image-unsigned-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb f0f33ccdf9a432750c7bebcd30a43b25464f74a5 linux-image-unsigned-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb 90b0eb1e965116b9dd6ab141e9163178886b73fe linux-libc-dev_4.4.0-260.294_amd64.deb 0412bd5b2d48b946871d20510c769a5923c95197 linux-lowlatency_4.4.0.260.294_amd64.deb 8c72aad691337b029918e1cf8ff5726255637deb linux-modules-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb a747785d928a7e67593f4cff0e60d2874280aa44 linux-modules-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb c6c25204e5c8fea73f6417260ebde7539618a713 linux-modules-extra-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb c9a766f7a0367676014553475549e708fdff6ad4 linux-source_4.4.0.260.294_all.deb 0622e29dd0bbff55db0154816d4841a07497c1d6 linux-source-4.4.0_4.4.0-260.294_all.deb ccd79e5a796e89afbe66d1a993858aef5d278593 linux-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb e4dec1e9ab9af22197828715637efb7c3bb98515 linux-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb e07fe7c568ee61569b998df8813d10c0287755cb linux-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb 46759f53f94810fa513304a37683a76e682bd10b linux-tools-common_4.4.0-260.294_all.deb bbbddef0f756e88ab1ffb63f4eef6241dff36171 linux-tools-generic_4.4.0.260.294_amd64.deb fc6f8415473d52003c6da334498f6cae3ecff52d linux-tools-host_4.4.0-260.294_all.deb 6c8c7040d9039a00fbf44ddd587450b673778ae8 linux-tools-lowlatency_4.4.0.260.294_amd64.deb 1767ea86d18042f06930b7c614daa0c4caea50ad CLSA-2024:1721659158 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb 89ad935261d9b34f65a79771ef07719e3225ff45 linux-buildinfo-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb a77cdaba5edfa7ddf58ee61b7efca3bec17494de linux-cloud-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb cd5a1b5eeb1fe72a617b1b0255bce8d6f5d211a2 linux-cloud-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb 0855de6b293479752378706bbd73c47a8c6a3ea8 linux-cloud-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb 21bc131bc9f47b4ded9b6649036fc0c8d55492d6 linux-cloud-tools-common_4.4.0-260.294_all.deb 7d3aeec640eb7d0de93749b01e60e17b81335b37 linux-cloud-tools-generic_4.4.0.260.294_amd64.deb 0c6eb0b75e9f1fd0457f2a4e129200d461d8d93e linux-cloud-tools-lowlatency_4.4.0.260.294_amd64.deb 243ab156e23b82510a61154e65cae83500fbeb56 linux-crashdump_4.4.0.260.294_amd64.deb 44d91c8998a57a3cf874dbf6adb2ceef6d22dfd8 linux-doc_4.4.0-260.294_all.deb 8f48e04ac6e030ed7fdeff4ced3578683e5706a6 linux-generic_4.4.0.260.294_amd64.deb 5bd28db2737316b76029a758d7c5834ff65ff41d linux-headers-4.4.0-260-tuxcare.els31_4.4.0-260.294_all.deb 29ed26e6931f8793d2fcb1642087feda4ca48d57 linux-headers-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb 80f550d18720bb458f73e8d381e7d9b23a687db1 linux-headers-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb df41f78a272d71284b300a0d5d751ade3f84e1f6 linux-headers-generic_4.4.0.260.294_amd64.deb 57f7c82a6523b4aa0b44b1097a8101cd1187b9b7 linux-headers-lowlatency_4.4.0.260.294_amd64.deb b98959e6f585b5654b470501973dbcb316d26059 linux-image-generic_4.4.0.260.294_amd64.deb e173f514eca70bddebd8b0442a80739a68c3d68b linux-image-lowlatency_4.4.0.260.294_amd64.deb 45393828019b5cb0fd48042f5fa7e9e2e3d8db22 linux-image-unsigned-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb f0f33ccdf9a432750c7bebcd30a43b25464f74a5 linux-image-unsigned-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb 90b0eb1e965116b9dd6ab141e9163178886b73fe linux-libc-dev_4.4.0-260.294_amd64.deb 0412bd5b2d48b946871d20510c769a5923c95197 linux-lowlatency_4.4.0.260.294_amd64.deb 8c72aad691337b029918e1cf8ff5726255637deb linux-modules-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb a747785d928a7e67593f4cff0e60d2874280aa44 linux-modules-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb c6c25204e5c8fea73f6417260ebde7539618a713 linux-modules-extra-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb c9a766f7a0367676014553475549e708fdff6ad4 linux-source_4.4.0.260.294_all.deb 0622e29dd0bbff55db0154816d4841a07497c1d6 linux-source-4.4.0_4.4.0-260.294_all.deb ccd79e5a796e89afbe66d1a993858aef5d278593 linux-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb e4dec1e9ab9af22197828715637efb7c3bb98515 linux-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb e07fe7c568ee61569b998df8813d10c0287755cb linux-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb 46759f53f94810fa513304a37683a76e682bd10b linux-tools-common_4.4.0-260.294_all.deb bbbddef0f756e88ab1ffb63f4eef6241dff36171 linux-tools-generic_4.4.0.260.294_amd64.deb fc6f8415473d52003c6da334498f6cae3ecff52d linux-tools-host_4.4.0-260.294_all.deb 6c8c7040d9039a00fbf44ddd587450b673778ae8 linux-tools-lowlatency_4.4.0.260.294_amd64.deb 1767ea86d18042f06930b7c614daa0c4caea50ad CLSA-2024:1721929836 TuxCare License Agreement 0 * SECURITY UPDATE: stack buffer overflow in ada_decode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 * SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build - CVE-2023-39129 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2023-39130.patch: bfd IO functions give warnings - CVE-2023-39130 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack buffer overflow in ada_decode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 * SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build - CVE-2023-39129 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2023-39130.patch: bfd IO functions give warnings - CVE-2023-39130

0 tuxcare-ubuntu16.04-els gdb_7.11.1-0ubuntu1~16.5+tuxcare.els1_amd64.deb e3ec6188a4014c8b1f24e6ec5e7a66f876a3d882 gdb-doc_7.11.1-0ubuntu1~16.5+tuxcare.els1_all.deb 042671032295f4f2893331d3293e4197f353e10b gdb-multiarch_7.11.1-0ubuntu1~16.5+tuxcare.els1_amd64.deb 1fbee6f15a7b7839e8a0cff7ab03b4cabaede5e5 gdb-source_7.11.1-0ubuntu1~16.5+tuxcare.els1_all.deb d2caeec43588dedad8206f43473c57a1c4d6ab94 gdbserver_7.11.1-0ubuntu1~16.5+tuxcare.els1_amd64.deb e9f0f1734c42bf4e86ec377ce02b15d841afd95a CLSA-2024:1722535085 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2_get_enc_key * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/ - ima: fix ima_d_path() possible race with rename * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2022-48850 - net-sysfs: add check for netdevice being present to speed_show * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48860 - ethernet: Fix error handling in xemaclite_of_probe * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48857 - NFC: port100: fix use-after-free in port100_send_complete * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48851 - staging: gdm724x: fix use after free in gdm_lte_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: Remove deprecated create_workqueue - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: move geneve device lookup before iptunnel_pull_header - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-27405 // CVE-url: https://ubuntu.com/security/CVE-2024-35825 - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625) // CVE- url: https://ubuntu.com/security/CVE-2022-33742 - xen/blkfront: force data bouncing when backend is untrusted * CVE-url: https://ubuntu.com/security/CVE-2022-33742 - xen: introduce xenbus_read_unsigned() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2_get_enc_key * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/ - ima: fix ima_d_path() possible race with rename * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2022-48850 - net-sysfs: add check for netdevice being present to speed_show * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48860 - ethernet: Fix error handling in xemaclite_of_probe * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48857 - NFC: port100: fix use-after-free in port100_send_complete * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48851 - staging: gdm724x: fix use after free in gdm_lte_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: Remove deprecated create_workqueue - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: move geneve device lookup before iptunnel_pull_header - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-27405 // CVE-url: https://ubuntu.com/security/CVE-2024-35825 - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625) // CVE- url: https://ubuntu.com/security/CVE-2022-33742 - xen/blkfront: force data bouncing when backend is untrusted * CVE-url: https://ubuntu.com/security/CVE-2022-33742 - xen: introduce xenbus_read_unsigned()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb a3d730bcade8bce737270fe882690002885fd6de linux-buildinfo-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb a0a12dc6980b3a1292adbc95b44a66d7d954b8c2 linux-cloud-tools-4.4.0-261-tuxcare.els32_4.4.0-261.295_amd64.deb d7dc24c592822f3d5f35c4ba4b991e5475d3f974 linux-cloud-tools-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 8d097010025871aa55186877ad6402a0e08b6ac6 linux-cloud-tools-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 38ae13fb168d68e96aabab4eeba1710f75d0a758 linux-cloud-tools-common_4.4.0-261.295_all.deb 86d68417743258da860243c4c462844120823985 linux-cloud-tools-generic_4.4.0.261.295_amd64.deb a5e94a4fabc354c5088b9fb42f603be890576db6 linux-cloud-tools-lowlatency_4.4.0.261.295_amd64.deb faf1951c61465db113cf7a69ce39b706329292ab linux-crashdump_4.4.0.261.295_amd64.deb 18e5227fbdd8ab6bdfc3432f1dbca5ff2b4bdca0 linux-doc_4.4.0-261.295_all.deb c7340981bbf2bff57b2b1aab064aead9068d724f linux-generic_4.4.0.261.295_amd64.deb a8cef1e0ba73bfcd14ede8e8476f23eb78eb8ad5 linux-headers-4.4.0-261-tuxcare.els32_4.4.0-261.295_all.deb dce24db55a507d040d264fef02422fbbe2bf9960 linux-headers-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 745eabf535cf46b21c337d63d69113060192cfec linux-headers-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 6334d89761e10ee2cf97b51777a3e5b7137ee9ec linux-headers-generic_4.4.0.261.295_amd64.deb bdadb3274ae7857b62d0f1a91aa3fee6b94dc0a4 linux-headers-lowlatency_4.4.0.261.295_amd64.deb 27c0cc23d4d3650fa1aacdc37f00ac6f064dff9b linux-image-generic_4.4.0.261.295_amd64.deb 42c5d718bc9b614cf40f7957cdab6efc58075437 linux-image-lowlatency_4.4.0.261.295_amd64.deb c5b2012b8211c524d52e27319ea7994c8753c64c linux-image-unsigned-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 4b5310c85e0d8acb79aeb2b69d72f7687df5f32e linux-image-unsigned-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 5cfb70525be90f7a287b08af2209f195d1ec058c linux-libc-dev_4.4.0-261.295_amd64.deb 1656f2a1fc545a63f0bff3b3a52e0f2a74b29ba7 linux-lowlatency_4.4.0.261.295_amd64.deb 3e134ac1f3ee14e188d61263a7a402acc50d1287 linux-modules-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb cf651d6077c5afe47aeb6d38c3a147a3994edafd linux-modules-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 41e33acb501face944545a01f6ef5f9bee5417d8 linux-modules-extra-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 0bbd1830b9aa28953d417743ed74e8da2f554f62 linux-source_4.4.0.261.295_all.deb 5449290567c686ffb68725f82add17a526f6ca7d linux-source-4.4.0_4.4.0-261.295_all.deb 310458e405e7ea47f32d39450c14ca70e584d1f4 linux-tools-4.4.0-261-tuxcare.els32_4.4.0-261.295_amd64.deb fc2218733ccbdf519eb424e2c81a3c0ef7ab9f55 linux-tools-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 25b5aebfa59922995df95213bb3716919c581990 linux-tools-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 56b4e9ca1e467393d56e2f487ba24148cbec07b3 linux-tools-common_4.4.0-261.295_all.deb c5db0c021ef1b4ee929c8e8cab32b8b2204b1a68 linux-tools-generic_4.4.0.261.295_amd64.deb ec05eb526b5ca100fe345b684bb7bd321bff6dd5 linux-tools-host_4.4.0-261.295_all.deb 8fd530508f10f710739a74c27f7a6f4360d3deaa linux-tools-lowlatency_4.4.0.261.295_amd64.deb b479a80a4401c539e69433e40512f6870f8c6acd CLSA-2024:1722535359 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2_get_enc_key * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/ - ima: fix ima_d_path() possible race with rename * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2022-48850 - net-sysfs: add check for netdevice being present to speed_show * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48860 - ethernet: Fix error handling in xemaclite_of_probe * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48857 - NFC: port100: fix use-after-free in port100_send_complete * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48851 - staging: gdm724x: fix use after free in gdm_lte_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: Remove deprecated create_workqueue - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: move geneve device lookup before iptunnel_pull_header - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-27405 // CVE-url: https://ubuntu.com/security/CVE-2024-35825 - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625) // CVE- url: https://ubuntu.com/security/CVE-2022-33742 - xen/blkfront: force data bouncing when backend is untrusted * CVE-url: https://ubuntu.com/security/CVE-2022-33742 - xen: introduce xenbus_read_unsigned() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2_get_enc_key * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/ - ima: fix ima_d_path() possible race with rename * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2022-48850 - net-sysfs: add check for netdevice being present to speed_show * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48860 - ethernet: Fix error handling in xemaclite_of_probe * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48857 - NFC: port100: fix use-after-free in port100_send_complete * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48851 - staging: gdm724x: fix use after free in gdm_lte_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: Remove deprecated create_workqueue - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: move geneve device lookup before iptunnel_pull_header - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-27405 // CVE-url: https://ubuntu.com/security/CVE-2024-35825 - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625) // CVE- url: https://ubuntu.com/security/CVE-2022-33742 - xen/blkfront: force data bouncing when backend is untrusted * CVE-url: https://ubuntu.com/security/CVE-2022-33742 - xen: introduce xenbus_read_unsigned()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb a3d730bcade8bce737270fe882690002885fd6de linux-buildinfo-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb a0a12dc6980b3a1292adbc95b44a66d7d954b8c2 linux-cloud-tools-4.4.0-261-tuxcare.els32_4.4.0-261.295_amd64.deb d7dc24c592822f3d5f35c4ba4b991e5475d3f974 linux-cloud-tools-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 8d097010025871aa55186877ad6402a0e08b6ac6 linux-cloud-tools-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 38ae13fb168d68e96aabab4eeba1710f75d0a758 linux-cloud-tools-common_4.4.0-261.295_all.deb 86d68417743258da860243c4c462844120823985 linux-cloud-tools-generic_4.4.0.261.295_amd64.deb a5e94a4fabc354c5088b9fb42f603be890576db6 linux-cloud-tools-lowlatency_4.4.0.261.295_amd64.deb faf1951c61465db113cf7a69ce39b706329292ab linux-crashdump_4.4.0.261.295_amd64.deb 18e5227fbdd8ab6bdfc3432f1dbca5ff2b4bdca0 linux-doc_4.4.0-261.295_all.deb c7340981bbf2bff57b2b1aab064aead9068d724f linux-generic_4.4.0.261.295_amd64.deb a8cef1e0ba73bfcd14ede8e8476f23eb78eb8ad5 linux-headers-4.4.0-261-tuxcare.els32_4.4.0-261.295_all.deb dce24db55a507d040d264fef02422fbbe2bf9960 linux-headers-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 745eabf535cf46b21c337d63d69113060192cfec linux-headers-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 6334d89761e10ee2cf97b51777a3e5b7137ee9ec linux-headers-generic_4.4.0.261.295_amd64.deb bdadb3274ae7857b62d0f1a91aa3fee6b94dc0a4 linux-headers-lowlatency_4.4.0.261.295_amd64.deb 27c0cc23d4d3650fa1aacdc37f00ac6f064dff9b linux-image-generic_4.4.0.261.295_amd64.deb 42c5d718bc9b614cf40f7957cdab6efc58075437 linux-image-lowlatency_4.4.0.261.295_amd64.deb c5b2012b8211c524d52e27319ea7994c8753c64c linux-image-unsigned-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 4b5310c85e0d8acb79aeb2b69d72f7687df5f32e linux-image-unsigned-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 5cfb70525be90f7a287b08af2209f195d1ec058c linux-libc-dev_4.4.0-261.295_amd64.deb 1656f2a1fc545a63f0bff3b3a52e0f2a74b29ba7 linux-lowlatency_4.4.0.261.295_amd64.deb 3e134ac1f3ee14e188d61263a7a402acc50d1287 linux-modules-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb cf651d6077c5afe47aeb6d38c3a147a3994edafd linux-modules-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 41e33acb501face944545a01f6ef5f9bee5417d8 linux-modules-extra-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 0bbd1830b9aa28953d417743ed74e8da2f554f62 linux-source_4.4.0.261.295_all.deb 5449290567c686ffb68725f82add17a526f6ca7d linux-source-4.4.0_4.4.0-261.295_all.deb 310458e405e7ea47f32d39450c14ca70e584d1f4 linux-tools-4.4.0-261-tuxcare.els32_4.4.0-261.295_amd64.deb fc2218733ccbdf519eb424e2c81a3c0ef7ab9f55 linux-tools-4.4.0-261-tuxcare.els32-generic_4.4.0-261.295_amd64.deb 25b5aebfa59922995df95213bb3716919c581990 linux-tools-4.4.0-261-tuxcare.els32-lowlatency_4.4.0-261.295_amd64.deb 56b4e9ca1e467393d56e2f487ba24148cbec07b3 linux-tools-common_4.4.0-261.295_all.deb c5db0c021ef1b4ee929c8e8cab32b8b2204b1a68 linux-tools-generic_4.4.0.261.295_amd64.deb ec05eb526b5ca100fe345b684bb7bd321bff6dd5 linux-tools-host_4.4.0-261.295_all.deb 8fd530508f10f710739a74c27f7a6f4360d3deaa linux-tools-lowlatency_4.4.0.261.295_amd64.deb b479a80a4401c539e69433e40512f6870f8c6acd CLSA-2024:1722535625 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2024-05-14 - New microcodes: sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192 sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888 sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200 sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008 sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800 sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800 sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688 sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448 sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496 sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480 sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808 sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496 sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240 sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 * source: update symlinks to reflect id of the latest release, 20240514 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2024-05-14 - New microcodes: sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192 sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888 sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200 sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008 sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800 sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800 sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688 sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448 sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496 sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480 sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808 sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496 sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240 sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 * source: update symlinks to reflect id of the latest release, 20240514

0 tuxcare-ubuntu16.04-els intel-microcode_3.20240514.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 217295ea17eac957bbd0acdbea0e119581e14cd0 CLSA-2024:1723146030 TuxCare License Agreement 0 * SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_all.deb 9d34c0dfb23dbdb25a082ea2397b77bd9796e594 libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb 74dc584e5479da42b536a162ca42b72238eb3177 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb 4413d8ea92644740c38adf4fe3e22815ec709207 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb 975fc5eb6eeb79da5ad29fdf5a53099cfefd2e94 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb 4bf52f642609e06cb371cd61ada93a0071c914c5 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_all.deb a6a8f8dc570e7efd6be3fe6046c6389020a51a84 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb 821a730bed08ac971f342880386c9bdd041477bf python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb a40ef3750b0ffa709a6ba5eefe1dc6a5ed57c3f7 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_all.deb 37d622108879d6c635cc82e077b64479ed3c977a python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_all.deb 7d7b02c2ea7b880486c9ec862c64c0420e818437 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els13_amd64.deb 3a9e728b2776d183b2f802c42f8e45160dcd044d CLSA-2024:1723223824 TuxCare License Agreement 0 * SECURITY UPDATE: Insecure behavior with semicolons in URI userinfo - debian/patches/CVE-2024-38428.patch: Properly re-implement userinfo parsing (rfc2396) to fix outdated RFC implementation - CVE-2024-38428 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Insecure behavior with semicolons in URI userinfo - debian/patches/CVE-2024-38428.patch: Properly re-implement userinfo parsing (rfc2396) to fix outdated RFC implementation - CVE-2024-38428

0 tuxcare-ubuntu16.04-els wget_1.17.1-1ubuntu1.5+tuxcare.els1_amd64.deb 26d4ba83218b412e06b4b96f66395cf6f8119daa CLSA-2024:1723494706 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: introduce a controller state machine - nvme: move namespace scanning to core - nvme: move AER handling to common code - nvme: fix a possible use-after-free in controller reset during load - nvme-pci: fix multiple ctrl removal scheduling * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - tty: Define ASYNC_ replacement bits - tty: Replace ASYNC_CTS_FLOW bit and update atomically - tty: Remove ASYNC_CLOSING - tty: mxser: Remove ASYNC_CLOSING - isdn: Remove ASYNC_CLOSING - tty: Replace TTY_IO_ERROR bit tests with tty_io_error() - tty: Replace ASYNC_NORMAL_ACTIVE bit and update atomically - tty: Replace ASYNC_CHECK_CD and update atomically - tty: Replace ASYNC_SUSPENDED bit and update atomically - tty: Replace ASYNC_INITIALIZED bit and update atomically - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE- url: https://ubuntu.com/security/CVE-2022-48809 - net: fix a memleak when uncloning an skb dst and its metadata * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: introduce a controller state machine - nvme: move namespace scanning to core - nvme: move AER handling to common code - nvme: fix a possible use-after-free in controller reset during load - nvme-pci: fix multiple ctrl removal scheduling * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - tty: Define ASYNC_ replacement bits - tty: Replace ASYNC_CTS_FLOW bit and update atomically - tty: Remove ASYNC_CLOSING - tty: mxser: Remove ASYNC_CLOSING - isdn: Remove ASYNC_CLOSING - tty: Replace TTY_IO_ERROR bit tests with tty_io_error() - tty: Replace ASYNC_NORMAL_ACTIVE bit and update atomically - tty: Replace ASYNC_CHECK_CD and update atomically - tty: Replace ASYNC_SUSPENDED bit and update atomically - tty: Replace ASYNC_INITIALIZED bit and update atomically - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE- url: https://ubuntu.com/security/CVE-2022-48809 - net: fix a memleak when uncloning an skb dst and its metadata * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb a08cb20ce3c2470ca4b6f5739fdadec48f3d1f24 linux-buildinfo-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 3e2890818651319e7bd552dbbf74d794ac9a4d51 linux-cloud-tools-4.4.0-262-tuxcare.els33_4.4.0-262.296_amd64.deb 9d0e1dc6958c7168195326c9a8f92dfa2e385dd2 linux-cloud-tools-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 4666c70acf10f20376ce85ae9f2d01d75c5bf96b linux-cloud-tools-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 5af8819380c377c6713a99254d7c2d50fcc07d3e linux-cloud-tools-common_4.4.0-262.296_all.deb cd061836750ba050c8ce60b860666067a01946cf linux-cloud-tools-generic_4.4.0.262.296_amd64.deb 0424a1c7bdd0284696f84d0c82931080195cc55c linux-cloud-tools-lowlatency_4.4.0.262.296_amd64.deb d3bfbd4664e4bcdee56a4737f3fe665b917ccba5 linux-crashdump_4.4.0.262.296_amd64.deb 19412bed1e59be3088d47e313a4e7758824e4a6c linux-doc_4.4.0-262.296_all.deb ae504bbc6dd4ad5803db5f3b418d5cc1c3087b4d linux-generic_4.4.0.262.296_amd64.deb 22bdf0d6f751bb1349ac099e99a85f49c0916be6 linux-headers-4.4.0-262-tuxcare.els33_4.4.0-262.296_all.deb 60199867943adc9225afa404c8a801c2f27da147 linux-headers-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb e08523365ff4a2c750da416565298e57e6659d1f linux-headers-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 590e22127484129a1b5e415c7d030c27ae5e04ec linux-headers-generic_4.4.0.262.296_amd64.deb 8d85bd31ac117089d04e396f1d5c02446dbe89d5 linux-headers-lowlatency_4.4.0.262.296_amd64.deb 1281b3d465f180a16728cf648e7ca7e2204bb90d linux-image-generic_4.4.0.262.296_amd64.deb b354f2090b989c65ad147d6448cb5144a3b29603 linux-image-lowlatency_4.4.0.262.296_amd64.deb 2ff4632a64a89967743218b1a7dd3ce0fa3ba694 linux-image-unsigned-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 6b83680c44c163c350710c6d6063cfd79ecbe417 linux-image-unsigned-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 644ae817b5a6bef59c1793e4d18d85ce7039ecb1 linux-libc-dev_4.4.0-262.296_amd64.deb 50a364c3fce5c8530bb65eaf8b3d0268abea99fe linux-lowlatency_4.4.0.262.296_amd64.deb ffddabb7d359b92a2121ec508c99cca15720edb7 linux-modules-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb e1e1785e20f7ceb7fd5d7192624926ba3d7cf0ce linux-modules-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 4af9ace070bdf2f0addebd9af5bef823d503e85c linux-modules-extra-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 0e04f8b335cde74ba988caab610111fea7934b81 linux-source_4.4.0.262.296_all.deb 8f7628403bd28493d941dafa1112188c52f1efa5 linux-source-4.4.0_4.4.0-262.296_all.deb bcb9b5560e7c81af5dbb1e705c169e7f43dd8b4c linux-tools-4.4.0-262-tuxcare.els33_4.4.0-262.296_amd64.deb 53b20e66d050415a15799ee3bdf634c7665c58a4 linux-tools-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 835d3c4a775214c4a12740be86afa7e2f3e87ba0 linux-tools-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 6117a46fa6b187eade96a334f4e14e1e01344527 linux-tools-common_4.4.0-262.296_all.deb 71ea6788ca9aea853bfb53b56f4fa245db06d281 linux-tools-generic_4.4.0.262.296_amd64.deb 2a8d9e1a479e0fe308dade93fdfe1b33fe4c5e95 linux-tools-host_4.4.0-262.296_all.deb 4ceb2f7ac39f03a45cfaf6b33debdcd8c11ae4c6 linux-tools-lowlatency_4.4.0.262.296_amd64.deb 4e6dd4c4fe825ff8a056d808fb87f9981ab66732 CLSA-2024:1723495305 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: introduce a controller state machine - nvme: move namespace scanning to core - nvme: move AER handling to common code - nvme: fix a possible use-after-free in controller reset during load - nvme-pci: fix multiple ctrl removal scheduling * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - tty: Define ASYNC_ replacement bits - tty: Replace ASYNC_CTS_FLOW bit and update atomically - tty: Remove ASYNC_CLOSING - tty: mxser: Remove ASYNC_CLOSING - isdn: Remove ASYNC_CLOSING - tty: Replace TTY_IO_ERROR bit tests with tty_io_error() - tty: Replace ASYNC_NORMAL_ACTIVE bit and update atomically - tty: Replace ASYNC_CHECK_CD and update atomically - tty: Replace ASYNC_SUSPENDED bit and update atomically - tty: Replace ASYNC_INITIALIZED bit and update atomically - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE- url: https://ubuntu.com/security/CVE-2022-48809 - net: fix a memleak when uncloning an skb dst and its metadata * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: introduce a controller state machine - nvme: move namespace scanning to core - nvme: move AER handling to common code - nvme: fix a possible use-after-free in controller reset during load - nvme-pci: fix multiple ctrl removal scheduling * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - tty: Define ASYNC_ replacement bits - tty: Replace ASYNC_CTS_FLOW bit and update atomically - tty: Remove ASYNC_CLOSING - tty: mxser: Remove ASYNC_CLOSING - isdn: Remove ASYNC_CLOSING - tty: Replace TTY_IO_ERROR bit tests with tty_io_error() - tty: Replace ASYNC_NORMAL_ACTIVE bit and update atomically - tty: Replace ASYNC_CHECK_CD and update atomically - tty: Replace ASYNC_SUSPENDED bit and update atomically - tty: Replace ASYNC_INITIALIZED bit and update atomically - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE- url: https://ubuntu.com/security/CVE-2022-48809 - net: fix a memleak when uncloning an skb dst and its metadata * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb a08cb20ce3c2470ca4b6f5739fdadec48f3d1f24 linux-buildinfo-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 3e2890818651319e7bd552dbbf74d794ac9a4d51 linux-cloud-tools-4.4.0-262-tuxcare.els33_4.4.0-262.296_amd64.deb 9d0e1dc6958c7168195326c9a8f92dfa2e385dd2 linux-cloud-tools-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 4666c70acf10f20376ce85ae9f2d01d75c5bf96b linux-cloud-tools-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 5af8819380c377c6713a99254d7c2d50fcc07d3e linux-cloud-tools-common_4.4.0-262.296_all.deb cd061836750ba050c8ce60b860666067a01946cf linux-cloud-tools-generic_4.4.0.262.296_amd64.deb 0424a1c7bdd0284696f84d0c82931080195cc55c linux-cloud-tools-lowlatency_4.4.0.262.296_amd64.deb d3bfbd4664e4bcdee56a4737f3fe665b917ccba5 linux-crashdump_4.4.0.262.296_amd64.deb 19412bed1e59be3088d47e313a4e7758824e4a6c linux-doc_4.4.0-262.296_all.deb ae504bbc6dd4ad5803db5f3b418d5cc1c3087b4d linux-generic_4.4.0.262.296_amd64.deb 22bdf0d6f751bb1349ac099e99a85f49c0916be6 linux-headers-4.4.0-262-tuxcare.els33_4.4.0-262.296_all.deb 60199867943adc9225afa404c8a801c2f27da147 linux-headers-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb e08523365ff4a2c750da416565298e57e6659d1f linux-headers-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 590e22127484129a1b5e415c7d030c27ae5e04ec linux-headers-generic_4.4.0.262.296_amd64.deb 8d85bd31ac117089d04e396f1d5c02446dbe89d5 linux-headers-lowlatency_4.4.0.262.296_amd64.deb 1281b3d465f180a16728cf648e7ca7e2204bb90d linux-image-generic_4.4.0.262.296_amd64.deb b354f2090b989c65ad147d6448cb5144a3b29603 linux-image-lowlatency_4.4.0.262.296_amd64.deb 2ff4632a64a89967743218b1a7dd3ce0fa3ba694 linux-image-unsigned-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 6b83680c44c163c350710c6d6063cfd79ecbe417 linux-image-unsigned-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 644ae817b5a6bef59c1793e4d18d85ce7039ecb1 linux-libc-dev_4.4.0-262.296_amd64.deb 50a364c3fce5c8530bb65eaf8b3d0268abea99fe linux-lowlatency_4.4.0.262.296_amd64.deb ffddabb7d359b92a2121ec508c99cca15720edb7 linux-modules-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb e1e1785e20f7ceb7fd5d7192624926ba3d7cf0ce linux-modules-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 4af9ace070bdf2f0addebd9af5bef823d503e85c linux-modules-extra-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 0e04f8b335cde74ba988caab610111fea7934b81 linux-source_4.4.0.262.296_all.deb 8f7628403bd28493d941dafa1112188c52f1efa5 linux-source-4.4.0_4.4.0-262.296_all.deb bcb9b5560e7c81af5dbb1e705c169e7f43dd8b4c linux-tools-4.4.0-262-tuxcare.els33_4.4.0-262.296_amd64.deb 53b20e66d050415a15799ee3bdf634c7665c58a4 linux-tools-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb 835d3c4a775214c4a12740be86afa7e2f3e87ba0 linux-tools-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb 6117a46fa6b187eade96a334f4e14e1e01344527 linux-tools-common_4.4.0-262.296_all.deb 71ea6788ca9aea853bfb53b56f4fa245db06d281 linux-tools-generic_4.4.0.262.296_amd64.deb 2a8d9e1a479e0fe308dade93fdfe1b33fe4c5e95 linux-tools-host_4.4.0-262.296_all.deb 4ceb2f7ac39f03a45cfaf6b33debdcd8c11ae4c6 linux-tools-lowlatency_4.4.0.262.296_amd64.deb 4e6dd4c4fe825ff8a056d808fb87f9981ab66732 CLSA-2024:1723809128 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: suppress too verbose messages in tcp_send_ack() - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - new helper: memdup_user_nul() - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: suppress too verbose messages in tcp_send_ack() - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - new helper: memdup_user_nul() - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 8eeb807f4964d8883ff45682340739dd472996c6 linux-buildinfo-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb f681e2dd7f92b807dd0dda66ea9c827bb5e4de13 linux-cloud-tools-4.4.0-263-tuxcare.els34_4.4.0-263.297_amd64.deb 11c3d9c3b68c55d6e912b25726eb01102d247147 linux-cloud-tools-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 6eb5c091119c58915276e8dfdf142f4f009c4f61 linux-cloud-tools-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb 7318cd97b3c675206eb018a7c6cb11c8dd325c1d linux-cloud-tools-common_4.4.0-263.297_all.deb 7a2a6aa9b63baf4d06d52518d8591594f1e9b196 linux-cloud-tools-generic_4.4.0.263.297_amd64.deb 5a61b956caee886aec893fd211741e337e7fb3ae linux-cloud-tools-lowlatency_4.4.0.263.297_amd64.deb 5b07ce355c73a997763b593da47cd8ae92f88691 linux-crashdump_4.4.0.263.297_amd64.deb 34621b3f026cb9ebeb58f5b2beb9e96f3492fdcf linux-doc_4.4.0-263.297_all.deb e4a58ed3bdb142a90d811beeaf669a42da036fab linux-generic_4.4.0.263.297_amd64.deb d5bba6b9449a81b1a593eb33b143c454544129e3 linux-headers-4.4.0-263-tuxcare.els34_4.4.0-263.297_all.deb f16f13be350efe5c9643ffaf99e8e7b2f446116e linux-headers-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 19612fd60b9c50030629ded4c37c4d7709f57494 linux-headers-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb 73f23293f5e830b42d75461cceace03b5f5ecf24 linux-headers-generic_4.4.0.263.297_amd64.deb edd70eefb4052806c0144598a06a4094a8f36a1e linux-headers-lowlatency_4.4.0.263.297_amd64.deb 2a6ddf315e9890577a90b00d0db0f5d68b6d69b0 linux-image-generic_4.4.0.263.297_amd64.deb 44d03325a6b95fbe638a27e8c464d8277d7dabf4 linux-image-lowlatency_4.4.0.263.297_amd64.deb 4aede97441e491026d4d51945f305f4c0a838e8c linux-image-unsigned-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 66401ad247065adbc38547dc4d58f8407607b7c7 linux-image-unsigned-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb fbd477c2194cff6091878888fa8d1119f108fba6 linux-libc-dev_4.4.0-263.297_amd64.deb 64fb60fded47500cdc759a4af45bbcac65ce3263 linux-lowlatency_4.4.0.263.297_amd64.deb bed4296d0005dabf689262840c024ccc6a323db7 linux-modules-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb a48959449c1a471966a2a62b0bb6c7a6ce6f5889 linux-modules-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb cb9aff16eb047cf84dce3957f149366f2cf1f77d linux-modules-extra-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb fe82474a3ec147d3c82b31b594c7a304b55f7a74 linux-source_4.4.0.263.297_all.deb 730e15eca0aabd30c90f7871af1fd545dc5d5e56 linux-source-4.4.0_4.4.0-263.297_all.deb 4090e0a5d87cedadd06e87ea8ea89f84c4de887f linux-tools-4.4.0-263-tuxcare.els34_4.4.0-263.297_amd64.deb 732b363b447694cd1fa191ccaa493d1271dd166f linux-tools-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb bd61403185f162936187b21c265daa849cca4a62 linux-tools-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb ab4102c34faf5e385aa24e614ce0b8f667d59d69 linux-tools-common_4.4.0-263.297_all.deb b990aea0ab4a9cf21aa4d13b35cd3720418bbfe2 linux-tools-generic_4.4.0.263.297_amd64.deb 16f1ee54976f1223df20e5cba723f03949edc5c2 linux-tools-host_4.4.0-263.297_all.deb 204e852e4bf1a05d116e7fd038a2c4367ac8a19b linux-tools-lowlatency_4.4.0.263.297_amd64.deb e48facb0081ea49d2664a9cd4771e752f4cf51a8 CLSA-2024:1723809480 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: suppress too verbose messages in tcp_send_ack() - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - new helper: memdup_user_nul() - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: suppress too verbose messages in tcp_send_ack() - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - new helper: memdup_user_nul() - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 8eeb807f4964d8883ff45682340739dd472996c6 linux-buildinfo-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb f681e2dd7f92b807dd0dda66ea9c827bb5e4de13 linux-cloud-tools-4.4.0-263-tuxcare.els34_4.4.0-263.297_amd64.deb 11c3d9c3b68c55d6e912b25726eb01102d247147 linux-cloud-tools-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 6eb5c091119c58915276e8dfdf142f4f009c4f61 linux-cloud-tools-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb 7318cd97b3c675206eb018a7c6cb11c8dd325c1d linux-cloud-tools-common_4.4.0-263.297_all.deb 7a2a6aa9b63baf4d06d52518d8591594f1e9b196 linux-cloud-tools-generic_4.4.0.263.297_amd64.deb 5a61b956caee886aec893fd211741e337e7fb3ae linux-cloud-tools-lowlatency_4.4.0.263.297_amd64.deb 5b07ce355c73a997763b593da47cd8ae92f88691 linux-crashdump_4.4.0.263.297_amd64.deb 34621b3f026cb9ebeb58f5b2beb9e96f3492fdcf linux-doc_4.4.0-263.297_all.deb e4a58ed3bdb142a90d811beeaf669a42da036fab linux-generic_4.4.0.263.297_amd64.deb d5bba6b9449a81b1a593eb33b143c454544129e3 linux-headers-4.4.0-263-tuxcare.els34_4.4.0-263.297_all.deb f16f13be350efe5c9643ffaf99e8e7b2f446116e linux-headers-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 19612fd60b9c50030629ded4c37c4d7709f57494 linux-headers-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb 73f23293f5e830b42d75461cceace03b5f5ecf24 linux-headers-generic_4.4.0.263.297_amd64.deb edd70eefb4052806c0144598a06a4094a8f36a1e linux-headers-lowlatency_4.4.0.263.297_amd64.deb 2a6ddf315e9890577a90b00d0db0f5d68b6d69b0 linux-image-generic_4.4.0.263.297_amd64.deb 44d03325a6b95fbe638a27e8c464d8277d7dabf4 linux-image-lowlatency_4.4.0.263.297_amd64.deb 4aede97441e491026d4d51945f305f4c0a838e8c linux-image-unsigned-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb 66401ad247065adbc38547dc4d58f8407607b7c7 linux-image-unsigned-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb fbd477c2194cff6091878888fa8d1119f108fba6 linux-libc-dev_4.4.0-263.297_amd64.deb 64fb60fded47500cdc759a4af45bbcac65ce3263 linux-lowlatency_4.4.0.263.297_amd64.deb bed4296d0005dabf689262840c024ccc6a323db7 linux-modules-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb a48959449c1a471966a2a62b0bb6c7a6ce6f5889 linux-modules-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb cb9aff16eb047cf84dce3957f149366f2cf1f77d linux-modules-extra-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb fe82474a3ec147d3c82b31b594c7a304b55f7a74 linux-source_4.4.0.263.297_all.deb 730e15eca0aabd30c90f7871af1fd545dc5d5e56 linux-source-4.4.0_4.4.0-263.297_all.deb 4090e0a5d87cedadd06e87ea8ea89f84c4de887f linux-tools-4.4.0-263-tuxcare.els34_4.4.0-263.297_amd64.deb 732b363b447694cd1fa191ccaa493d1271dd166f linux-tools-4.4.0-263-tuxcare.els34-generic_4.4.0-263.297_amd64.deb bd61403185f162936187b21c265daa849cca4a62 linux-tools-4.4.0-263-tuxcare.els34-lowlatency_4.4.0-263.297_amd64.deb ab4102c34faf5e385aa24e614ce0b8f667d59d69 linux-tools-common_4.4.0-263.297_all.deb b990aea0ab4a9cf21aa4d13b35cd3720418bbfe2 linux-tools-generic_4.4.0.263.297_amd64.deb 16f1ee54976f1223df20e5cba723f03949edc5c2 linux-tools-host_4.4.0-263.297_all.deb 204e852e4bf1a05d116e7fd038a2c4367ac8a19b linux-tools-lowlatency_4.4.0.263.297_amd64.deb e48facb0081ea49d2664a9cd4771e752f4cf51a8 CLSA-2024:1724260328 TuxCare License Agreement 0 * SECURITY UPDATE: exploit “quoted-overlap” zip-bombs with a high compression ratio - debian/patches/CVE-2024-0450.patch: Protect zipfile from "quoted-overlap" zipbomb - CVE-2024-0450 * replace TLSv1 by TLSv1.2 since TLSv1 is not supported in the following tests: - Lib/test/test_ftplib.py - Lib/test/test_httplib.py - Lib/test/test_poplib.py - Lib/test/test_ssl.py - Lib/test/test_urllib2_localnet.py Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: exploit “quoted-overlap” zip-bombs with a high compression ratio - debian/patches/CVE-2024-0450.patch: Protect zipfile from "quoted-overlap" zipbomb - CVE-2024-0450 * replace TLSv1 by TLSv1.2 since TLSv1 is not supported in the following tests: - Lib/test/test_ftplib.py - Lib/test/test_httplib.py - Lib/test/test_poplib.py - Lib/test/test_ssl.py - Lib/test/test_urllib2_localnet.py

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb 0466daebad53ce6fdcb32253e9532a32e74c2bee libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb 30c3eae2cf0d93494c2d887e1b386bb117eab142 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb a24478d9ed897d93dd5098d2e806de4af1e60aed libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb d4fe5cf47a000ad6c80010ad03203b62040a9070 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb ff10d138358d3ce7e237ff611f693fdb19b4858f libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb 5eb0cf68431fda385bf028f06ac517ae3d05c752 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb f9bff6b5ad3b0615bfa653f8b12b160573e6fc07 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb 1961721b116e5ea1ddfc2709d00a946c058084eb python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb 0440b6c6c79df5c2d144b26e2add80cb6fb14d92 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb 1490b0210e30dfaa7ac15e56469e9af23666c0d6 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb c49d46f3c516f43cdbc3cb308ca6d026a3aaa3ce python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb 51cfbb5881bc3626b3487ee20a7a02344ef4c5d1 CLSA-2024:1724260496 TuxCare License Agreement 0 * SECURITY UPDATE: still vulnerable to CVE-2020-9484 with a configuration edge case - debian/patches/CVE-2021-25329.patch: use java.nio.file.Path for consistent sub-directory checking - CVE-2021-25329 * SECURITY UPDATE: time-of-check to time-of-use vulnerability introduced by the CVE-2020-9484 fix - debian/patches/CVE-2022-23181.patch: make calculation of session storage location more robust - CVE-2022-23181 * Internal tests: - debian/rules: fail the build if some of the tests have failed - debian/patches/skipping-tests-incompatible-with-firewall.patch: backport from ubuntu18 els - debian/patches/dont-test-unsupported-ciphers.patch: skip testing of unsupported ciphers - debian/patches/skip-tests-error-and-unstable.patch: skip tests that fail with error and unstable ones Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: still vulnerable to CVE-2020-9484 with a configuration edge case - debian/patches/CVE-2021-25329.patch: use java.nio.file.Path for consistent sub-directory checking - CVE-2021-25329 * SECURITY UPDATE: time-of-check to time-of-use vulnerability introduced by the CVE-2020-9484 fix - debian/patches/CVE-2022-23181.patch: make calculation of session storage location more robust - CVE-2022-23181 * Internal tests: - debian/rules: fail the build if some of the tests have failed - debian/patches/skipping-tests-incompatible-with-firewall.patch: backport from ubuntu18 els - debian/patches/dont-test-unsupported-ciphers.patch: skip testing of unsupported ciphers - debian/patches/skip-tests-error-and-unstable.patch: skip tests that fail with error and unstable ones

0 tuxcare-ubuntu16.04-els libservlet3.1-java_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb d8fd7abdbe523a987c5753f0ff356ff295e62d0b libservlet3.1-java-doc_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb 5cac59f24628f2dd14af79836d299d3e084ff32c libtomcat8-java_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb fabf722dc090677961886ad6869f140a478dddf3 tomcat8_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb f35c9f0cb04e8f57c093c0b7ff51db2d709c2b9f tomcat8-admin_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb 072552cd3077cd1fa852244b6b3930ea41f6c3b4 tomcat8-common_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb e97ef3687366a5f227c7fa112f30304459c72ab9 tomcat8-docs_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb e531193fb0628fb4f8db31f7fec7d57a1fec799d tomcat8-examples_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb 7c559924b8a6e380e698d5cf1ed6c69651f5febd tomcat8-user_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb 8fef6c548d1a4022fb29cf9546c863b53a7b3ccf CLSA-2024:1724870691 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - fixup! scsi: qla2xxx: Fix double free of fcport Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - fixup! scsi: qla2xxx: Fix double free of fcport

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 7c2517337e89786509b52c20de63f74cd545eabb linux-buildinfo-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb ea1399c8661a113c0c70d05c5af8a9ad8a4ef129 linux-cloud-tools-4.4.0-264-tuxcare.els35_4.4.0-264.298_amd64.deb 36934818bc93c7c6377180649bb7a15c5d53dc82 linux-cloud-tools-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb c8296d53ab6477f801a3e5f2ce27ff4e66439f2b linux-cloud-tools-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb f33fdbdc03ab9dd23887c373a937cfe816e56dd9 linux-cloud-tools-common_4.4.0-264.298_all.deb 1c5ad01ff16e09a6ac9a8a1b24eff7d93bb73cf3 linux-cloud-tools-generic_4.4.0.264.298_amd64.deb 80dccc87a82f5aaf295d47f0c9f557d57f7e04d3 linux-cloud-tools-lowlatency_4.4.0.264.298_amd64.deb 697a8122ad803c1e121787b479c4f776f42d754d linux-crashdump_4.4.0.264.298_amd64.deb 53751c8f25b0c3c18aba6d33efe8a0889fa2e258 linux-doc_4.4.0-264.298_all.deb 2b4d6d9bda3ddce898152ab16bf38c000e917f23 linux-generic_4.4.0.264.298_amd64.deb 5817a4d74986c1ca8b7f811bd7270046385e7ed5 linux-headers-4.4.0-264-tuxcare.els35_4.4.0-264.298_all.deb dc796606648f1f0d17e3756d39498a9dc799404b linux-headers-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 437356bde9a87c504dcfc0f252aae3a6f74ea297 linux-headers-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb 913aaed6b5f98ee8ef6ae0a5e344e14a8865ed4f linux-headers-generic_4.4.0.264.298_amd64.deb 85008eefd4fb7ad671e71f110280404f88d214a5 linux-headers-lowlatency_4.4.0.264.298_amd64.deb 624cb435633aa1ba1083d95b91324ca3aa25cf5f linux-image-generic_4.4.0.264.298_amd64.deb 0500218c4cb4e5e9df5a7d0297ab5d70c1f7fb49 linux-image-lowlatency_4.4.0.264.298_amd64.deb 81eb49a7c3c5c683b556d15f8c14bdd9496071d5 linux-image-unsigned-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 4d935e0c3176b81d4fc6e06174872dba99e6b3f0 linux-image-unsigned-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb a95590433ddf900964a7d92865f6dbe61992484a linux-libc-dev_4.4.0-264.298_amd64.deb 4c6554d0d51bdb91f9ac427bcf88a90e4f247ca3 linux-lowlatency_4.4.0.264.298_amd64.deb 65581ae766b27b1bebeca27c1b0c52fa878a5165 linux-modules-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 1dcdeaee3b2dd565210229276a2e51515dd2fdcb linux-modules-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb ba73a7bdc708d9bdbf937528085c9df4c56ea2a7 linux-modules-extra-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb c398b5a328d2c59a87583935a133c4e4ef27d740 linux-source_4.4.0.264.298_all.deb 638f96b10658793aeef56ff53fe0bcb427d271cc linux-source-4.4.0_4.4.0-264.298_all.deb b52856abc5daae407723f745acf719ad94fb335b linux-tools-4.4.0-264-tuxcare.els35_4.4.0-264.298_amd64.deb 8914dceed93cd6f475816064352ddf2ab0211571 linux-tools-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb c7f8e6449be743fa3389d26e5b3188f60893484e linux-tools-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb f2557ae28a7269ac33b4ad75c78b85338379a8a3 linux-tools-common_4.4.0-264.298_all.deb 7e89d0ac7a86aff1cccd9ee273bc1e3323c8722d linux-tools-generic_4.4.0.264.298_amd64.deb e7432032698f9334f49cb79d11c4fe771db2d298 linux-tools-host_4.4.0-264.298_all.deb 2135f32fcc19614c4f04b82fdd3ae016da9aadf3 linux-tools-lowlatency_4.4.0.264.298_amd64.deb 7fbb156576ad0c3f34e11abdeb173022ea82017a CLSA-2024:1724870873 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - fixup! scsi: qla2xxx: Fix double free of fcport Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - fixup! scsi: qla2xxx: Fix double free of fcport

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 7c2517337e89786509b52c20de63f74cd545eabb linux-buildinfo-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb ea1399c8661a113c0c70d05c5af8a9ad8a4ef129 linux-cloud-tools-4.4.0-264-tuxcare.els35_4.4.0-264.298_amd64.deb 36934818bc93c7c6377180649bb7a15c5d53dc82 linux-cloud-tools-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb c8296d53ab6477f801a3e5f2ce27ff4e66439f2b linux-cloud-tools-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb f33fdbdc03ab9dd23887c373a937cfe816e56dd9 linux-cloud-tools-common_4.4.0-264.298_all.deb 1c5ad01ff16e09a6ac9a8a1b24eff7d93bb73cf3 linux-cloud-tools-generic_4.4.0.264.298_amd64.deb 80dccc87a82f5aaf295d47f0c9f557d57f7e04d3 linux-cloud-tools-lowlatency_4.4.0.264.298_amd64.deb 697a8122ad803c1e121787b479c4f776f42d754d linux-crashdump_4.4.0.264.298_amd64.deb 53751c8f25b0c3c18aba6d33efe8a0889fa2e258 linux-doc_4.4.0-264.298_all.deb 2b4d6d9bda3ddce898152ab16bf38c000e917f23 linux-generic_4.4.0.264.298_amd64.deb 5817a4d74986c1ca8b7f811bd7270046385e7ed5 linux-headers-4.4.0-264-tuxcare.els35_4.4.0-264.298_all.deb dc796606648f1f0d17e3756d39498a9dc799404b linux-headers-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 437356bde9a87c504dcfc0f252aae3a6f74ea297 linux-headers-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb 913aaed6b5f98ee8ef6ae0a5e344e14a8865ed4f linux-headers-generic_4.4.0.264.298_amd64.deb 85008eefd4fb7ad671e71f110280404f88d214a5 linux-headers-lowlatency_4.4.0.264.298_amd64.deb 624cb435633aa1ba1083d95b91324ca3aa25cf5f linux-image-generic_4.4.0.264.298_amd64.deb 0500218c4cb4e5e9df5a7d0297ab5d70c1f7fb49 linux-image-lowlatency_4.4.0.264.298_amd64.deb 81eb49a7c3c5c683b556d15f8c14bdd9496071d5 linux-image-unsigned-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 4d935e0c3176b81d4fc6e06174872dba99e6b3f0 linux-image-unsigned-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb a95590433ddf900964a7d92865f6dbe61992484a linux-libc-dev_4.4.0-264.298_amd64.deb 4c6554d0d51bdb91f9ac427bcf88a90e4f247ca3 linux-lowlatency_4.4.0.264.298_amd64.deb 65581ae766b27b1bebeca27c1b0c52fa878a5165 linux-modules-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb 1dcdeaee3b2dd565210229276a2e51515dd2fdcb linux-modules-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb ba73a7bdc708d9bdbf937528085c9df4c56ea2a7 linux-modules-extra-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb c398b5a328d2c59a87583935a133c4e4ef27d740 linux-source_4.4.0.264.298_all.deb 638f96b10658793aeef56ff53fe0bcb427d271cc linux-source-4.4.0_4.4.0-264.298_all.deb b52856abc5daae407723f745acf719ad94fb335b linux-tools-4.4.0-264-tuxcare.els35_4.4.0-264.298_amd64.deb 8914dceed93cd6f475816064352ddf2ab0211571 linux-tools-4.4.0-264-tuxcare.els35-generic_4.4.0-264.298_amd64.deb c7f8e6449be743fa3389d26e5b3188f60893484e linux-tools-4.4.0-264-tuxcare.els35-lowlatency_4.4.0-264.298_amd64.deb f2557ae28a7269ac33b4ad75c78b85338379a8a3 linux-tools-common_4.4.0-264.298_all.deb 7e89d0ac7a86aff1cccd9ee273bc1e3323c8722d linux-tools-generic_4.4.0.264.298_amd64.deb e7432032698f9334f49cb79d11c4fe771db2d298 linux-tools-host_4.4.0-264.298_all.deb 2135f32fcc19614c4f04b82fdd3ae016da9aadf3 linux-tools-lowlatency_4.4.0.264.298_amd64.deb 7fbb156576ad0c3f34e11abdeb173022ea82017a CLSA-2024:1725012024 TuxCare License Agreement 0 * SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: prevent crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38477 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: prevent crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38477

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els15_amd64.deb 627ec571c2c3fb70a9e07b8466feef2d3ca308a9 apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els15_amd64.deb 9ae56987ed9a92428c610659eec28a0bc04c530f apache2-data_2.4.18-2ubuntu3.17+tuxcare.els15_all.deb 39dcb5c07f8ef2cdd69ca127329260469b147e20 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els15_amd64.deb 259ca02bf24068e22889952a802c1455712de879 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els15_all.deb 42283bf50981a863c602471b3ac820305f71f4af apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els15_amd64.deb fed4243749c0c626c7b162688a428ea50a497238 apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els15_amd64.deb 48b181d325b7e53aa6cf447b577bcc1765c6fb6e apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els15_amd64.deb 3563d310dbc88f2ee5384d5e6e81d578906d5bbd CLSA-2024:1725012247 TuxCare License Agreement 0 * SECURITY UPDATE: Memory Corruption via Out-of-bounds Write in ESI variables assignment - debian/patches/CVE-2024-37894.patch: fix incorrect type declaration in TrieNode.cc to prevent potential type conversion issues - CVE-2024-37894 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Memory Corruption via Out-of-bounds Write in ESI variables assignment - debian/patches/CVE-2024-37894.patch: fix incorrect type declaration in TrieNode.cc to prevent potential type conversion issues - CVE-2024-37894

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els9_amd64.deb 37f9ed03bbd44c90210e1d9fa40d3ea3f21d738e squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els9_amd64.deb 441593cd79063362d4108f01c671a0531b7c08d1 squid-common_3.5.12-1ubuntu7.17+tuxcare.els9_all.deb 35f99c837735cdad34d20f8713c0836cf17e893f squid-purge_3.5.12-1ubuntu7.17+tuxcare.els9_amd64.deb 25190270cbb4601c4d2436b5b8323dea28edf431 squid3_3.5.12-1ubuntu7.17+tuxcare.els9_all.deb 40721e4ab63230235c00569345ce71f21a58f8df squidclient_3.5.12-1ubuntu7.17+tuxcare.els9_amd64.deb b6de89fe58c9a1604b051344e8c67a8c01a9d489 CLSA-2024:1725471213 TuxCare License Agreement 0 * SECURITY UPDATE: Client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests - debian/patches/CVE-2024-1975.patch: Remove support for SIG(0) message verification. - CVE-2024-1975 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests - debian/patches/CVE-2024-1975.patch: Remove support for SIG(0) message verification. - CVE-2024-1975

0 tuxcare-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 9141e8348a74c0904feb93abd42b435243c20b5c bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_all.deb 08edad6abcdbe7b561ecdcfb3caadf166c603a17 bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb bda23ee6a579f2502f9d72506ef29102cd945436 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb fd1cc75cb29c247de8779ed8f19c11dfe6da3cd1 dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 9dcf51d814e06f1b0f0ae6bdf55aadc9e65da4ba host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_all.deb b6825dd47b8eb773fa3253b057f40f2c4e46cdbc libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb e98e1d8949c0226a93c59e4b791ae71648238a4b libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb bb90f7441b69986038a73a8c5c535e402cb7ad28 libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 587fb1004d012fa4ca50479199804d5893b9aaeb libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 550cc9ec38c79a1b51660493c26d412f4eeb4d8b libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 65586f1673d1aa52dd3d1239209141a0e72c589e libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 173e193025269b40b4b2e4174359cee396a28f68 libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 79e71abc308174cb4e2dd808f5506d647f1959a2 libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 7b2e64857ce6a01f7fb965248e71069b1c1f06ca libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb d19d6eceb8d917d3346da37692d68dea9834fae7 libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb dfc4a27ebca0a586f32795ebdecb1c8bd36603cd libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 7a4f0812947b4d85fdcdfb4b26f264610c7b7a43 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb ab37f476a4867b435e896147b96f621511af5a0c libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 52e685423af0925d9dfa19e4769bc2ca9b2be293 liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 290c9ca8ec922f66f73165deed0abade239ade33 lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els8_amd64.deb 0848f40cb0d9256e3dcbb5bd1644dc1b0213c0f0 CLSA-2024:1725652323 TuxCare License Agreement 0 * SECURITY UPDATE: Potential arbitrary code execution - debian/patches/CVE-2024-32004.patch: Enhance ownership checks to detect dubious local repositories during cloning, warning users of potential risks. This change affects multiple Git commands to improve overall security. - CVE-2024-32004 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Potential arbitrary code execution - debian/patches/CVE-2024-32004.patch: Enhance ownership checks to detect dubious local repositories during cloning, warning users of potential risks. This change affects multiple Git commands to improve overall security. - CVE-2024-32004

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els4_amd64.deb 84996fac7f74c2d0da3b8f454dd4d2030b608827 git-all_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 2b0cd4374e2eb5a73559228a800a48e970f753e0 git-arch_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb ad57c5f39b8089126dd7f0c02f2b399645d242d2 git-core_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 1f917d162e3a6a66791a5a6abf12f112dde5d3cc git-cvs_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 252c68ab634103349a0b5061cc22796d3b7125cf git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb fc3c5fdd6662b97c4ebaf44e0a00db72278d49db git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 77adbce289ebd4ea936c9d829eeded385215ff09 git-doc_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 546dd952706948c50d99d6024fe4dcdf60b7b5cd git-el_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb b1acba628bd83ac2894f475fe475bc762949e6c5 git-email_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb db54b1a32c5a9da836494045bd1b7d3b3c07049f git-gui_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb e0882907fd2043600c96298b3903becd16cf044a git-man_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 751543f4aed81e98e409662f5cd4ea9541a3e506 git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 51e1d21cbb7c895417180cef85596f4f924edaf4 git-svn_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb 155feadee38850ccc769e336d85ce8bc834b1264 gitk_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb ab97531ae63cc48be626807cc9e1f299c843674b gitweb_2.7.4-0ubuntu1.10+tuxcare.els4_all.deb e9fc57a58074f147c08585cdc2a58a751bc1120b CLSA-2024:1726313254 TuxCare License Agreement 0 * SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str() issues and add unit tests to verify correct behaviour - CVE-2024-7264 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str() issues and add unit tests to verify correct behaviour - CVE-2024-7264

0 tuxcare-ubuntu16.04-els curl_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb afeade26a120e12cb8781efef0cd15eee8853dbf libcurl3_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb 8a6e3fab03bc861ab4c3681827dedb11dd5e736f libcurl3-gnutls_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb e7bfcfa8875e6397972c7cfdce64c61dc380fa30 libcurl3-nss_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb 98b7cf219c806eb7dd4b6e5f5c3270d02e3a4b5e libcurl4-doc_7.47.0-1ubuntu2.23+tuxcare.els13_all.deb 74a565b5c6a18c970933332165938ece405911de libcurl4-gnutls-dev_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb 8378f842328c9bc4290849051d3069b3d801cf20 libcurl4-nss-dev_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb a474af27e4ed90621d1e35d7d9f3e1398a9385fd libcurl4-openssl-dev_7.47.0-1ubuntu2.23+tuxcare.els13_amd64.deb 4802f7150a1c6e21832e4180802c9c1470631688 CLSA-2024:1726608017 TuxCare License Agreement 0 * SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45491.patch: fix dtdCopy in xmlparse.c - CVE-2024-45491 * SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45492.patch: fix nextScaffoldPart in xmlparse.c - CVE-2024-45492 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45491.patch: fix dtdCopy in xmlparse.c - CVE-2024-45491 * SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45492.patch: fix nextScaffoldPart in xmlparse.c - CVE-2024-45492

0 tuxcare-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els5_amd64.deb bb1e7428d52798e0d7823326089a55a1dc39262a libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els5_amd64.deb 045029e8f703e4446fd9f97819f6b01a3c3a2212 libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els5_amd64.deb efee2421f7b691e476957fb396ff1b73775da17d CLSA-2024:1727287657 TuxCare License Agreement 0 * SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371

0 tuxcare-ubuntu16.04-els krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb c6bb09b9f6d900ebc968a9d934d09f2e60401139 krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_all.deb 730aac08a6c4b7fa3cc938c6fdbd88835bc0ff4a krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb fe5e24678dfb8726711af4e38af861caf3260071 krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb ae97f70a016992726199c11f32ad6dfcd1f03f10 krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 7c4e28b1cc1711d5ba9ddafef43bb484fb2c9c72 krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb b806fc97026d11cfdfd9bd0c2b9892f102f176fc krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_all.deb d4ed1b53f5202f83257a7bcc170d966a7f21a800 krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb ef461d7fed9dd1e68df24a2d876d54c1aeb508d3 krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 694ac415cf3ba43588867167ad250422a33f41e2 krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 0359df2832265935fc251c106343ebf26f0559f3 krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb fec3cdfe98f392fae9ad9fac1c9c4abe006fffd6 libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb a0e6c65b33d4d07e1202af9ec95a5ee8758df176 libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 34ba60af71ed74df2efa2117f0f8e5f35d00a9c0 libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 29ed337be45ffd21946d535ea35bc48f49ceb51d libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb b77c2bb2344f3a25e4e5dcf555820d5067e0c307 libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 688618d6e84eb785dcf3389844eb07fb4b5c5d73 libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb c6b3358999d00457612eee2fe08f5c29ac2d3f09 libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 95d64bd9b064d1bdde006758741aab35c5719f96 libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb e84163aebfa9a0f7c0296f807a92c18c504890f0 libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb fcea039c9abdf72a14be3fda70ae7ece1b931a4e libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb cd6ea1664d5e0299891ea32011751211d19f109d libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb 36495e073337c263b0f46e159a3b6960d843edfa CLSA-2024:1727816002 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48742 - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47576 - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-48919 - cifs: fix double free race when mount fails in cifs_get_root() * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47589 - igbvf: fix double free in `igbvf_probe` * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47600 - dm btree remove: fix use after free in rebalance_children() * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) // CVE- url: https://ubuntu.com/security/CVE-2024-41044 - ppp: ensure minimum packet size in ppp_write() * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48742 - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47576 - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-48919 - cifs: fix double free race when mount fails in cifs_get_root() * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47589 - igbvf: fix double free in `igbvf_probe` * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47600 - dm btree remove: fix use after free in rebalance_children() * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) // CVE- url: https://ubuntu.com/security/CVE-2024-41044 - ppp: ensure minimum packet size in ppp_write() * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb af03b1ada1b561f670082623d5d0f33ac1ad395d linux-buildinfo-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 7391d951707cd49b7ea536c518f2e57c82b9186a linux-cloud-tools-4.4.0-265-tuxcare.els36_4.4.0-265.299_amd64.deb 6266fbfc99a6e26b82519a32728a4d1363c6bd29 linux-cloud-tools-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 5a0a5d971bc16de57c6345814387418d06763e38 linux-cloud-tools-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 9aad94b4cdbba79c391bd68a4daf243d82ade190 linux-cloud-tools-common_4.4.0-265.299_all.deb edaefbbc0bd389cc59e85e0b43a95bf1f7fc17a8 linux-cloud-tools-generic_4.4.0.265.299_amd64.deb a202777494e2777fe69882ff5e3c5e4720ebd8c6 linux-cloud-tools-lowlatency_4.4.0.265.299_amd64.deb ed12710ccee379f941efd626967303c4433896f1 linux-crashdump_4.4.0.265.299_amd64.deb aad20816756ab20f428ff6f38027d2f122bdd027 linux-doc_4.4.0-265.299_all.deb 9548c0f288962d07cf6433910915d544b966bf4f linux-generic_4.4.0.265.299_amd64.deb 1e9d045db810227f8e1ebad1e6fd7c2b8a6680fe linux-headers-4.4.0-265-tuxcare.els36_4.4.0-265.299_all.deb 650d37e0a21a6217a7f2e2a61493e2a8e03c24c8 linux-headers-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 6c9be63ee66539cab9ac11c248426002a7f98eb3 linux-headers-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 230aebbb1e402c756ce9153f3f04d439756c51e4 linux-headers-generic_4.4.0.265.299_amd64.deb 0f39443810d1452fd4a8ede831fed60192d5c77e linux-headers-lowlatency_4.4.0.265.299_amd64.deb f665b2f04a4dc1a8652a4b339fb12bab7ea3ff35 linux-image-generic_4.4.0.265.299_amd64.deb f943352053861f5b8c252a6c8b317eaba9d37403 linux-image-lowlatency_4.4.0.265.299_amd64.deb 24a5a332e0656716588ec75cc096131ca751e0d2 linux-image-unsigned-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb c279f0523e8a86d741af68b0c44ee368fada1fe0 linux-image-unsigned-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 7375f5469646b6e33b4be36fd29c10f2af1e7dc0 linux-libc-dev_4.4.0-265.299_amd64.deb 69f6b554d1e8de095e6f2dbbfb8c1eda1292dc4b linux-lowlatency_4.4.0.265.299_amd64.deb 0e15a6a12bcbe19268d84ccaea668018526d7831 linux-modules-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 833b90437ee56634162987d2340c0e7b835c0158 linux-modules-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 9af7b1a0f9f97ffaeba8a0fe34751ee80b270f36 linux-modules-extra-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb a3d9aafb1e6e01ac1a13c38455e7a4ee380841c2 linux-source_4.4.0.265.299_all.deb 1b17260d64c6150f7eb6f4d1baab32d26e1958d5 linux-source-4.4.0_4.4.0-265.299_all.deb 63ee38d39755b66765f0d7aa5f05d1599c358798 linux-tools-4.4.0-265-tuxcare.els36_4.4.0-265.299_amd64.deb 67c6d6628706a19446eb45ef585b588d80afd232 linux-tools-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 8ff44c7b6f0da9fc33489ba8b8ab44ef8c5e5bf0 linux-tools-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb c129e3d525a74269dc0c9d78b7eeb94158da40a5 linux-tools-common_4.4.0-265.299_all.deb e237f2b902afce921c8b9392c3c76c8070024332 linux-tools-generic_4.4.0.265.299_amd64.deb 2ca82c500cc82c37919117e66af86ccf3c0efb7b linux-tools-host_4.4.0-265.299_all.deb 80f2d0270a674f515ad3dd7574a9b55882c4f647 linux-tools-lowlatency_4.4.0.265.299_amd64.deb 7ee6c03ec5710e6fdc64e182df509f3d800da448 CLSA-2024:1727816710 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48742 - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47576 - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-48919 - cifs: fix double free race when mount fails in cifs_get_root() * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47589 - igbvf: fix double free in `igbvf_probe` * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47600 - dm btree remove: fix use after free in rebalance_children() * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) // CVE- url: https://ubuntu.com/security/CVE-2024-41044 - ppp: ensure minimum packet size in ppp_write() * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48742 - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47576 - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-48919 - cifs: fix double free race when mount fails in cifs_get_root() * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47589 - igbvf: fix double free in `igbvf_probe` * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47600 - dm btree remove: fix use after free in rebalance_children() * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) // CVE- url: https://ubuntu.com/security/CVE-2024-41044 - ppp: ensure minimum packet size in ppp_write() * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb af03b1ada1b561f670082623d5d0f33ac1ad395d linux-buildinfo-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 7391d951707cd49b7ea536c518f2e57c82b9186a linux-cloud-tools-4.4.0-265-tuxcare.els36_4.4.0-265.299_amd64.deb 6266fbfc99a6e26b82519a32728a4d1363c6bd29 linux-cloud-tools-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 5a0a5d971bc16de57c6345814387418d06763e38 linux-cloud-tools-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 9aad94b4cdbba79c391bd68a4daf243d82ade190 linux-cloud-tools-common_4.4.0-265.299_all.deb edaefbbc0bd389cc59e85e0b43a95bf1f7fc17a8 linux-cloud-tools-generic_4.4.0.265.299_amd64.deb a202777494e2777fe69882ff5e3c5e4720ebd8c6 linux-cloud-tools-lowlatency_4.4.0.265.299_amd64.deb ed12710ccee379f941efd626967303c4433896f1 linux-crashdump_4.4.0.265.299_amd64.deb aad20816756ab20f428ff6f38027d2f122bdd027 linux-doc_4.4.0-265.299_all.deb 9548c0f288962d07cf6433910915d544b966bf4f linux-generic_4.4.0.265.299_amd64.deb 1e9d045db810227f8e1ebad1e6fd7c2b8a6680fe linux-headers-4.4.0-265-tuxcare.els36_4.4.0-265.299_all.deb 650d37e0a21a6217a7f2e2a61493e2a8e03c24c8 linux-headers-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 6c9be63ee66539cab9ac11c248426002a7f98eb3 linux-headers-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 230aebbb1e402c756ce9153f3f04d439756c51e4 linux-headers-generic_4.4.0.265.299_amd64.deb 0f39443810d1452fd4a8ede831fed60192d5c77e linux-headers-lowlatency_4.4.0.265.299_amd64.deb f665b2f04a4dc1a8652a4b339fb12bab7ea3ff35 linux-image-generic_4.4.0.265.299_amd64.deb f943352053861f5b8c252a6c8b317eaba9d37403 linux-image-lowlatency_4.4.0.265.299_amd64.deb 24a5a332e0656716588ec75cc096131ca751e0d2 linux-image-unsigned-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb c279f0523e8a86d741af68b0c44ee368fada1fe0 linux-image-unsigned-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 7375f5469646b6e33b4be36fd29c10f2af1e7dc0 linux-libc-dev_4.4.0-265.299_amd64.deb 69f6b554d1e8de095e6f2dbbfb8c1eda1292dc4b linux-lowlatency_4.4.0.265.299_amd64.deb 0e15a6a12bcbe19268d84ccaea668018526d7831 linux-modules-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 833b90437ee56634162987d2340c0e7b835c0158 linux-modules-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb 9af7b1a0f9f97ffaeba8a0fe34751ee80b270f36 linux-modules-extra-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb a3d9aafb1e6e01ac1a13c38455e7a4ee380841c2 linux-source_4.4.0.265.299_all.deb 1b17260d64c6150f7eb6f4d1baab32d26e1958d5 linux-source-4.4.0_4.4.0-265.299_all.deb 63ee38d39755b66765f0d7aa5f05d1599c358798 linux-tools-4.4.0-265-tuxcare.els36_4.4.0-265.299_amd64.deb 67c6d6628706a19446eb45ef585b588d80afd232 linux-tools-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb 8ff44c7b6f0da9fc33489ba8b8ab44ef8c5e5bf0 linux-tools-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb c129e3d525a74269dc0c9d78b7eeb94158da40a5 linux-tools-common_4.4.0-265.299_all.deb e237f2b902afce921c8b9392c3c76c8070024332 linux-tools-generic_4.4.0.265.299_amd64.deb 2ca82c500cc82c37919117e66af86ccf3c0efb7b linux-tools-host_4.4.0-265.299_all.deb 80f2d0270a674f515ad3dd7574a9b55882c4f647 linux-tools-lowlatency_4.4.0.265.299_amd64.deb 7ee6c03ec5710e6fdc64e182df509f3d800da448 CLSA-2024:1727895166 TuxCare License Agreement 0 * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile - debian/patches/CVE-2024-6232.patch: fix regexp handling in tarfile - CVE-2024-6232 * SECURITY UPDATE: Algorithm with quadratic complexity using excess CPU resources while parsing the cookie value - debian/patches/CVE-2024-7592.patch: fix algorithm with quadratic complexity - CVE-2024-7592 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile - debian/patches/CVE-2024-6232.patch: fix regexp handling in tarfile - CVE-2024-6232 * SECURITY UPDATE: Algorithm with quadratic complexity using excess CPU resources while parsing the cookie value - debian/patches/CVE-2024-7592.patch: fix algorithm with quadratic complexity - CVE-2024-7592

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_all.deb ca4b56d06384e99d6d791d22374e450c91ed27fa libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb 4c2cc241c296d49efc1230d2ce70346d1b3f0884 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb f08cb611757ac9c97e5c47ce4f86a97c8152b717 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb cb13ec973a38e1df245eed053747d6d4f85aa81e libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb e52ad374942fc73a171f3cbea0a054d25ba75962 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_all.deb c7e61e76894d901467df61924ee15fc5adc25f29 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb 6baab4355f4438792200501d57710f7b470cd370 python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb 4733604166ae4ebd1219e3a3ff887c8f67d393e0 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_all.deb 0771deeb016f3558f96ebcf9d5ce24a8f4e7b19f python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_all.deb c47c86cdbe396bbafb92e5650a45907b4a93063b python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els14_amd64.deb 71d3baf8d6850920f90b4e8be93ac65b551ebbd3 CLSA-2024:1727979720 TuxCare License Agreement 0 * SECURITY UPDATE: allocation of resources without limits or throttling - debian/patches/CVE-2024-1737-1: introduced new configurable limits that prevent the loading (into zones or into cache) of DNS resource records (RRs) that exceed them - debian/patches/CVE-2024-1737-2: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES. Add masterformat tests for testing RRsets. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: allocation of resources without limits or throttling - debian/patches/CVE-2024-1737-1: introduced new configurable limits that prevent the loading (into zones or into cache) of DNS resource records (RRs) that exceed them - debian/patches/CVE-2024-1737-2: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES. Add masterformat tests for testing RRsets.

0 tuxcare-ubuntu16.04-els bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 7a6d489a33b75151e9401ec2921b68f0df2e2777 bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_all.deb 752d2c69d08f837464444db54c83e8cf89a59501 bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb fdacb5c99e4f97096fb5125218ded78310925c76 bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 21621f0434f68bf8dca2f52d1af0b378309f1cb1 dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 5a9dafc65c72d8425f765d0f4d96a370219e5fb6 host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_all.deb 83efac2f42e8ac73a5706161315f1e14317c6f11 libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 88b7f5b512bf02c171313ffa8cbb6484b76a4389 libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 2b838234e92eca77135e6f269e52d19d9f946d6d libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 7141001e32cd41589551ea800d9b7e7735d4fb9a libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb e87d4b19cef614ba4c4c39db0e26cb852d1c1a1d libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 4b7fe372c14888625cb4b556c0bba3f0608c6696 libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 1ce172489043509688f9e75a0966673636791e9a libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 167b22b9998b7f764bbeca47ae8749042dc68788 libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 8df0b30f7621c9c4b5bcea206ca7b130208d859f libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 877d1b022afb67bc7f336f2784f437c32afd4763 libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb b4a5d1b6fc68e7faa492131adaccffbe2f278fbb libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 9bb8d1d1de7d86b8d97b57bb22721c0f1447b5b2 libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 1388a972e4561f00f79674583d663586b1959191 libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb 3b0952716a80b41ffb57dc4cdc19dc74bcd34569 liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb fd6b42d66aa6627b0653c1667f7a0092a3855234 lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb bd3c65fdc10bdefe7293d6f875cf4ba057f0121a CLSA-2024:1728056209 TuxCare License Agreement 0 * SECURITY UPDATE: TOCTOU race condition in pg_dump - debian/patches/CVE-2024-7348.patch: Fix TOCTOU race condition in pg_dump. - CVE-2024-7348 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: TOCTOU race condition in pg_dump - debian/patches/CVE-2024-7348.patch: Fix TOCTOU race condition in pg_dump. - CVE-2024-7348

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 81b8f09807671c308a6027d281f006a7f263025b libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb dece902fa14dc581f8b5cad9b228d052bab01322 libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 24119bdcd1d9e23d257c9bc6b9fe76ac58e58b91 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 8c6796de6090e9ec4d276cf573b60714917cd410 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 0f93cf01ba465faee01629dd90f1bc6693d54652 libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 4a9950dc8a536ce0446cc09c379d40fc3590c64e postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb a6f31604927cb1f6907e001dfa65e12433be9f94 postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 6d5d819e605bbe6585d1decb86bb4584ac971743 postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb a8c6e38f811ed97f621a1f132a5dec7b532cbc3b postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_all.deb b7051ed93ab37b3138d408c1f3e1e58502fb80d1 postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 6eaf25db1e03d81f0f1b77f4eea08f47b5efc045 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 2ace2370dee8c642628d3bb40b98721236c404a6 postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb a234b223d3615ec32e91310564a64c86d9be7d40 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb 812a09e5e94ef322d5d2888eb0f33cc05ca0e8b4 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els8_amd64.deb e825a759699d6e0fd8cf0a81837edb0a0ec30541 CLSA-2024:1728477985 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2024-08-11: - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); * SECURITY UPDATE: Fix improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. - CVE-2023-31315 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2024-08-11: - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); * SECURITY UPDATE: Fix improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. - CVE-2023-31315

0 tuxcare-ubuntu16.04-els amd64-microcode_3.20240811.1ubuntu0.16.04.2+tuxcare.els1_amd64.deb 9d9c38f071cf2592bbe364e0132d448fa10b8eb4 CLSA-2024:1728478342 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2024-08-13: - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720 sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688 sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280 sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216 * SECURITY UPDATE: - CVE-2024-24980, INTEL-SA-01100 - CVE-2024-25939, INTEL-SA-01118 - CVE-2023-42667, INTEL-SA-01038 - CVE-2023-49141, INTEL-SA-01046 - CVE-2024-24853, INTEL-SA-01083 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2024-08-13: - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720 sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688 sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280 sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216 * SECURITY UPDATE: - CVE-2024-24980, INTEL-SA-01100 - CVE-2024-25939, INTEL-SA-01118 - CVE-2023-42667, INTEL-SA-01038 - CVE-2023-49141, INTEL-SA-01046 - CVE-2024-24853, INTEL-SA-01083

0 tuxcare-ubuntu16.04-els intel-microcode_3.20240813.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 978e816299a9396effc8604cfe24c2bd2928ca1a CLSA-2024:1728584192 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48838 - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48836 - Input: aiptek - properly check endpoint type * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47181 - usb: musb: tusb6010: check return value after calling platform_get_resource() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48838 - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48836 - Input: aiptek - properly check endpoint type * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47181 - usb: musb: tusb6010: check return value after calling platform_get_resource()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb 1c355dac369651fc4b902d1e8b1e5d8deba2a26f linux-buildinfo-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 736be21040269dfb54142c813bd625273ae36336 linux-cloud-tools-4.4.0-266-tuxcare.els37_4.4.0-266.300_amd64.deb 443a4642cce248cdefbdf7518f667c7206cc24cc linux-cloud-tools-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb 168a516e99b0dd1bf21d3d7453edcbb614c48b41 linux-cloud-tools-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 8349f647339e7ca46ddb9236076836a3597d7804 linux-cloud-tools-common_4.4.0-266.300_all.deb 143f8467829a8c2898f563aa7204b658246bd085 linux-cloud-tools-generic_4.4.0.266.300_amd64.deb 9a072e324ed203c8a3980f13509368b2ef59ccd4 linux-cloud-tools-lowlatency_4.4.0.266.300_amd64.deb 2345e068e424c650f9215d3572579f50c6389e12 linux-crashdump_4.4.0.266.300_amd64.deb e599d8a67581bc9a7f72be3c42fd24cdf3ae4526 linux-doc_4.4.0-266.300_all.deb 54b18ba7897216f1de8360090b5d40026075724e linux-generic_4.4.0.266.300_amd64.deb 0e4aab8743ed9590a1797f2186ccb5f0127b896d linux-headers-4.4.0-266-tuxcare.els37_4.4.0-266.300_all.deb 5caf79885d4607db5811a207e16ac83c856421d7 linux-headers-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb c6166bfea56dfa9430bdb9d8a6f4c8aee78a6ed4 linux-headers-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 92598ab099a248ac4b145dae664c3ed765802477 linux-headers-generic_4.4.0.266.300_amd64.deb 7794e1d1f9e6f0c3dc1e6b2a117c4815abb438c2 linux-headers-lowlatency_4.4.0.266.300_amd64.deb 10b53044ec465c9365ec7cda43b54c158e71c04e linux-image-generic_4.4.0.266.300_amd64.deb 6324ff9da03edfe17917b98466a827bb71f00814 linux-image-lowlatency_4.4.0.266.300_amd64.deb c67ccede277e8517dfa7532987fd7bd9a7fd48dd linux-image-unsigned-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb d72295f3f65ad4a127da753e9c40f641d102b95f linux-image-unsigned-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 143dac9addcb26f7b22d2cd8341e994702e6211a linux-libc-dev_4.4.0-266.300_amd64.deb 5ac2f358d0ba5ed50c106d3a41ed760ad2a5e2fc linux-lowlatency_4.4.0.266.300_amd64.deb 9c80e8de1d5c9e74ffea442b02909464885026ac linux-modules-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb 7b6c0c265d9544185cf4aeba5de7858cf150e2ac linux-modules-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb df1d6733ad248325e2cbb2a6eb012732937ee439 linux-modules-extra-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb a986aedd6a85fdd308ec1e6f27a5f0d74634d34b linux-source_4.4.0.266.300_all.deb a970346ddbe22a8f55917e3409c3c2ccc6d296f7 linux-source-4.4.0_4.4.0-266.300_all.deb 63dd6bb1c2b7451ffd608aefd4aece223a27dbf8 linux-tools-4.4.0-266-tuxcare.els37_4.4.0-266.300_amd64.deb 2190fba2e973f16abaf9596e05c62f1bc0f5185f linux-tools-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb fc297854ca52c8e36d79cd372524b2bbe5f984ad linux-tools-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 8433a20143f14bd1e6ffded6aed5a0bf7656a09d linux-tools-common_4.4.0-266.300_all.deb 8f614c7bae12162556acff9115b06f23f52d1005 linux-tools-generic_4.4.0.266.300_amd64.deb 189b2cbad318eaf345bd5e62e8e48381ff1e90b2 linux-tools-host_4.4.0-266.300_all.deb 3694a38d8899d0c0719d576b9c4a0a0196c0f08d linux-tools-lowlatency_4.4.0.266.300_amd64.deb d003bc74ffe4f4c29b8daea460c27d3200920a2a CLSA-2024:1728584513 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48838 - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48836 - Input: aiptek - properly check endpoint type * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47181 - usb: musb: tusb6010: check return value after calling platform_get_resource() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48838 - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE- url: https://ubuntu.com/security/CVE-2022-48836 - Input: aiptek - properly check endpoint type * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE- url: https://ubuntu.com/security/CVE-2021-47181 - usb: musb: tusb6010: check return value after calling platform_get_resource()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb 1c355dac369651fc4b902d1e8b1e5d8deba2a26f linux-buildinfo-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 736be21040269dfb54142c813bd625273ae36336 linux-cloud-tools-4.4.0-266-tuxcare.els37_4.4.0-266.300_amd64.deb 443a4642cce248cdefbdf7518f667c7206cc24cc linux-cloud-tools-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb 168a516e99b0dd1bf21d3d7453edcbb614c48b41 linux-cloud-tools-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 8349f647339e7ca46ddb9236076836a3597d7804 linux-cloud-tools-common_4.4.0-266.300_all.deb 143f8467829a8c2898f563aa7204b658246bd085 linux-cloud-tools-generic_4.4.0.266.300_amd64.deb 9a072e324ed203c8a3980f13509368b2ef59ccd4 linux-cloud-tools-lowlatency_4.4.0.266.300_amd64.deb 2345e068e424c650f9215d3572579f50c6389e12 linux-crashdump_4.4.0.266.300_amd64.deb e599d8a67581bc9a7f72be3c42fd24cdf3ae4526 linux-doc_4.4.0-266.300_all.deb 54b18ba7897216f1de8360090b5d40026075724e linux-generic_4.4.0.266.300_amd64.deb 0e4aab8743ed9590a1797f2186ccb5f0127b896d linux-headers-4.4.0-266-tuxcare.els37_4.4.0-266.300_all.deb 5caf79885d4607db5811a207e16ac83c856421d7 linux-headers-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb c6166bfea56dfa9430bdb9d8a6f4c8aee78a6ed4 linux-headers-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 92598ab099a248ac4b145dae664c3ed765802477 linux-headers-generic_4.4.0.266.300_amd64.deb 7794e1d1f9e6f0c3dc1e6b2a117c4815abb438c2 linux-headers-lowlatency_4.4.0.266.300_amd64.deb 10b53044ec465c9365ec7cda43b54c158e71c04e linux-image-generic_4.4.0.266.300_amd64.deb 6324ff9da03edfe17917b98466a827bb71f00814 linux-image-lowlatency_4.4.0.266.300_amd64.deb c67ccede277e8517dfa7532987fd7bd9a7fd48dd linux-image-unsigned-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb d72295f3f65ad4a127da753e9c40f641d102b95f linux-image-unsigned-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 143dac9addcb26f7b22d2cd8341e994702e6211a linux-libc-dev_4.4.0-266.300_amd64.deb 5ac2f358d0ba5ed50c106d3a41ed760ad2a5e2fc linux-lowlatency_4.4.0.266.300_amd64.deb 9c80e8de1d5c9e74ffea442b02909464885026ac linux-modules-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb 7b6c0c265d9544185cf4aeba5de7858cf150e2ac linux-modules-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb df1d6733ad248325e2cbb2a6eb012732937ee439 linux-modules-extra-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb a986aedd6a85fdd308ec1e6f27a5f0d74634d34b linux-source_4.4.0.266.300_all.deb a970346ddbe22a8f55917e3409c3c2ccc6d296f7 linux-source-4.4.0_4.4.0-266.300_all.deb 63dd6bb1c2b7451ffd608aefd4aece223a27dbf8 linux-tools-4.4.0-266-tuxcare.els37_4.4.0-266.300_amd64.deb 2190fba2e973f16abaf9596e05c62f1bc0f5185f linux-tools-4.4.0-266-tuxcare.els37-generic_4.4.0-266.300_amd64.deb fc297854ca52c8e36d79cd372524b2bbe5f984ad linux-tools-4.4.0-266-tuxcare.els37-lowlatency_4.4.0-266.300_amd64.deb 8433a20143f14bd1e6ffded6aed5a0bf7656a09d linux-tools-common_4.4.0-266.300_all.deb 8f614c7bae12162556acff9115b06f23f52d1005 linux-tools-generic_4.4.0.266.300_amd64.deb 189b2cbad318eaf345bd5e62e8e48381ff1e90b2 linux-tools-host_4.4.0-266.300_all.deb 3694a38d8899d0c0719d576b9c4a0a0196c0f08d linux-tools-lowlatency_4.4.0.266.300_amd64.deb d003bc74ffe4f4c29b8daea460c27d3200920a2a CLSA-2024:1729193061 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2024-09-10: - Updated microcodes: sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216 sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 * SECURITY UPDATE: - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2024-09-10: - Updated microcodes: sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216 sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 * SECURITY UPDATE: - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103

0 tuxcare-ubuntu16.04-els intel-microcode_3.20240910.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 8c857ce18cd2cc52d079edb7d2cb8f0ec0e9d8fd CLSA-2024:1729193618 TuxCare License Agreement 0 * SECURITY UPDATE: prevent heap-buffer overflow in typeahead buffer flushing - debian/patches/CVE-2024-43802.patch: fix heap-buffer-overflow in ins_typebuf() by validating enough space left when flushing typeahead buffer - CVE-2024-43802 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: prevent heap-buffer overflow in typeahead buffer flushing - debian/patches/CVE-2024-43802.patch: fix heap-buffer-overflow in ins_typebuf() by validating enough space left when flushing typeahead buffer - CVE-2024-43802

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 8b2b4c1943a1a1a36a62838744dfc93f56b140ab vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 332a2cf05ad19e60c42ed6ed2b8639b0399a71c0 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 3b1a7ef1b8f0af93310a7bed0a74016cebbb5a73 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 24154cd7668a514cf4d0c33132700e59c2ba5b87 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els51_all.deb bc4f3656e9971afe6180961eee8817f2dcb7ff45 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 6d3370126f88fb965c5b8450fda4fee2606a1137 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb ff4fc6dcd0617ed8250db0685341006dd6aba646 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 54ffbb4509d94a29c77b046a47ef0b28bfb0662e vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 9c22e294c5262b9e9fe8c3c7586b1230c8a60086 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 2529ad9311ffcf2c3e1557396c0eb335bda9e9eb vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb d15b94795ea0ffc603f8a9bcbd89d63ebae7ff13 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els51_all.deb 027c4733ef9a36f924427e85fb77238d0f5ccffa vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb c4ac792a00cb1794dc3a67cb51759e5e30a1d72d vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 9106493be1fc88f55d600f9132879c8d66c8342f vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els51_all.deb f6f45118319bbfd42eece192858ffad8b511b827 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els51_amd64.deb 93e4c000c5e8886b297eff956001e6b0ccc2de7a CLSA-2024:1729626893 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2024-8927.patch: Fix bypass of cgi.force_redirect configuration - CVE-2024-8927 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2024-8927.patch: Fix bypass of cgi.force_redirect configuration - CVE-2024-8927

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 4d242ef809b4bbb5592e81aad2657649e1158e5a libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 7e4e4417f438384b335a2f19e22446997284ee34 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_all.deb ff632c087e652c7ad5702c55742096837d7ee6fb php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 65118b68d5f72d9514c9081a98b28a5f74b5ce64 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb b55c73744b18911437c08523ccc5fe9242952939 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 38375122ade59c851599d56cdd9b9a386dc508d5 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 93977e6b2dfb23a8b03fc447b0d9ca7884a99969 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb f0f480c7496ae321095316bc53914b0a3ee1b093 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 304712b8f9d61ed69444b706d1a65cb35c5896ab php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb eda52226b945b86ecf3b7f51bd0e3dd2516a3a9f php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 59ff97c8234adeafd3ce1cc69ea7ca0e7be505cd php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb c72a934bb4692daa5daf6b2f3bd20f1d2d8b8fe9 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 96e65bbb33700c5383cd1139060f322c55b6e17d php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb e5b7f605265d7cafe5a67d6678d374b83e7266af php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 31c81d6ec37c59967f6149cfb196d7b3459f6b08 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb dea1e170205e266d8061521e8f6293843a4b29e5 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 183d158eb41d330ab95474fb15509e9fd962caa1 php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb f84697d7462c411bbc0cd3093d231653ee0bcdf8 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 649cf036f0c1cefa87379e8192d938b7d131da57 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 06b4b82a38300e83e2cd33183308318885228d6a php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb adbde94002fb9d4b198009e7d7e6b84809bb01ff php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb bf37b4649c461e466887858b904722484a4cd86d php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb a1ab4a7eceafa5fb8594979c6ef73858e85687da php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb b6efbb39d341d74b933f8d09da728a085b8d269b php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 854e2dada3020133a466765e8a021ba2b676c227 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 00068c4d3d6f5b02fc69fa5c677ccfcc4182749f php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 179772b5f084ee40518466f6b11f6284673c65c8 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 12e0420bc674c888bfde71d2e30a1bad6609a27b php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 1fcb23ebbd95536c1cfc0e5fd7f20f5a6c8968b1 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb a03f56d15bfbca9245b71970992dbec02c5e7e40 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 8c999c40d638535fa30fee1af343e4c4689c5351 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb af6954ae5420b6b507523c576445b3033b5e9f2e php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 168927070978edb7fec2e9b42d0bd89648841a99 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 1ca436a66b26752fc7e56ae58ce646d973a1c2a8 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb c31daf59bb9332b68a76f6e37d247541580da799 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb c618a25c1cfe978cfc141d5c00affcbf3187f421 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb bd1201ce6ff7f2ab49d47f83e8f2228d796d23d6 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_all.deb d03978f15abb1a8bd4663db86e20221a91d77d94 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els11_amd64.deb 345d888cd04614b8d66ce2e0e6256ced5618e6f9 CLSA-2024:1729627193 TuxCare License Agreement 0 * SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - CVE-2023-27043 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - CVE-2023-27043

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_all.deb 03984a9a9e9b0a4d21d2015a66199c0a4904f04f libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb 813c790f5d098333d4ab6393d6bcf915a35c8d0e libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb f883c1e9014cb1fe5e87d707ccbb1d1ae0de5680 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb c8b78f0988092d5a9e2c05346f6c780bfe7eb5f0 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb d61b93970b88d11911fe7773568281c2acaa59db libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_all.deb 369480e220d95312665cadd8f48028088992b76c python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb a7d3e0af9ef47439d5a9a2e25480405d0fd8a0ec python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb c590d5fdbbc2ddaec34e67d1aea544e99dbe2628 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_all.deb 134817052081cd80751e9cf05965e44f64825e4b python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_all.deb f52c42a82c91c1a029367c54f062e89e92d2381d python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els15_amd64.deb 7976bca35d72f7fdad6679805fc653ba6b119133 CLSA-2024:1729627400 TuxCare License Agreement 0 * SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - debian/patches/fix-urllib2-test.patch: Fix error in test_issue16464() by rewriting it with a local HTTP server instead of an external resource - CVE-2023-27043 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - debian/patches/fix-urllib2-test.patch: Fix error in test_issue16464() by rewriting it with a local HTTP server instead of an external resource - CVE-2023-27043

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_all.deb 46118c356676ed3d7649e30b661fe786b9d0d3fb libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb ff7d6e7da7858d965d5eba1bf6f82bf0cee6ef13 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb 26de22a7bafbde1a29452a862a47a6137fe59821 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb c814a7868f58a0aabd5d1e38a8b7d228f7c81bfe libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb c9a3d280caa0bb06d99cae21463efe8cc828edb4 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_all.deb fef76ad2ef943b92e2cccd4bfea2f7356975a504 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb 2f578737e3d4912bc69bb61d4624b51913c29052 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb 89ef99a766e14be5819481232c8cbf263c5979a5 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_all.deb ca63166563b03ea42e05f8019fbe9b7a581d77d2 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_all.deb 1c7adf9d010ec46b3d46337d3c0265be4abe0667 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb 20726f43bd2b7c57070dd050441ca8f7c952d449 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els15_amd64.deb dd1f651bd1ff0a71da07fa7dc88b92516d2bcd07 CLSA-2024:1730133086 TuxCare License Agreement 0 * SECURITY UPDATE: use-after-free in alist_add() - debian/patches/CVE-2024-43374.patch: lock the current window so that the reference to the argument list remains valid - CVE-2024-43374 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use-after-free in alist_add() - debian/patches/CVE-2024-43374.patch: lock the current window so that the reference to the argument list remains valid - CVE-2024-43374

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 59458639a4bc41fa93788b48464c934cbb11cf46 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb f7a99e7d91689bb5e657510266327d2c49b3bbbe vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 81ccd780c6b1bf53b1442083922a61121611bd53 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 93dcaee2fa8555510f30720de85acdaecd5a7b09 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els52_all.deb fa9628b2040656f849955fc533895bfdee4a411e vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 8d3b683bf500d30eb21524bd8a12a7a8e695c658 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 847f08ac670c6e17e23a19236f45abc6847ef064 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 3aa66d6c274f98231d6d68a75717d9fef84d32cc vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 58ed29f2eda71dae1605b4969cd8c5c7868a53ce vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 13ea350c31fe1989424970f826d93f739becc638 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 07bdff7edf1666797c011b565477a6d7e8e64c56 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els52_all.deb 89cbc2b5e7c78a708c672d15568e710d98bcf3ce vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 9ecfed0bc67f768ea827e8656e8b428f82d1809d vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 688e79f147788ac50ea3f02eb5c42c5f2cf1e9bc vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els52_all.deb 44fc4c8aa2aae9913e698d881cf3e649f64b4cac vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els52_amd64.deb 23a10637799e697dce89843ccadb9db498f5726b CLSA-2024:1730227099 TuxCare License Agreement 0 * SECURITY UPDATE: prevent erroneous parsing - debian/patches/CVE-2024-8925.patch: limit multipart/form-data boundaries size to prevent erroneous parsing - CVE-2024-8925 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: prevent erroneous parsing - debian/patches/CVE-2024-8925.patch: limit multipart/form-data boundaries size to prevent erroneous parsing - CVE-2024-8925

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 10c5f60bc68c66cbe4f994d65718beca484a6efc libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 44e288df19211dc950bbe91953e0081679fe7553 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_all.deb 73689a32256b4d1d90e82eda0dbf2d2238e98139 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb f497ff558aafad26578027ea9e5ddc5b71471f9f php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 079cfba777258c36b280522ce02acb326e3a1b0b php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 484b6f586799f769e93e191a5b191558efafe387 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb e21c4f4938e107743b4a7d23ebf4be99743c9717 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb df6bb353ab97dbbe29370d723daaa85288ca7d98 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 3de57e223d76f85b5c25b5c0956880e2be2f6728 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 14199d24bfa8ed29bfc0eb4eb9fda764d6406624 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 9ea436b37c0d61a0e44fc1cf4e73e7ea15282665 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb b9dd0b1522f9ccdfc58c858082207afa1817900b php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb e3634c0fee7b002fae0781ae51c3dfd72767e924 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb ff94dd79b237c73f6efac5b48da95d78ab78a703 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 64f5809ad792b1fb3a595e32f0a27beb96cb4f7f php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 1da3940c4aca549df1361f73eb1afe3efac2fd07 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 901a0ad532ef99386ec7a84e37f2ff9152bf4c6c php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb f481f79707579313c8dc07c05aad34a69f4b65f3 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 6389d2cb10db8632aff527f57b4c39c02889ce18 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb b48a7e044fba58eb2f0bc64a5a3766f5e59112f8 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 7582ba37e367bb188ae908f9f5f81641d7f83c05 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 9c84233473ae24b6b2c694fafb974472fe201ddb php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb db2a7dfe9a60babb3da8fe1f339d443ab3e835e7 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 9c49b8a35cc946e8def68bcbc54af7de4eee5dd8 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb d349acaaceee50f0215aaf360e2f2f580d0491dc php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb e61505950bcb3dc290104b5d4717583dffef0d42 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb cbb7d6207ebaf053ed20e1d37f8d88cd9f0be380 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 4305e8d5ee51187cf229aa7ca1a51977e4c3ce18 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb a7a8a54d28086efb0f900582f083bfd038855340 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 7697a528982f793ca97de5c43054def898c6ca0b php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 56beb3cb7ccd3f9eab6a4da13d4dd6428c63d291 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 4b82e202a4ade0d59517af079292ba17740b019f php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 6bdf8011d61a66053f10188729b23b5bb64a124f php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 9cc9a8444126757d63c85a22efe78040e9a99c0d php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 372f89b30751adb3190f109fe530b842d43e049b php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 5e71c1034d8add72454d51b45b816e72cb4bce58 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb 689de2a41a08ac01144bf36bb5c484528818a802 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_all.deb faae99ef32f9fe0c03356ed665f08fcaf00352ba php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els12_amd64.deb ac113a874f062d629166092724c54f26db970838 CLSA-2024:1730478623 TuxCare License Agreement 0 * SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347

0 tuxcare-ubuntu16.04-els nginx_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_all.deb edd0b832e710b156a7a73a568ea31920adf374f7 nginx-common_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_all.deb d855178d9af4e8cc82d842e9d504b615cf1aa70c nginx-core_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_amd64.deb 90a2a66f043d8fc7cf1d675ce727a0140d30ec9f nginx-doc_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_all.deb 5e407870112dde49b3ac1ce35d27fdcc8b490091 nginx-extras_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_amd64.deb 5245bffadfbfb3c017eb313eb0227f8751933bdb nginx-full_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_amd64.deb c02a814527f1ef940ca6c0cc7dc2309f02205d5f nginx-light_1.10.3-0ubuntu0.16.04.8+tuxcare.els5_amd64.deb e7ebc5322e47f4ba327cab2e8e7545f208310e0e CLSA-2024:1730916673 TuxCare License Agreement 0 * Update ca-certificates database to 20240823: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.69. - The following certificates were updated: # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - The following certificates were removed: # Certificate "Security Communication Root CA" # Certificate "Autoridad de Certificacion Firmaprofesional" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "E-Tugra Global Root CA ECC v3" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20240823: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.69. - The following certificates were updated: # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - The following certificates were removed: # Certificate "Security Communication Root CA" # Certificate "Autoridad de Certificacion Firmaprofesional" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "E-Tugra Global Root CA ECC v3"

0 tuxcare-ubuntu16.04-els ca-certificates_20240823~16.04.1ubuntu0.1+tuxcare.els1_all.deb 4dbc370168d046ddcdafde4153c605b797567fa0 CLSA-2024:1730919625 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflow vulnerability in gem-private.h - debian/patches/CVE-2020-27773.patch: fix gamma calculation to prevent division by zero in ConvertLuvToXYZ function - CVE-2020-27773 * SECURITY UPDATE: Undefined behaviour in quantum.h - debian/patches/CVE-2020-27775.patch: fix PowEvaluateOperator to handle negative pixel values correctly - CVE-2020-27775 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflow vulnerability in gem-private.h - debian/patches/CVE-2020-27773.patch: fix gamma calculation to prevent division by zero in ConvertLuvToXYZ function - CVE-2020-27773 * SECURITY UPDATE: Undefined behaviour in quantum.h - debian/patches/CVE-2020-27775.patch: fix PowEvaluateOperator to handle negative pixel values correctly - CVE-2020-27775

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb f179a791283544bbb24fcde7ba04e0980f2317e7 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb d069380c4c183f6c6a04e1e3cc6c90e4dd5c309c imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 797e9a9702438b861d166907097ba683ab5bf805 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 4456361ed340ffe11e4d97ca13ec02814eb4dec0 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb f0252135e3c53cd356e7792931cb63660d196c2a libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 36bd5cd07b8af5938b17961f50510d880459d5f5 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 1523081feb68265f372ca335b97119b20a1fc3e7 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 482386717da968c27e71f62ce50a4aeae9afb40f libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 8b9dd9e1832db1454e8f382ddb18ceaff809270e libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 021697712b04be81f643c9d5beae26be1abaf784 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 8e78a1172e52eb5593bd4a4fcf56a69e72e79246 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 90fc85a09ee49c07b25ef084c6a6c8aaa48fab81 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb fde6fcbe77cebf42bbe1e84ccdb6d1d9f7b1fd28 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 520bc0d0cd06323ec87a14042f3b9bd85ace5606 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 5f07d5a7033921c2fc0eedc2fb4aee6394b73f99 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 4d3204dc969d33c857dbc1b6201d054b6a957822 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 4aadbf6599a2259e48b7515f265f262ff098b765 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 106121c111eb0f21309e76406d7ef1fb76dee592 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els11_amd64.deb 8b3b326d64fe8f610c6e626b0d369a5ca13c18ce libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 7aa2036e2a039c6af025ce3ec3086ebfbc31340f perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els11_all.deb 1bb931c63653027fc70404652d58e22d372523c1 CLSA-2024:1731341580 TuxCare License Agreement 0 * SECURITY UPDATE: Potential overflow in IntensityCompare() function in quantize.c - debian/patches/CVE-2020-27754.patch: fix pixel intensity comparison in quantize.c to avoid integer overflow - debian/patches/CVE-2020-27759.patch: fix IntensityCompare function to correctly calculate intensity difference - CVE-2020-27754 - CVE-2002-27759 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Potential overflow in IntensityCompare() function in quantize.c - debian/patches/CVE-2020-27754.patch: fix pixel intensity comparison in quantize.c to avoid integer overflow - debian/patches/CVE-2020-27759.patch: fix IntensityCompare function to correctly calculate intensity difference - CVE-2020-27754 - CVE-2002-27759

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb 064581629aa0dc8b3b38ddead868317fa323bae5 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb 3b4556d261fe9523e554327477a542ea238f89e5 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 1f12cf270a84fe9333e63020754afdae5e5b1190 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb b0468a7b6290da57a70ff9b9504516b76dd4cbec libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 6abd4d80bce911881df1d84c0e4b3dcc8628b9f6 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb af9237a27a30e63db8f960b6a868f18c89cd3106 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 44db52cd0f20c86d93e1a3de28cb5bbf3fbd14e7 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb d48612bab1ec86f0830283c01769644896350b0a libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb 211d5130dbed52733b1ecc5338b1260d7369ed56 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 00d19706a2b21ee77ac216969d30280cfc255921 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb a6fb80a5334b838e8ebf2bbf6512d642c54900a3 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 5acbb445e02ad02741f031b601ae8b84cf99aee0 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb eb9ea750f89574175502ccfa3e78bc7dc4730714 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb 634e821ecc9be13388badac010e4d817c7dd63ef libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb f4a4abb0fd784fcf21e6fb909bf8e7b45670f181 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 464d67319c715ddbb88dbe05cc74c399242847a5 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb b436bc0462b8fe010a6d586159cb9236645dbc03 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb 28c7e92afbddfa882d043d90895546de82ddea41 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els12_amd64.deb 0d08c4c00b06c6d701cb670d0935770133c7f0ab libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 0aad9428a1c0b06a388eda545f1607f748886be0 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els12_all.deb 24b91270427407cd814bf27999bba94ecbe713d7 CLSA-2024:1731343085 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflow vulnerability in bmp.c - debian/patches/CVE-2020-27772.patch: fix integer overflow causing incorrect color primary values in BMP image encoding - CVE-2020-27772 - debian/patches/fix-cast-to-ssize_t-always-resulting-in-zero.patch: Fix cast to ssize_t always resulting in zero with bounds checking and fallback Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflow vulnerability in bmp.c - debian/patches/CVE-2020-27772.patch: fix integer overflow causing incorrect color primary values in BMP image encoding - CVE-2020-27772 - debian/patches/fix-cast-to-ssize_t-always-resulting-in-zero.patch: Fix cast to ssize_t always resulting in zero with bounds checking and fallback

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb aea4d73852fb4fd9844166d03d6098d244b954d1 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb aa7971f47a9f95c15f9c55e1a75fbe5ab98cfaec imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb ee62bc60f594188c97ea205612fbbfd2c0dabc75 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb 2010c77c1b97b4a23af9dcdda64766bd48eb74a4 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb b0874cc2de0847155630ca987dfeb247a2e32458 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb f501b8f792a2179592c2c1199d1159a9e4c1d19a libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb de4a96c85d3d719733f3eb64bdf174b12fad77c4 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb f81ce7ca827775d154b874824be2b4fcd3c21ee1 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb d2118715084701eb5ee460bf0dbbba4a96d28cd2 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb 975515ea50bdc7266e10ecea9b272c8f5504ff33 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb 7f14e40a4f6e8fa05ea41897d3883ead06c706d9 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb 15daf1b75ca317aea21afa803f7fdbdef2cd8340 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb 2c542ce7208c975644d6772c6c027667dbc49488 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb abdb9d3447e26f2b324cbc211ab7d0c9faef027e libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb 2e1f3862dc4050417c0b3de67f9b15d26f7f51d6 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb c8e14cd5020e2d279be5a4157d83f1ae19055600 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb 3be4650959b31b8624ffe92963b527ef61df83cb libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb 03bcc8ebf495f96385d99e455004f3536b2431d3 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els13_amd64.deb 74c9a24ed6050f1038d2ff08999205663957e963 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb 07715dbf6fe3c8df2e0ff8a4cc0c2c23a7e0c790 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els13_all.deb f1e149f8756a88d134af84ee118c0868d0c76307 CLSA-2024:1731344359 TuxCare License Agreement 0 * SECURITY UPDATE: Division by zero vulnerability - debian/patches/CVE-2020-27763.patch: Fix window function scaling in resize.c to avoid division on every filter call - CVE-2020-27763 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Division by zero vulnerability - debian/patches/CVE-2020-27763.patch: Fix window function scaling in resize.c to avoid division on every filter call - CVE-2020-27763

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 004cbe9592e6ba3029a9127e5ef22a0c65d05a8a imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 1c59964695713b43a67c7649e8ca698b5e710ea2 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 65efada7a3c936b8cc5e507fee99177f4995605a imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 16921f4a9b570bb4c2baff614114833f53210ac9 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 1f89578493b864712966704d6ce9726d1c092fa5 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 5dec46dbb54b567b487722c28ca30396aa08c690 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 3aba9a836ce4ff105efd4c49d0b9eed2e119adb3 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 910d2d52d3418fe061fa19e42686d2af9f098d8e libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb a5bdc0c2434e5ee3f572b3c99ea1c8448d374ab2 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 1f6d69741039cafa4c1be2d9f51e1ff766713dcc libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb bd15f4d745cf2591b2110ec94c2e37ba10c67c30 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 5595393e6b268f3dfcd57cfa679f0510c12c59c9 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 115a94b5b599a2ed30601cfec9fc498cf75346b2 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 91556dc534ad74a203c3ab337e8de51b840b27fd libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 717d596177d2c4f12427f2587384a6b584d94cb8 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb a760090b7749482b46bbab27e521d87d3b748f7d libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb e462f21403aa8a05b4e9a64759fa1b8ad86f0e44 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb ca6ce7a78b3596120da2a49dd50356989f511f0a libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els14_amd64.deb 3a1471aa0f0ee554f03ad4a373217b0cd9c3096e libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb 47983a064f75ec0a41853c1111691fbd7354ef51 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els14_all.deb a33d8d74088216de97c7bcd9e671de9742f48bdf CLSA-2024:1731432257 TuxCare License Agreement 0 * SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els5_amd64.deb b8999e99674805e11c7baa8607ae6485e9cb1cd0 git-all_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 3b93dee48c70a6fcc40e0500a9804e93926d595e git-arch_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 917af929d4a0efebe36cb68427e8ee260b5c5dc8 git-core_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb f40d22a3e982ed041372b4d2e47fa3b8a3eb18df git-cvs_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 5a020bad02d804463327cc22ea2464c59a0398bd git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb a5fc7b9d19578cb692b410d7b81a03c31ddeadab git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 88b06b52d515ac12f0c603f98cd4cbbe212c6b43 git-doc_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 3bb0f0079bff01ef0cd8c62343cf687fd675daf4 git-el_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb b246c68ee16417f91ab0121cbb0e39a666f06003 git-email_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb ce226b91f864e113854d60e122674df5684df679 git-gui_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb e96d56ab062767ef40e98da81ba53c74bd3accca git-man_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb d186dbe372d3cd4929103e2f710b28017d66cc32 git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 4a23aee70b41c58bce10bbe628b81f68e0084ad3 git-svn_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 434380ad65f38a24e16775683782bf34809cb7d0 gitk_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 3ed48cb2e10f8b95bd1eeb6325ee67083c5a477a gitweb_2.7.4-0ubuntu1.10+tuxcare.els5_all.deb 884390343152cbaccdfbdb616ccf93eae6d7d2e1 CLSA-2024:1731523206 TuxCare License Agreement 0 * SECURITY UPDATE: Fix race condition when hardlinking file from the source repository into the destination file in the target repository. - debian/patches/CVE-2024-32021.patch: builtin/clone: abort when hardlinked source and target file differ - CVE-2024-32021 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix race condition when hardlinking file from the source repository into the destination file in the target repository. - debian/patches/CVE-2024-32021.patch: builtin/clone: abort when hardlinked source and target file differ - CVE-2024-32021

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els6_amd64.deb b5a207be97af441556a6e0649b2a9858a050b08e git-all_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 42f9f148d4d070fae9a929d2eb95fda1fd703661 git-arch_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 29a35911050afac4240b26be9fb3725ae0370308 git-core_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb c90b05eb5be7f607caf5028c6006ce6daf786c31 git-cvs_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 54a8c0ae2f809379eab80337fa05532f6809f943 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 597d796090bd3b40496f038a7d1e8d4c16bcdb91 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 06156cce1acebdeddbc743f373ad495879970e32 git-doc_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 6f020ccc414fa899ecd78b4ebd6066bb0700dd85 git-el_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 686ce90ecbc22450e5065be41fb35c24c2c67b41 git-email_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb dc2e575b7d695ae39adec70c960d4ca93a1a9c32 git-gui_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 23dfa62e40be7301d891fe8bd63441395c034c2e git-man_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 711c296d84b2d6e63d5d924f42dc175f372f587a git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 303183e508e4f8115b8ed71386e8cbeed5c5bf10 git-svn_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 584802603d33809d92dcd068015162306e628351 gitk_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 9a8aff2cfcb0f93488ca70128d0dd8074c70d330 gitweb_2.7.4-0ubuntu1.10+tuxcare.els6_all.deb 81aea8609a74b8189a6df4c4afd528dbac2c6620 CLSA-2024:1731523487 TuxCare License Agreement 0 * SECURITY UPDATE: Improper type casting in calculation in palm.c could lead to undefined behavior in processing input file - debian/patches/CVE-2020-27761.patch: fix color calculation issue that caused incorrect output when writing PALM images - CVE-2020-27761 * SECURITY UPDATE: Negative Quantum value handling issue in quantum-private.h - debian/patches/CVE-2020-27757.patch: fix improper handling of negative Quantum values - CVE-2020-27757 * SECURITY UPDATE: Excessive shifting overflow in quantum-export.c - debian/patches/CVE-2020-27751.patch: fix shift exponent being too large for 64-bit type in scaling function - CVE-2020-27751 * SECURITY UPDATE: Unsigned int type range issue at quantum-private.h - debian/patches/CVE-2020-27768.patch: fix incorrect checking of Quantum in quantum-private.h scaling functions - CVE-2020-27768 * SECURITY UPDATE: Unsigned char overflow in RestoreMSCWarning() - debian/patches/CVE-2020-27771.patch: fix incorrect casting of GetPixelIndex causing overflow - CVE-2020-27771 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper type casting in calculation in palm.c could lead to undefined behavior in processing input file - debian/patches/CVE-2020-27761.patch: fix color calculation issue that caused incorrect output when writing PALM images - CVE-2020-27761 * SECURITY UPDATE: Negative Quantum value handling issue in quantum-private.h - debian/patches/CVE-2020-27757.patch: fix improper handling of negative Quantum values - CVE-2020-27757 * SECURITY UPDATE: Excessive shifting overflow in quantum-export.c - debian/patches/CVE-2020-27751.patch: fix shift exponent being too large for 64-bit type in scaling function - CVE-2020-27751 * SECURITY UPDATE: Unsigned int type range issue at quantum-private.h - debian/patches/CVE-2020-27768.patch: fix incorrect checking of Quantum in quantum-private.h scaling functions - CVE-2020-27768 * SECURITY UPDATE: Unsigned char overflow in RestoreMSCWarning() - debian/patches/CVE-2020-27771.patch: fix incorrect casting of GetPixelIndex causing overflow - CVE-2020-27771

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb e28dc401dd176e9cce5f343b2b1d1436feeb90d5 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 24bc5e46e62d1eacd3ae630eeec99af3af676997 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 3fe06b1d722ec7c44c7ad88dfde63790e7f5f95d imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 7b774c58bc44f3211d0d65f2668fc01c2e4ea4a7 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 421c32a4849ce0d0e410687daedfd081f8a51271 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 0cf4a8e1b5fb0ec28df1b41aba8df7908748d89d libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 5064765aafe6adcb31f59066eabc552d8acb5bff libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 3dd5573ba627d0a1770e51e6a7e38f40bdc191a0 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 7da557a062ce5441d2a013547477881231a102ed libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 66b6e7767049ed1dff5f866393b803443537dbbc libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb e1da773d2a2f7db759c20e5b1880271ac48404a1 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 867a2038f3d59a6a514ba6555566731a4f103cb7 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 3d492fe3a638603b9d555bc45eb0e90fd931a6df libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb b524cb0999add44d72b401f8bfa072593cdacc24 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 5b3c4100934997b07b3549a4cefe6df2d4a72d83 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb eb54415ea25091d8b2aa1e085a498f506adc25ba libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb a5ca1151ebe1466126c8f8ae62763b3961f3cd04 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 5e679441325746112165d5deb43905927d7b0a24 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els15_amd64.deb 8cc087fb3de9a85fef60fab98bbd865f6329f197 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb d0193853d4251c2fcc63bf71d42426cac8e2764e perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els15_all.deb 9f9aac2ad4d3394d039b1cc0449d633f2d9e9734 CLSA-2024:1731524667 TuxCare License Agreement 0 * SECURITY UPDATE: Memory leak due to incorrect image depth size check - debian/patches/CVE-2020-27755.patch: Fix image depth not supported error by setting depth to 8 if it is 0 and to maximum size if it exceeds limit - CVE-2020-27755 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Memory leak due to incorrect image depth size check - debian/patches/CVE-2020-27755.patch: Fix image depth not supported error by setting depth to 8 if it is 0 and to maximum size if it exceeds limit - CVE-2020-27755

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb 64b4ab51205f50142361ca9ad72ce659dbf8b7a9 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb 3df9572badb2f08f5084fa5eb1c3e9f44b711d5e imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb 5019b274f53c4651d44ed41e2d60c1f8db039f54 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb 355ad65d84121a169a7767f5b1795bc3ae211fe7 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb c85a01f63771b635eeec89361abe45e22508fcdf libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb 3941663838a7382d3b2892f86862f3c67918bf63 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb 2d3e52bce8326e33c25d7417e4b8906e828bc3c4 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb f44e9ebc5244b683e8ce6311f4ead09f372e366a libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb 4be0a04caec4005c8800274eb6eb5b029622aa3f libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb b7948b700bc35484de26db4d21b14a11b389dc8f libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb a4341b2020c18125916c4b3a84a06dc4b0a159e9 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb 27e5f5c143f91be24185602f186dc84e4bb4ebe7 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb cbefbe98752d8e5feac279e0240d329a154f45dc libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb e3a70771978ea1dbae1d89ce90cd4f523c60c9cf libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb 4eafcd18a5811160633662cabc07ed09cf151a98 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb ecaa71006d08d7affd8e824239d502169427483d libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb c348bf7ab7b0e863a332455538bc43182b30144f libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb 467d42db3466df717f13cc3b5933d34bb9a9e7ff libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els16_amd64.deb f7a9c917cd44b4f1c2c3af8a59f67f435d3ff9cc libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb 556588f607cd02818d62597116143c6a654e21ad perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els16_all.deb 5397981cab55b27ad1397aefaf0e8cca3cdc0254 CLSA-2024:1731599555 TuxCare License Agreement 0 * SECURITY UPDATE: gettext machinery might get auto-initialized using an unintended locale directory - debian/patches/CVE-2023-25815.patch: avoid using gettext if the locale dir is not present - CVE-2023-25815 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: gettext machinery might get auto-initialized using an unintended locale directory - debian/patches/CVE-2023-25815.patch: avoid using gettext if the locale dir is not present - CVE-2023-25815

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els7_amd64.deb e68e884f11ea3f82e73cdb61ecee1b01b2fb0edd git-all_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 08c68c3fb645a603bde2c64969f626c9275dc6e2 git-arch_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb aa9b00b6424d9c03200ee76abd34e787c01a3db8 git-core_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 806513b80b92c32cf405b4a8954e6ef02c1a5a31 git-cvs_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb febedc084cb74b83dbdf0c9689eb935ab6736916 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 76fb0643806d7057c948d0116f42d1aedd3fb647 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 3517da7eaa6dfbc4b91b7b4da18aec212216c16c git-doc_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb e2ebfb33bfd946048b85c3c5bface4d780167615 git-el_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb caa82ce9c3fb5f05d3b944a2e5cf3fe87a5eb88f git-email_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 96436646f6ce40177a3b83ba237b54a6bd29aefd git-gui_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 6c9ee24b851f1f4c70e1c87069c7441500c79d4a git-man_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 0890f40ced8310b685eaebf73c41cdb6184d6cab git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb fe5ac54a2e1d11e9d663a733f0cdaf71d820e98a git-svn_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 185bb2caf386d3e015ebeb377d38ccb1d74b2962 gitk_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb f7d247aa8951aec1fad280228eb97eef805c80d9 gitweb_2.7.4-0ubuntu1.10+tuxcare.els7_all.deb 20c51717fbf44772e0a51b1447504367ffa078de CLSA-2024:1731605761 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49015 - net: hsr: Fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48960 - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48988 - memcg: fix possible use-after-free in memcg_write_event_control() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49029 - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2022-48948 - usb: gadget: uvc: Prevent buffer overflow in setup handler * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48967 - NFC: nci: Bounds check struct nfc_target arrays * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Only have rmmod clear buffers that its events were active in - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2021-3759 - memcg: enable accounting of ipc resources * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - Revert "kernfs: do not account ino_ida allocations to memcg" - Revert "gfp: add __GFP_NOACCOUNT" - memcg: only account kmem allocations marked as __GFP_ACCOUNT - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - usbnet/smsc75xx: silence uninitialized variable warning - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49015 - net: hsr: Fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48960 - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48988 - memcg: fix possible use-after-free in memcg_write_event_control() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49029 - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2022-48948 - usb: gadget: uvc: Prevent buffer overflow in setup handler * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48967 - NFC: nci: Bounds check struct nfc_target arrays * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Only have rmmod clear buffers that its events were active in - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2021-3759 - memcg: enable accounting of ipc resources * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - Revert "kernfs: do not account ino_ida allocations to memcg" - Revert "gfp: add __GFP_NOACCOUNT" - memcg: only account kmem allocations marked as __GFP_ACCOUNT - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - usbnet/smsc75xx: silence uninitialized variable warning - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 2fe59d93c13484d210674dc8e3f159f07a694f62 linux-buildinfo-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 6b9fdf3f5cdd27597db06c544cc404c05ad4e35a linux-cloud-tools-4.4.0-267-tuxcare.els38_4.4.0-267.301_amd64.deb a7bce5f9e61da6e8cef777e1c4bf64f5bafa7efb linux-cloud-tools-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 992f369ae6bb095fc7e10b3f54713f30b609ea92 linux-cloud-tools-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 133d85a732281c194766133e30170b76fe6ffb47 linux-cloud-tools-common_4.4.0-267.301_all.deb d24efd2de28fea9f1067b30c760f37197a561f97 linux-cloud-tools-generic_4.4.0.267.301_amd64.deb c9c09777c54c623bb947f97b273dfd65ad8c8b93 linux-cloud-tools-lowlatency_4.4.0.267.301_amd64.deb 0bec18e51de828787aad40c289261bcc31f802a0 linux-crashdump_4.4.0.267.301_amd64.deb 640993a1e2af2e10433d4b41876ae19936b3c5e8 linux-doc_4.4.0-267.301_all.deb c06f9774b553649282d59665e086108b88690df0 linux-generic_4.4.0.267.301_amd64.deb c921f002f3d12f6b50b61d69650aae4bfcce7cfd linux-headers-4.4.0-267-tuxcare.els38_4.4.0-267.301_all.deb 75a9020d92c06f417af0ad95d7857227acb653ec linux-headers-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb ec3f480900a6735eab0a39e730e8a19523a9fab6 linux-headers-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 9720b5328d5f1aa913ea1af89384a387a039ce09 linux-headers-generic_4.4.0.267.301_amd64.deb c339f276262906c86b962bcc5b5a73c2f1d9c9a7 linux-headers-lowlatency_4.4.0.267.301_amd64.deb 2675a4e70bf357a03c00403f2d9940688bb26f1e linux-image-generic_4.4.0.267.301_amd64.deb 75181cfb6adbdb2fd6050cd8982fe9b6e89dbd7d linux-image-lowlatency_4.4.0.267.301_amd64.deb f9e347454bdd9ac89886a968f63a471e03ca0d41 linux-image-unsigned-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 45863ba31f4f271bbd60d02538e7d13ef0cc1de3 linux-image-unsigned-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 1acab188f5664e68bb9822a1cac2cc801a899021 linux-libc-dev_4.4.0-267.301_amd64.deb e3a72fb0e345c7e7f952ba041153801bf957912f linux-lowlatency_4.4.0.267.301_amd64.deb 478f9482a438de63514978a7aaa7638ec32e1a4b linux-modules-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb adcf8b9ffecfdf94d784e38d8fdfdf71d58e32a4 linux-modules-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb da30e5bbaf0df6690f8db8ed38c5859da82f1636 linux-modules-extra-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 82e8f0463589b41336d182ea44dd02302e0d28ab linux-source_4.4.0.267.301_all.deb f6be39a20de591362f500b90b55882cc6c2456b1 linux-source-4.4.0_4.4.0-267.301_all.deb 04a6f25cd7305968a6bb9e4de3540a653a7a224e linux-tools-4.4.0-267-tuxcare.els38_4.4.0-267.301_amd64.deb eef18fbfea272664532a9333ae966ea71168ade6 linux-tools-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 62e3a039d27f26e8f966bb56e50a6befc13a3a53 linux-tools-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb e6378591980b4a80b7f6036b12f59c755fe0e5be linux-tools-common_4.4.0-267.301_all.deb 6e8e12d067e492395e4d4f14328053d137f465cc linux-tools-generic_4.4.0.267.301_amd64.deb e6251b32279947fac007fc3b3dfbd39396ead01f linux-tools-host_4.4.0-267.301_all.deb 97aa79a9d7079a12b4309f849f2eab0e8bd26546 linux-tools-lowlatency_4.4.0.267.301_amd64.deb b788b83a14cd6f3bb288f3330849b0511ca9152e CLSA-2024:1731606243 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49015 - net: hsr: Fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48960 - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48988 - memcg: fix possible use-after-free in memcg_write_event_control() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49029 - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2022-48948 - usb: gadget: uvc: Prevent buffer overflow in setup handler * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48967 - NFC: nci: Bounds check struct nfc_target arrays * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Only have rmmod clear buffers that its events were active in - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2021-3759 - memcg: enable accounting of ipc resources * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - Revert "kernfs: do not account ino_ida allocations to memcg" - Revert "gfp: add __GFP_NOACCOUNT" - memcg: only account kmem allocations marked as __GFP_ACCOUNT - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - usbnet/smsc75xx: silence uninitialized variable warning - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49015 - net: hsr: Fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48960 - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48988 - memcg: fix possible use-after-free in memcg_write_event_control() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49029 - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2022-48948 - usb: gadget: uvc: Prevent buffer overflow in setup handler * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-48967 - NFC: nci: Bounds check struct nfc_target arrays * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Only have rmmod clear buffers that its events were active in - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2021-3759 - memcg: enable accounting of ipc resources * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - Revert "kernfs: do not account ino_ida allocations to memcg" - Revert "gfp: add __GFP_NOACCOUNT" - memcg: only account kmem allocations marked as __GFP_ACCOUNT - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - usbnet/smsc75xx: silence uninitialized variable warning - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 2fe59d93c13484d210674dc8e3f159f07a694f62 linux-buildinfo-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 6b9fdf3f5cdd27597db06c544cc404c05ad4e35a linux-cloud-tools-4.4.0-267-tuxcare.els38_4.4.0-267.301_amd64.deb a7bce5f9e61da6e8cef777e1c4bf64f5bafa7efb linux-cloud-tools-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 992f369ae6bb095fc7e10b3f54713f30b609ea92 linux-cloud-tools-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 133d85a732281c194766133e30170b76fe6ffb47 linux-cloud-tools-common_4.4.0-267.301_all.deb d24efd2de28fea9f1067b30c760f37197a561f97 linux-cloud-tools-generic_4.4.0.267.301_amd64.deb c9c09777c54c623bb947f97b273dfd65ad8c8b93 linux-cloud-tools-lowlatency_4.4.0.267.301_amd64.deb 0bec18e51de828787aad40c289261bcc31f802a0 linux-crashdump_4.4.0.267.301_amd64.deb 640993a1e2af2e10433d4b41876ae19936b3c5e8 linux-doc_4.4.0-267.301_all.deb c06f9774b553649282d59665e086108b88690df0 linux-generic_4.4.0.267.301_amd64.deb c921f002f3d12f6b50b61d69650aae4bfcce7cfd linux-headers-4.4.0-267-tuxcare.els38_4.4.0-267.301_all.deb 75a9020d92c06f417af0ad95d7857227acb653ec linux-headers-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb ec3f480900a6735eab0a39e730e8a19523a9fab6 linux-headers-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 9720b5328d5f1aa913ea1af89384a387a039ce09 linux-headers-generic_4.4.0.267.301_amd64.deb c339f276262906c86b962bcc5b5a73c2f1d9c9a7 linux-headers-lowlatency_4.4.0.267.301_amd64.deb 2675a4e70bf357a03c00403f2d9940688bb26f1e linux-image-generic_4.4.0.267.301_amd64.deb 75181cfb6adbdb2fd6050cd8982fe9b6e89dbd7d linux-image-lowlatency_4.4.0.267.301_amd64.deb f9e347454bdd9ac89886a968f63a471e03ca0d41 linux-image-unsigned-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 45863ba31f4f271bbd60d02538e7d13ef0cc1de3 linux-image-unsigned-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb 1acab188f5664e68bb9822a1cac2cc801a899021 linux-libc-dev_4.4.0-267.301_amd64.deb e3a72fb0e345c7e7f952ba041153801bf957912f linux-lowlatency_4.4.0.267.301_amd64.deb 478f9482a438de63514978a7aaa7638ec32e1a4b linux-modules-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb adcf8b9ffecfdf94d784e38d8fdfdf71d58e32a4 linux-modules-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb da30e5bbaf0df6690f8db8ed38c5859da82f1636 linux-modules-extra-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 82e8f0463589b41336d182ea44dd02302e0d28ab linux-source_4.4.0.267.301_all.deb f6be39a20de591362f500b90b55882cc6c2456b1 linux-source-4.4.0_4.4.0-267.301_all.deb 04a6f25cd7305968a6bb9e4de3540a653a7a224e linux-tools-4.4.0-267-tuxcare.els38_4.4.0-267.301_amd64.deb eef18fbfea272664532a9333ae966ea71168ade6 linux-tools-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb 62e3a039d27f26e8f966bb56e50a6befc13a3a53 linux-tools-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb e6378591980b4a80b7f6036b12f59c755fe0e5be linux-tools-common_4.4.0-267.301_all.deb 6e8e12d067e492395e4d4f14328053d137f465cc linux-tools-generic_4.4.0.267.301_amd64.deb e6251b32279947fac007fc3b3dfbd39396ead01f linux-tools-host_4.4.0-267.301_all.deb 97aa79a9d7079a12b4309f849f2eab0e8bd26546 linux-tools-lowlatency_4.4.0.267.301_amd64.deb b788b83a14cd6f3bb288f3330849b0511ca9152e CLSA-2024:1731956942 TuxCare License Agreement 0 * SECURITY UPDATE: Undefined behavior in the form of values outside the range of type unsigned long - debian/patches/CVE-2020-27764-and-CVE-2020-27776.patch: Fix outside the range of representable values of type unsigned long - CVE-2020-27764 - CVE-2020-27776 * SECURITY UPDATE: Integer overflow in magick/histogram.c - debian/patches/CVE-2020-25666.patch: Fix integer overflow in HistogramCompare in magick/histogram.c - CVE-2020-25666 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Undefined behavior in the form of values outside the range of type unsigned long - debian/patches/CVE-2020-27764-and-CVE-2020-27776.patch: Fix outside the range of representable values of type unsigned long - CVE-2020-27764 - CVE-2020-27776 * SECURITY UPDATE: Integer overflow in magick/histogram.c - debian/patches/CVE-2020-25666.patch: Fix integer overflow in HistogramCompare in magick/histogram.c - CVE-2020-25666

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb 8b71dd998f95974cc260757fa30f72b278d0b747 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb 1c29e0bc6822dcefe8c52c1e2508833dc9d61ba6 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb beccda1d522ec26920d608836b7babb3cf8f0a3f imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb 1848ed98c892d5500bc75c67fc20d08651e7df76 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb 1e83735465e45540f4dbec57b42fdedfb853d698 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb 662b1e33e8f4d77585bddae502860c85ca76cb4e libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb 1358974085614cb4c6881cd55aacf5891d85492b libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb cf493236d909f2942b568f93d09503ec45bef0a7 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb a90d43e0a153a73bedba470ef90854a9a5bea052 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb b64c5e6299da2037084e455784e0ae829a9f0b5b libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb fc098a50046bc3ac715dd46350a81958184a0b23 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb b95334a576897ffd339d10c19a9cb30965762ac0 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb 970c456cfa9aceb393a02d3befc5db8c3c94aede libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb c517377d43e8dd7fc8c655614ae81ffedb2ebcc1 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb b04fb3a8eb2680c9a69129d3223832c498f38abb libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb 1194e1afa97b05e76ddfbf4554269b6c952eec06 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb d754bdb3e61bf841eaf4e152be67ecbe9c906be7 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb b96870f5bb0b9c52aad249a2b47b62c5e1fe90d9 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els17_amd64.deb f39fcd82c4ef86059e1ec1bdb0b3f4f3f7616e9f libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb 5f6fed94c248efcddcc59619f718d606a95a30ff perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els17_all.deb d5ca33d9e0d61873628ae14e5e718707aa6515aa CLSA-2024:1732196856 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2024-52533.patch: Fix a single byte buffer overflow in connect messages in gsocks4aproxy - CVE-2024-52533 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2024-52533.patch: Fix a single byte buffer overflow in connect messages in gsocks4aproxy - CVE-2024-52533

0 tuxcare-ubuntu16.04-els libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els3_amd64.deb b28195caa18d981e6779b48b49a7313ccc667f40 libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els3_amd64.deb 3ae72dd2abe282430c8c717e368bf5be13168e7c libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els3_amd64.deb 9130f8b2ab4089d5b601580bff2826fae139c343 libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els3_all.deb a6e1c6a72a45caa509721efc5ffc98e04ace9ef5 libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els3_amd64.deb 1bbfeb199b7390b132694d9bc9a524d4f9b1c0e4 libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els3_all.deb 9b3c88f53f7f131f21c624b355ba8ae439576139 libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els3_amd64.deb a886808501831dad31cb252dd6f101fbb62e3d1f CLSA-2024:1732196985 TuxCare License Agreement 0 * SECURITY UPDATE: Division by zero vulnerability in segment.c - debian/patches/CVE-2020-27765.patch: Fix average_tau calculation by multiplying instead of dividing by number_nodes in OptimalTau function to prevent incorrect segmentation output - CVE-2020-27765 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Division by zero vulnerability in segment.c - debian/patches/CVE-2020-27765.patch: Fix average_tau calculation by multiplying instead of dividing by number_nodes in OptimalTau function to prevent incorrect segmentation output - CVE-2020-27765

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb db97630c43c1a8e7e891f183c8b41e61c2055c41 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb f43f2743a32dc7cb25f6e99006b1f42f1910ca55 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb c62d27256091d165471e53bdfdd393a1631488b8 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb fa17d1d8ab30a34724a43e2f8603e23dcf5be80c libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 03f889d1b4366730c93d6cb8529992d7cd311dc6 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb 9e850eb61f1f2081da57d1d63c2968d842d1eff8 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 5c40fc17c8c6dd3f227daab44986f3dc0e0ed8fe libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb 8e5175405cf96cfef70c8ba680ef2280219ba240 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb ba5bb4f3cf2896e893c3e00ef357c6a235559a0a libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 0eeacecf0092e10a63065fee90143da51b76cd77 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb fab0e7ea986d6a1a5f6401291cd2497e13ae7711 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb ad9e91f1b1b92038aaea70f47efc797b36bca039 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb d3ec65cb226767d709463ad9c3eba556dfb3f0b7 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb adfa3d59164d84cecdc84a6734e67371e2f51d91 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb ca3af8d3773a56dc1adabb4365a1a84bef1923ed libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 0f6bd93b388ddf1779da2506ad93fd13ff3b419a libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 0822fd13e5e84993dafd34d8852fcf75ad255244 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb ace220a25df815d2366a274a81c17f7e6058b0ab libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els18_amd64.deb 42d5dab10fe17cad3f2b3dd59bb89cf9968bb5d0 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 15cfae0eb7955f1a5e486bdd17aff1d1b28e20ae perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els18_all.deb 0a46d60fc1f378188add79165150d87eacd716cb CLSA-2024:1732197150 TuxCare License Agreement 0 * Update to 8u432-ga fixing a number of CVEs - CVE-2024-20918: missing array range check in C1 compiler leads to out-of-bounds access - CVE-2024-20919: unverified bytecode execution because of the flaw in JVM class file verifier - CVE-2024-20921: optimization issue of loop range check in IfNode and LoopNode - CVE-2024-20926: execution of arbitrary Java code in Nashorn - CVE-2024-20945: private keys for digital signatures leak to logs - CVE-2024-20952: RSA padding problem, TLS timing side-channel attack - CVE-2024-21011: extended Exception message causing a crash - CVE-2024-21068: Integer overflow in address generation by the C1 compiler - CVE-2024-21085: excessive memory allocation in Pack200 - CVE-2024-21094: "exceeded _node_regs array" C2 compilation error - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: infinite loop vunlerability in SymbolTable - CVE-2024-21140: int overflow/underflow in Range Check Elimination - CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: out-of-bounds access in MaskFill - CVE-2024-21147: out-of-bounds array index in Range Check Elimination - CVE-2024-21208: improper handling of maxHeaderSize in HTTP client - CVE-2024-21210: integer overflow in array indexing in SuperWord - CVE-2024-21217: out-of-memory because of unbounded allocation in MessageFormat - CVE-2024-21235: incorrect range check because of integer conversion error in LoopNode * Update patches - debian/patches/zero-sh.diff Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update to 8u432-ga fixing a number of CVEs - CVE-2024-20918: missing array range check in C1 compiler leads to out-of-bounds access - CVE-2024-20919: unverified bytecode execution because of the flaw in JVM class file verifier - CVE-2024-20921: optimization issue of loop range check in IfNode and LoopNode - CVE-2024-20926: execution of arbitrary Java code in Nashorn - CVE-2024-20945: private keys for digital signatures leak to logs - CVE-2024-20952: RSA padding problem, TLS timing side-channel attack - CVE-2024-21011: extended Exception message causing a crash - CVE-2024-21068: Integer overflow in address generation by the C1 compiler - CVE-2024-21085: excessive memory allocation in Pack200 - CVE-2024-21094: "exceeded _node_regs array" C2 compilation error - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: infinite loop vunlerability in SymbolTable - CVE-2024-21140: int overflow/underflow in Range Check Elimination - CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: out-of-bounds access in MaskFill - CVE-2024-21147: out-of-bounds array index in Range Check Elimination - CVE-2024-21208: improper handling of maxHeaderSize in HTTP client - CVE-2024-21210: integer overflow in array indexing in SuperWord - CVE-2024-21217: out-of-memory because of unbounded allocation in MessageFormat - CVE-2024-21235: incorrect range check because of integer conversion error in LoopNode * Update patches - debian/patches/zero-sh.diff

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 8019cc68a143d24a414da28840b803225c9199a6 openjdk-8-doc_8u432-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 60ea17bd3b212e81e60ee9e37e55d2db9301b9a5 openjdk-8-jdk_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 8ea493842f94fd2d8b392af78f94c668ed0d5ea8 openjdk-8-jdk-headless_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb debcb674b93e41449123d4615f7bb8cdd7c03799 openjdk-8-jre_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb edf78d0a1895bd57c5244d03ebb48a671e4a24d9 openjdk-8-jre-headless_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 199cab9229fdf0aa8c072b0fc725f064f9cbe59a openjdk-8-jre-jamvm_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb e1318066eabdea4885fea81d1cb6318af4d3e371 openjdk-8-jre-zero_8u432-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 472e9a2dea9f43d034974fa9c0705e7caf1409ad openjdk-8-source_8u432-ga-0ubuntu1~16.04+tuxcare.els1_all.deb c10d56bd0a16b900fc25d334bd48f040b094cf33 CLSA-2024:1732555093 TuxCare License Agreement 0 * SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correctly and prevent buffer overflow in quantum- import.c - CVE-2020-27767 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correctly and prevent buffer overflow in quantum- import.c - CVE-2020-27767

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 4714b386e1e13ad5d06a92925e898cb0a60ab1b7 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 169212291eac699588a18812851731f54ec76985 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 7fb11a6a1d60540e355712b2e3ffbe7a9e350949 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 20b2234622592a94e68b991dcf09acd91e948f2d libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 4b72b00a91e8ee430d42cedf76e3d575a7026a61 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 2a077dfe4ad242d1559f1cf09e1f55d7a820c475 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 4f8e494678fa214514ef6fbc0a4f7edb972acc2a libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 51d4b0377d97938f4c1ae3d8fdee46a4aa381311 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb f27625f622d5864b1c4b1fe2d521a95f6245fa62 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 3a3dbb87d6a68a089e33129fc687d73d93dbc010 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 741d8faa74cc4035562023fe55f21b06ebde1045 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 0a9fa04eee225640accd42297c5208f6148c80f6 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb b0c300684c4a081f5f7aec401d84ec24edc5caec libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 312d1f3ab14af9cba5f47371859389ded937dc5a libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb d99956969eb72624d97366faeb5a22b4caab03f3 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb a5745f8b15ece20514e371b96352dd186d38e9c8 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb bb258d79781c870b88d67e11fb67a4bf866b2f68 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb a28b6a133ba02a56f26d862abd67421d8de54141 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els20_amd64.deb 2e67be3f9db78182b17141cb0c94e947db5d96ce libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb e7ee3763f91497fc82461b5e556e9bd2efc714ab perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els20_all.deb 7ad047cd207618c185bd63d76d6461d113b9bc99 CLSA-2024:1732701268 TuxCare License Agreement 0 * SECURITY UPDATE: Fix DoS by a trusted server by disable ESI - CVE-2024-45802 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix DoS by a trusted server by disable ESI - CVE-2024-45802

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els10_amd64.deb 2e29050ca82402c12a720cd0fe8ab29ccdd662a3 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els10_amd64.deb 347b2c75729840ad200515450871d40217a513db squid-common_3.5.12-1ubuntu7.17+tuxcare.els10_all.deb 067d0ace1e0435cbc7e76dc2968ec8963620312d squid-purge_3.5.12-1ubuntu7.17+tuxcare.els10_amd64.deb f3efdcdae56fb32448ae8962e33da4d0f473c7de squid3_3.5.12-1ubuntu7.17+tuxcare.els10_all.deb f8fdcac9e894ea0c60b23321b07c375678f7d2bf squidclient_3.5.12-1ubuntu7.17+tuxcare.els10_amd64.deb b96ba9f17662a678222479a457e53fc3f22b98d2 CLSA-2024:1733142550 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Modify the indentation of trans_stat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in trans_stat_show * Bionic update: upstream stable patchset 2019-12-20 (LP: #1857158) // CVE- url: https://ubuntu.com/security/CVE-2023-52614 - PM / devfreq: Lock devfreq in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - net: sock: move ->sk_shutdown out of bitfields. - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: allow to invert matching criteria - netfilter: limit: use per-rule spinlock to improve the scalability - netfilter: nf_tables: Fix nft limit burst handling - netfilter: nft_limit: reject configurations that cause integer overflow * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - compiler.h: enable builtin overflow checkers and add fallback code * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: fix packet ratelimiting * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args * Miscellaneous Ubuntu changes - [Packaging]: keep only amd64 architecture * Miscellaneous upstream changes - getabis: use ESM version of debian.master/etc/getabis Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Modify the indentation of trans_stat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in trans_stat_show * Bionic update: upstream stable patchset 2019-12-20 (LP: #1857158) // CVE- url: https://ubuntu.com/security/CVE-2023-52614 - PM / devfreq: Lock devfreq in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - net: sock: move ->sk_shutdown out of bitfields. - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: allow to invert matching criteria - netfilter: limit: use per-rule spinlock to improve the scalability - netfilter: nf_tables: Fix nft limit burst handling - netfilter: nft_limit: reject configurations that cause integer overflow * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - compiler.h: enable builtin overflow checkers and add fallback code * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: fix packet ratelimiting * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args * Miscellaneous Ubuntu changes - [Packaging]: keep only amd64 architecture * Miscellaneous upstream changes - getabis: use ESM version of debian.master/etc/getabis

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 01a593db9fb597b77201b81b313ec92550028edd linux-buildinfo-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb f6e6044f20d8c4f2de0c7f1af561e0e1c5d3be30 linux-cloud-tools-4.4.0-268-tuxcare.els39_4.4.0-268.302_amd64.deb 898d5705007817b685068c3b36982cd4dbabc30c linux-cloud-tools-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 7466acdedc4c7cf734c6febc15e8b7c0dc9a697c linux-cloud-tools-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 649ace46629a637364a3357a17ca7d67a4edebc8 linux-cloud-tools-common_4.4.0-268.302_all.deb cd19956f8c84ca8337c1663a254bc2bca28b8c2f linux-cloud-tools-generic_4.4.0.268.302_amd64.deb c23d01f851dbf0bf6b23c49ed1d939d4486e593f linux-cloud-tools-lowlatency_4.4.0.268.302_amd64.deb cc87e608efd4b6a77d77a6c4a259029c447c2e17 linux-crashdump_4.4.0.268.302_amd64.deb f5ff0ecac34103c9d3fb606ae3c7114f087bf2c0 linux-doc_4.4.0-268.302_all.deb 6671168bbd26936c69686bf9f4d5a5f11dd8b7ad linux-generic_4.4.0.268.302_amd64.deb d734ee2d2ecd3319fd000b6d8da8bddc65e57b1a linux-headers-4.4.0-268-tuxcare.els39_4.4.0-268.302_all.deb 463e7224579a17127a08fbfb82a3d35d09a0d727 linux-headers-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 202efaed5f0f265d266fc2ebe841fe598ef21a1f linux-headers-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 06ba98884cea3cec69d658d4da90bd784d5c91f3 linux-headers-generic_4.4.0.268.302_amd64.deb 7f2e65a94a492c65a85578064bc65b347e9fb5f4 linux-headers-lowlatency_4.4.0.268.302_amd64.deb 99b570737397f731f83f8e6972a17da7f9955d2e linux-image-generic_4.4.0.268.302_amd64.deb 84d413f36aa89fd0f14ca7ca870db11b5a3866ff linux-image-lowlatency_4.4.0.268.302_amd64.deb 6d229781c181c855291fafdab54f938b70ed8816 linux-image-unsigned-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 93c991abf3b7aa1f9ca1c0179d1b2ee2a1c6ac09 linux-image-unsigned-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb bd1e0ec959bfd222351730a5f198d310feb076ea linux-libc-dev_4.4.0-268.302_amd64.deb e6ef480a4bb3772fc874a119d1cdcba11998ea37 linux-lowlatency_4.4.0.268.302_amd64.deb cbfe73c26799249f668437da0b5047e3b2f69018 linux-modules-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 8a22a9218387f832e26611d4898717e35344fe4c linux-modules-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 4620340d87d605756ce1c3a0b89e0e03a4aed112 linux-modules-extra-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 87ba55bf98ec2a59a9d5e6ad64ecd1ca21042097 linux-source_4.4.0.268.302_all.deb 0295a56354b9b4967a3588d8d8e7375904d76f22 linux-source-4.4.0_4.4.0-268.302_all.deb 73a103a3113ee33156b9798235d40f3df6b95ff8 linux-tools-4.4.0-268-tuxcare.els39_4.4.0-268.302_amd64.deb d7f31dd9c306f927d8b9590f414720d12d3f2bc7 linux-tools-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb ef64ee94cdcfecddca22eacc3d35c51dfa3ec6ce linux-tools-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 2decd8a4ac63a3fd84743f2a8dde51aaa8c43865 linux-tools-common_4.4.0-268.302_all.deb 1944d9d99e2c4233df418b0a2b142bbc3eaefbb4 linux-tools-generic_4.4.0.268.302_amd64.deb 6eb501da4663715329c2b9ceadb5a254faa7c7bb linux-tools-host_4.4.0-268.302_all.deb 4d75d321434a8178511a59de95bd5f97d5e59f05 linux-tools-lowlatency_4.4.0.268.302_amd64.deb ba6063251a076835ff6b55a4215aa215a549ec29 CLSA-2024:1733142968 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Modify the indentation of trans_stat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in trans_stat_show * Bionic update: upstream stable patchset 2019-12-20 (LP: #1857158) // CVE- url: https://ubuntu.com/security/CVE-2023-52614 - PM / devfreq: Lock devfreq in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - net: sock: move ->sk_shutdown out of bitfields. - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: allow to invert matching criteria - netfilter: limit: use per-rule spinlock to improve the scalability - netfilter: nf_tables: Fix nft limit burst handling - netfilter: nft_limit: reject configurations that cause integer overflow * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - compiler.h: enable builtin overflow checkers and add fallback code * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: fix packet ratelimiting * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args * Miscellaneous Ubuntu changes - [Packaging]: keep only amd64 architecture * Miscellaneous upstream changes - getabis: use ESM version of debian.master/etc/getabis Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Modify the indentation of trans_stat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in trans_stat_show * Bionic update: upstream stable patchset 2019-12-20 (LP: #1857158) // CVE- url: https://ubuntu.com/security/CVE-2023-52614 - PM / devfreq: Lock devfreq in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - net: sock: move ->sk_shutdown out of bitfields. - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: allow to invert matching criteria - netfilter: limit: use per-rule spinlock to improve the scalability - netfilter: nf_tables: Fix nft limit burst handling - netfilter: nft_limit: reject configurations that cause integer overflow * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - compiler.h: enable builtin overflow checkers and add fallback code * Bionic update: upstream stable patchset 2018-12-12 (LP: #1808185) // CVE- url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: fix packet ratelimiting * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args * Miscellaneous Ubuntu changes - [Packaging]: keep only amd64 architecture * Miscellaneous upstream changes - getabis: use ESM version of debian.master/etc/getabis

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 01a593db9fb597b77201b81b313ec92550028edd linux-buildinfo-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb f6e6044f20d8c4f2de0c7f1af561e0e1c5d3be30 linux-cloud-tools-4.4.0-268-tuxcare.els39_4.4.0-268.302_amd64.deb 898d5705007817b685068c3b36982cd4dbabc30c linux-cloud-tools-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 7466acdedc4c7cf734c6febc15e8b7c0dc9a697c linux-cloud-tools-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 649ace46629a637364a3357a17ca7d67a4edebc8 linux-cloud-tools-common_4.4.0-268.302_all.deb cd19956f8c84ca8337c1663a254bc2bca28b8c2f linux-cloud-tools-generic_4.4.0.268.302_amd64.deb c23d01f851dbf0bf6b23c49ed1d939d4486e593f linux-cloud-tools-lowlatency_4.4.0.268.302_amd64.deb cc87e608efd4b6a77d77a6c4a259029c447c2e17 linux-crashdump_4.4.0.268.302_amd64.deb f5ff0ecac34103c9d3fb606ae3c7114f087bf2c0 linux-doc_4.4.0-268.302_all.deb 6671168bbd26936c69686bf9f4d5a5f11dd8b7ad linux-generic_4.4.0.268.302_amd64.deb d734ee2d2ecd3319fd000b6d8da8bddc65e57b1a linux-headers-4.4.0-268-tuxcare.els39_4.4.0-268.302_all.deb 463e7224579a17127a08fbfb82a3d35d09a0d727 linux-headers-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 202efaed5f0f265d266fc2ebe841fe598ef21a1f linux-headers-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 06ba98884cea3cec69d658d4da90bd784d5c91f3 linux-headers-generic_4.4.0.268.302_amd64.deb 7f2e65a94a492c65a85578064bc65b347e9fb5f4 linux-headers-lowlatency_4.4.0.268.302_amd64.deb 99b570737397f731f83f8e6972a17da7f9955d2e linux-image-generic_4.4.0.268.302_amd64.deb 84d413f36aa89fd0f14ca7ca870db11b5a3866ff linux-image-lowlatency_4.4.0.268.302_amd64.deb 6d229781c181c855291fafdab54f938b70ed8816 linux-image-unsigned-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 93c991abf3b7aa1f9ca1c0179d1b2ee2a1c6ac09 linux-image-unsigned-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb bd1e0ec959bfd222351730a5f198d310feb076ea linux-libc-dev_4.4.0-268.302_amd64.deb e6ef480a4bb3772fc874a119d1cdcba11998ea37 linux-lowlatency_4.4.0.268.302_amd64.deb cbfe73c26799249f668437da0b5047e3b2f69018 linux-modules-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 8a22a9218387f832e26611d4898717e35344fe4c linux-modules-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 4620340d87d605756ce1c3a0b89e0e03a4aed112 linux-modules-extra-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb 87ba55bf98ec2a59a9d5e6ad64ecd1ca21042097 linux-source_4.4.0.268.302_all.deb 0295a56354b9b4967a3588d8d8e7375904d76f22 linux-source-4.4.0_4.4.0-268.302_all.deb 73a103a3113ee33156b9798235d40f3df6b95ff8 linux-tools-4.4.0-268-tuxcare.els39_4.4.0-268.302_amd64.deb d7f31dd9c306f927d8b9590f414720d12d3f2bc7 linux-tools-4.4.0-268-tuxcare.els39-generic_4.4.0-268.302_amd64.deb ef64ee94cdcfecddca22eacc3d35c51dfa3ec6ce linux-tools-4.4.0-268-tuxcare.els39-lowlatency_4.4.0-268.302_amd64.deb 2decd8a4ac63a3fd84743f2a8dde51aaa8c43865 linux-tools-common_4.4.0-268.302_all.deb 1944d9d99e2c4233df418b0a2b142bbc3eaefbb4 linux-tools-generic_4.4.0.268.302_amd64.deb 6eb501da4663715329c2b9ceadb5a254faa7c7bb linux-tools-host_4.4.0-268.302_all.deb 4d75d321434a8178511a59de95bd5f97d5e59f05 linux-tools-lowlatency_4.4.0.268.302_amd64.deb ba6063251a076835ff6b55a4215aa215a549ec29 CLSA-2024:1733908866 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP header parsers in HAProxy may accept empty header field names - debian/patches/CVE-2023-25725.patch: prevent empty header field names - CVE-2023-25725 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP header parsers in HAProxy may accept empty header field names - debian/patches/CVE-2023-25725.patch: prevent empty header field names - CVE-2023-25725

0 tuxcare-ubuntu16.04-els haproxy_1.6.3-1ubuntu0.3+tuxcare.els2_amd64.deb 36a7402ce556410eb8bb78a492bb77479cff16b7 haproxy-doc_1.6.3-1ubuntu0.3+tuxcare.els2_all.deb a150fb9cc92d081b5b6d47f1bb2ff2a6eb5d57aa vim-haproxy_1.6.3-1ubuntu0.3+tuxcare.els2_all.deb 605b9c9ce087e6412d33ad71d1a4997855892fcf CLSA-2024:1734028058 TuxCare License Agreement 0 * SECURITY UPDATE: Prevent running the Python interpreter with an attacker-controlled PYTHONPATH environment variable - debian/patches/CVE-2024-48990-CVE-2024-48991.patch: do not set PYTHONPATH environment variable to prevent a LPE and prevent race condition on /proc/$PID/exec evaluation - CVE-2024-48990 - CVE-2024-48991 * SECURITY UPDATE: Prevent running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable - debian/patches/CVE-2024-48992.patch: do not set RUBYLIB environment variable to prevent a LPE - CVE-2024-48992 * SECURITY UPDATE: Prevent running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable - debian/patches/CVE-2024-11003.patch, debian/control: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Prevent running the Python interpreter with an attacker-controlled PYTHONPATH environment variable - debian/patches/CVE-2024-48990-CVE-2024-48991.patch: do not set PYTHONPATH environment variable to prevent a LPE and prevent race condition on /proc/$PID/exec evaluation - CVE-2024-48990 - CVE-2024-48991 * SECURITY UPDATE: Prevent running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable - debian/patches/CVE-2024-48992.patch: do not set RUBYLIB environment variable to prevent a LPE - CVE-2024-48992 * SECURITY UPDATE: Prevent running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable - debian/patches/CVE-2024-11003.patch, debian/control: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003

0 tuxcare-ubuntu16.04-els needrestart_2.6-1+tuxcare.els1_all.deb 3e0857f8f1a0f57d6460d11c5f04be5a08ac32bd CLSA-2024:1734643101 TuxCare License Agreement 0 * SECURITY UPDATE: Improper newline quoting in email module header serialization - debian/patches/CVE-2024-6923.patch: Encode newlines in headers and verify headers to be sound - CVE-2024-6923 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper newline quoting in email module header serialization - debian/patches/CVE-2024-6923.patch: Encode newlines in headers and verify headers to be sound - CVE-2024-6923

0 tuxcare-ubuntu16.04-els idle-python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_all.deb 6484c46fc16d78bc7a06c12e751ebcededf99f7c libpython2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb d67ae9f8eafd2602012d1d39143dcf810b787ff5 libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb acd1732b8c101e6f829311ab91e808a7523ddf12 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb 92471bd082c2f9ae0c24a6eb7bcd2dc201d2fe63 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb ed19b0e7484d41fd9154d9c06340d0046f2921c6 libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_all.deb 29e5daea76fceea04d483bef7910e6bb97760e54 python2.7_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb 4d69e52eafb9a0b300869f30839f967c1b29210d python2.7-dev_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb 031102d8c5e9095b4115e9cdf46638e74f9631e3 python2.7-doc_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_all.deb a55c989385b8a99853af0cddafe1373c822cce4a python2.7-examples_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_all.deb dc342740cde40b5d6a93d06d01adc5910302e723 python2.7-minimal_2.7.12-1ubuntu0~16.04.18+tuxcare.els16_amd64.deb 3b9a8bc5f82db966d63b16dc06cf7cbfc3fd50dc CLSA-2024:1734704732 TuxCare License Agreement 0 * SECURITY UPDATE: improper sanitization of URIs leading to HTTP request smuggling - debian/patches/CVE-2024-11234.patch: Fix HTTP wrapper full URI path to disallow CR or LF characters - CVE-2024-11234 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper sanitization of URIs leading to HTTP request smuggling - debian/patches/CVE-2024-11234.patch: Fix HTTP wrapper full URI path to disallow CR or LF characters - CVE-2024-11234

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 07f290b939a1b5eabdd7184f85d21421b4af3d2c libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 1b6c220c41a53d62408adf1c3596e04df4cdafcb php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_all.deb 7fe2deaa91ace635992389a64b2a78079236d5da php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 224e1840d0d781e233a39e48c34eded8c00bdc30 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 1153425e7a4774fe09d2697ee5d6183e97d32a25 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 57f13f1a51716129cd553df69fd3d0a079158431 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 0820a180db67c3d29d9fa85f6711874612117275 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 05e180b73130b73d18eb2175a4571960f84bc15d php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 5de72affc3922d4cf6b9fdeb43611a9b9673d9dd php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 4eee357eb1e9a8e7b9e0c67c316ac6295fa5195e php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb e863a4b05d875b29d601ba5122d363478e69d321 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb f139b508c0927c6ea565a859fc6c939520d8a49f php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 24189204f5ee75769e64ad71f76229bc81b1f1bd php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb a0a6192baa2c2a391bdc54589eb99c95d7a63eba php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 0e677f3268199b33cdf6505cf7b7f19880b42c33 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb a7bc125871a699481799a5ae135682a3ec6535d0 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb aaecf135ec4dcc1b8f75f163b2df2095032291ea php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 8458f3e9729f4707098e24a173310d5df959b742 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 3484bdf348f960104423927d5be39aaa8be6938c php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 041f373d9dc60183311a83dbd480cc474c37fce4 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 1e5598be3323e0178a5b7de06335ca3f8921201c php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 600a11c01a2caa1d540fc2c94f8ee0745c1e360e php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb f09f7c228a8ae64134f70878573d9620d148553d php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 57c8df7d512201433c0aa03d41d6aed36ff5fad7 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 1fb88a5e3a2aed96d28b10a16ccc6b69eea3c643 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 0a1bac93a432218138b6fed005d4afafae6821c2 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb a2d6a5fdc1b8c6c73d2e9fe8ff5ae1c419108c6b php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb ba01d38cfea26fe750320a9fefd715c1bf19f17f php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 5fdaffe847dee22806a07c09d0e525e996fe8be3 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 993b49cb3ee903eaea1955e6e17d36809c544372 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 080add36c9ee9ab4c781dfe45e832a646b253d46 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb d4e212b43266ea4a111441a727e077c6f9648d8f php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 0d05259fde5c64972d88d24d24df8e9595033653 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 7d91497f6adcdf8768fd92b02e3ac1b914108002 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 91e2a5860a3933d1c333efa09baa17192278db5b php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb c98d324c8ab981b3ffd69e4a39d0464c3e0d3d42 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 0438007b9583decbe5dea02c6e7f919baf1c61c7 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_all.deb d219bdf574d0f455c0b16231a7d3a6fa5269d2b4 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els13_amd64.deb 51911939e1dcbbb2bbf99581234791e989e5e3e0 CLSA-2024:1735127885 TuxCare License Agreement 0 * CVE-2022-38076 - linux-firmware: Update for Intel Dual Band Wireless AC 3168 - linux-firmware: Upadte for Intel Wireless 7265 (Rev D) Family - linux-firmware: Update for Intel Dual Band Wireless AC 3165 - linux-firmware: Update for Intel Wireless AC 9560 - linux-firmware: Update for Intel Wireless AC 9462 - linux-firmware: Update for Intel Wireless AC 9461 - linux-firmware: Update for Intel Wireless AC 9260 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-38076 - linux-firmware: Update for Intel Dual Band Wireless AC 3168 - linux-firmware: Upadte for Intel Wireless 7265 (Rev D) Family - linux-firmware: Update for Intel Dual Band Wireless AC 3165 - linux-firmware: Update for Intel Wireless AC 9560 - linux-firmware: Update for Intel Wireless AC 9462 - linux-firmware: Update for Intel Wireless AC 9461 - linux-firmware: Update for Intel Wireless AC 9260

0 tuxcare-ubuntu16.04-els linux-firmware_1.157.23+tuxcare.els2_all.deb f5b81b830dc1f01528e5e4fd1f732c33acfc2afb CLSA-2024:1735128527 TuxCare License Agreement 0 * SECURITY UPDATE: Crash in XML_ResumeParser function - debian/patches/CVE-2024-50602.patch: Refuse to stop/suspend an unstarted parser (XML_ERROR_NOT_STARTED). Fix XML_StopParser to be explicit about XML_PARSING and handle default case. Cover XML_StopParser's new handling of status XML_INITIALIZED, Fix crash with NULL pointer dereference in normal_updatePosition - CVE-2024-50602 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash in XML_ResumeParser function - debian/patches/CVE-2024-50602.patch: Refuse to stop/suspend an unstarted parser (XML_ERROR_NOT_STARTED). Fix XML_StopParser to be explicit about XML_PARSING and handle default case. Cover XML_StopParser's new handling of status XML_INITIALIZED, Fix crash with NULL pointer dereference in normal_updatePosition - CVE-2024-50602

0 tuxcare-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els6_amd64.deb d7d04cfc1bdb4b5c4b504c8fb02264b91b107e3d libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els6_amd64.deb 7f136fd7c4c191f8280b4a8002d7bbb9c5a6cce2 libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els6_amd64.deb 9ab90871b6b8b9f2d45e1a11569d8de7b006169b CLSA-2024:1735310784 TuxCare License Agreement 0 * SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 616e502e7703ccd09877ab3644df84817659199f libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 469bb87caaf29d705233d71f5a0692b50836a4a9 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_all.deb 7d6546f336dac1279ca59ac4051863a2716b2ad6 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb fa45dea3c5083165b9906b2501395f508d48f6ae php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 4ee2d8c39a9a636a9415a6d983746b26938189e2 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 63ec8bf6c22bdc1e4640ef2f226b30fe470a0875 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb c71c591d8214ecf16218329b4024fb61b2b4a6e7 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb c7f773c984c50067684ed04f431195083bec7ae9 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb b9fbd06f687f9331cb37be2dddbd4e16b548e1ee php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 096dca6db3f283c57422549534f4640a57066222 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 6ccc9d70971d7b0a6d697de92a9edf7e3c08db94 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 9987076df6c5dd9696cae8cc24fe146f5145be48 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 804939b40f8a30e56f42e88a4613a31634dd2177 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 6908b88fc11a677e7afa018803dd75c648b7da61 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 171d6174d01411c579b5fc7ec6dff9d1add0fd92 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 064d63ef8b638115d406ac4da3bc27401ede2b5b php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 3bb593b0ad389afe0dba5da8672381090fc5cf3a php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 9acd4871b1409aadc0585996b80917e70c563bc7 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 836bf9bea568315dcb7775ba1b92c63f2ac7429b php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb afda41fb343178816e45edac13efee794860a200 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 7bba88368f2a14892c692a6c08a749230d7550f3 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb ecc419dc1bb227cb4c396886df34187f331dee5b php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 68f525c26601886e19a40207d8181f72a385c53c php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 8c969b0dc2ea5d7b756ad3c8b4231c86ef98d96d php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb ddac2340e362e09587ce11f4f1cf0c984f7c65de php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 4e18fd9443291f4c77f148adcb535794d95873dd php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb c2f2444924c419b8c7ce5b6be182956375d8a110 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 744fe61b16e3992e620576f729e82d8392db9d52 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb cb6f79d41e809f6a9f8cfedbe415d3c8e1747dd8 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 44c0b4c3e92d3ea31e171a42c676a711208d48ae php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb d4e25698c476a85ca5d3675237832c528da99ad5 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 940f03b07b2bc55a3d6ef2850bcdb74f8e795177 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb e39c8662aa36adac37ef65e6b98b4635813c5e09 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 1d6756d90fc9652df4fa3a5289313dd3e593cc46 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 1ef74cf3f0c462cbbce5e8c20c6bfad7dd5b7c53 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb a552bc86bfab1e4dffe4db82855fc3a2a21ac43b php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 28377bacf16022c2d5b70fb9fb1be8c4858a7f60 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_all.deb e8e5cc0710e9ac852d8457534b65a69aa7016229 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els14_amd64.deb 493f3f4155f2e764b7c560b766fc984042bc2092 CLSA-2025:1736470237 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47118 - pid: take a reference when initializing `cad_pid` * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47086 - phonet/pep: refuse to enable an unbound pipe * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48695 - scsi: mpt3sas: Fix use-after-free warning * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47321 - watchdog: Fix possible use-after-free by calling del_timer_sync() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47310 - net: ti: fix UAF in tlan_remove_one * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47353 - udf: Fix NULL pointer dereference in udf_symlink function * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Allow multiple commit requests in flight per file - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-47055 - mtd: require write permissions for locking and badblock ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47118 - pid: take a reference when initializing `cad_pid` * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47086 - phonet/pep: refuse to enable an unbound pipe * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48695 - scsi: mpt3sas: Fix use-after-free warning * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47321 - watchdog: Fix possible use-after-free by calling del_timer_sync() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47310 - net: ti: fix UAF in tlan_remove_one * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47353 - udf: Fix NULL pointer dereference in udf_symlink function * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Allow multiple commit requests in flight per file - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-47055 - mtd: require write permissions for locking and badblock ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 292e4e4ef59c673934c7a8f7f9f32a861bebed33 linux-buildinfo-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 94814fe89db41eb6acd7f406a692fcd0bc56aa40 linux-cloud-tools-4.4.0-269-tuxcare.els40_4.4.0-269.303_amd64.deb 46569a37d87c5224df42187eeb21fe7fc7bd38e4 linux-cloud-tools-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 8e429be28c6c72c89b0d02f31cebde93a882e46e linux-cloud-tools-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb f17e8d994036035ade60cd5a5fe8909c4b3fb7ec linux-cloud-tools-common_4.4.0-269.303_all.deb 7493965ef183934fbb7263a3beb38aed8cf7d8f2 linux-cloud-tools-generic_4.4.0.269.303_amd64.deb 4c01824bd500fefe5dbd55197817f20fe2590cc3 linux-cloud-tools-lowlatency_4.4.0.269.303_amd64.deb d5a2535d9d4d960ded94025128d924aa495d06fb linux-crashdump_4.4.0.269.303_amd64.deb 825d4929debae60800b1a3f7cad3667499427ebb linux-doc_4.4.0-269.303_all.deb 3332c2d779ff535fd62138a16766578c7d9858c4 linux-generic_4.4.0.269.303_amd64.deb 1439552b47a2fbeb4b9c045223c9f7cdc9ab077a linux-headers-4.4.0-269-tuxcare.els40_4.4.0-269.303_all.deb 5d7c7c1f1be81670f173ad00698ce15000c3374a linux-headers-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 67e52693fb0d703aaab18ed20b400531fbe38336 linux-headers-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 7fbc8e5ca96770b6d07d983f285fa2c081c32831 linux-headers-generic_4.4.0.269.303_amd64.deb 4e84fbf93b1bf3b2d5c9b413c62adc80bf9e334a linux-headers-lowlatency_4.4.0.269.303_amd64.deb d8fa1e45082d3bd55a96bf1e1d4322bd1b5a0ba1 linux-image-generic_4.4.0.269.303_amd64.deb e7d29628c6d8fc88fb63e46b14876057905830bc linux-image-lowlatency_4.4.0.269.303_amd64.deb 480aa77cd63b0b1272578a3535eee27890d941bb linux-image-unsigned-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb dcf7586d772f83a485b146c677c18bf44d2c65ee linux-image-unsigned-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 63527bc1382bd7ee3e701f979f9c5bc9b2ec8181 linux-libc-dev_4.4.0-269.303_amd64.deb 26c2feae6c4081f1a7147607fb85d35580783cb3 linux-lowlatency_4.4.0.269.303_amd64.deb 4ffa99ad373e97498d34003482d72ea8b0df4723 linux-modules-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb b95eef80fa5e37df0127cace82eab936faae1e96 linux-modules-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 9e00ba335bb9eac3b0bbe2d84e93119bbd790b99 linux-modules-extra-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb e2a10dd0e521c8b65d53444f7ddb6059e3d309bd linux-source_4.4.0.269.303_all.deb e2209f2a915cfe6bae082217ae13440677c814c3 linux-source-4.4.0_4.4.0-269.303_all.deb ca3976c1cd03a4421904efacdc65595f565a62ce linux-tools-4.4.0-269-tuxcare.els40_4.4.0-269.303_amd64.deb 901ec400818d6f274b8050a80e89be6ee64562ed linux-tools-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 5d8843116aae12269583a88a5bc445b6613b16b2 linux-tools-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb e332dd88cbcfc22428311640658554747516fd1e linux-tools-common_4.4.0-269.303_all.deb 8232a745654dac1325760a29647bd97f5b6e7ad7 linux-tools-generic_4.4.0.269.303_amd64.deb 7d3a4d45b652c512414716fef25932cc2fee46c5 linux-tools-host_4.4.0-269.303_all.deb 58bd0a31cf20765146de36f73746c5db9926a283 linux-tools-lowlatency_4.4.0.269.303_amd64.deb 5ba04d8d1d634badde9769b62ff8951f93fa64b3 CLSA-2025:1736470534 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47118 - pid: take a reference when initializing `cad_pid` * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47086 - phonet/pep: refuse to enable an unbound pipe * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48695 - scsi: mpt3sas: Fix use-after-free warning * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47321 - watchdog: Fix possible use-after-free by calling del_timer_sync() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47310 - net: ti: fix UAF in tlan_remove_one * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47353 - udf: Fix NULL pointer dereference in udf_symlink function * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Allow multiple commit requests in flight per file - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-47055 - mtd: require write permissions for locking and badblock ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47118 - pid: take a reference when initializing `cad_pid` * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47086 - phonet/pep: refuse to enable an unbound pipe * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48695 - scsi: mpt3sas: Fix use-after-free warning * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47321 - watchdog: Fix possible use-after-free by calling del_timer_sync() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47310 - net: ti: fix UAF in tlan_remove_one * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47353 - udf: Fix NULL pointer dereference in udf_symlink function * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Allow multiple commit requests in flight per file - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-47055 - mtd: require write permissions for locking and badblock ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 292e4e4ef59c673934c7a8f7f9f32a861bebed33 linux-buildinfo-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 94814fe89db41eb6acd7f406a692fcd0bc56aa40 linux-cloud-tools-4.4.0-269-tuxcare.els40_4.4.0-269.303_amd64.deb 46569a37d87c5224df42187eeb21fe7fc7bd38e4 linux-cloud-tools-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 8e429be28c6c72c89b0d02f31cebde93a882e46e linux-cloud-tools-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb f17e8d994036035ade60cd5a5fe8909c4b3fb7ec linux-cloud-tools-common_4.4.0-269.303_all.deb 7493965ef183934fbb7263a3beb38aed8cf7d8f2 linux-cloud-tools-generic_4.4.0.269.303_amd64.deb 4c01824bd500fefe5dbd55197817f20fe2590cc3 linux-cloud-tools-lowlatency_4.4.0.269.303_amd64.deb d5a2535d9d4d960ded94025128d924aa495d06fb linux-crashdump_4.4.0.269.303_amd64.deb 825d4929debae60800b1a3f7cad3667499427ebb linux-doc_4.4.0-269.303_all.deb 3332c2d779ff535fd62138a16766578c7d9858c4 linux-generic_4.4.0.269.303_amd64.deb 1439552b47a2fbeb4b9c045223c9f7cdc9ab077a linux-headers-4.4.0-269-tuxcare.els40_4.4.0-269.303_all.deb 5d7c7c1f1be81670f173ad00698ce15000c3374a linux-headers-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 67e52693fb0d703aaab18ed20b400531fbe38336 linux-headers-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 7fbc8e5ca96770b6d07d983f285fa2c081c32831 linux-headers-generic_4.4.0.269.303_amd64.deb 4e84fbf93b1bf3b2d5c9b413c62adc80bf9e334a linux-headers-lowlatency_4.4.0.269.303_amd64.deb d8fa1e45082d3bd55a96bf1e1d4322bd1b5a0ba1 linux-image-generic_4.4.0.269.303_amd64.deb e7d29628c6d8fc88fb63e46b14876057905830bc linux-image-lowlatency_4.4.0.269.303_amd64.deb 480aa77cd63b0b1272578a3535eee27890d941bb linux-image-unsigned-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb dcf7586d772f83a485b146c677c18bf44d2c65ee linux-image-unsigned-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 63527bc1382bd7ee3e701f979f9c5bc9b2ec8181 linux-libc-dev_4.4.0-269.303_amd64.deb 26c2feae6c4081f1a7147607fb85d35580783cb3 linux-lowlatency_4.4.0.269.303_amd64.deb 4ffa99ad373e97498d34003482d72ea8b0df4723 linux-modules-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb b95eef80fa5e37df0127cace82eab936faae1e96 linux-modules-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb 9e00ba335bb9eac3b0bbe2d84e93119bbd790b99 linux-modules-extra-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb e2a10dd0e521c8b65d53444f7ddb6059e3d309bd linux-source_4.4.0.269.303_all.deb e2209f2a915cfe6bae082217ae13440677c814c3 linux-source-4.4.0_4.4.0-269.303_all.deb ca3976c1cd03a4421904efacdc65595f565a62ce linux-tools-4.4.0-269-tuxcare.els40_4.4.0-269.303_amd64.deb 901ec400818d6f274b8050a80e89be6ee64562ed linux-tools-4.4.0-269-tuxcare.els40-generic_4.4.0-269.303_amd64.deb 5d8843116aae12269583a88a5bc445b6613b16b2 linux-tools-4.4.0-269-tuxcare.els40-lowlatency_4.4.0-269.303_amd64.deb e332dd88cbcfc22428311640658554747516fd1e linux-tools-common_4.4.0-269.303_all.deb 8232a745654dac1325760a29647bd97f5b6e7ad7 linux-tools-generic_4.4.0.269.303_amd64.deb 7d3a4d45b652c512414716fef25932cc2fee46c5 linux-tools-host_4.4.0-269.303_all.deb 58bd0a31cf20765146de36f73746c5db9926a283 linux-tools-lowlatency_4.4.0.269.303_amd64.deb 5ba04d8d1d634badde9769b62ff8951f93fa64b3 CLSA-2025:1736502911 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2024-11-12: - Updated microcodes: sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240 sig 0x000b0671, pf_mask 0x32, 2024-08-29, rev 0x012b, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 * SECURITY UPDATE: - CVE-2024-21853, INTEL-SA-01101 - CVE-2024-23918, CVE-2024-21820, INTEL-SA-01079 - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2024-11-12: - Updated microcodes: sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240 sig 0x000b0671, pf_mask 0x32, 2024-08-29, rev 0x012b, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 * SECURITY UPDATE: - CVE-2024-21853, INTEL-SA-01101 - CVE-2024-23918, CVE-2024-21820, INTEL-SA-01079 - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103

0 tuxcare-ubuntu16.04-els intel-microcode_3.20241112.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 89f08c7a881cd6765b80cdccacbe6b0294b2d9ab CLSA-2025:1736503187 TuxCare License Agreement 0 * SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2024-47814.patch: Fix use-after-free issue when closing a buffer by checking for deletions before editing - CVE-2024-47814 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2024-47814.patch: Fix use-after-free issue when closing a buffer by checking for deletions before editing - CVE-2024-47814

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb a190a54fb2ba590b6d6188eca84e9ef4f32c48d0 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb b15553ac711fdb15043170faa1c0ed67726c8ba2 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 7782b4190b0069d4e0ffdf0c371c5de8e55c65a6 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 438556ca8af6f648edfc12852219f810d9fcb9bc vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els53_all.deb 292406329aecaf3de1deddc65e810c74c7477082 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb c16b0b9dec160d534dd7d30bb19ee2015003aa4d vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb a1e189c9bc41182079b36cc82c6c8841d94e63ad vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb d47f7cbf3e323c46566c7371d12059851bd2cdd0 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 3f101c67d19425f73255dac00cf1778fdc497eeb vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 517d0f459efcaea212f6685743d155b303c0b4ae vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 875cd1f655b2668e6a331ac24eb1fc75b79cbc4b vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els53_all.deb 0dd09851351c02143a1a5a831679075d8da54f57 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 2d59ac0fa58e0ecbbf3d1ad73bc9ef17fcb46b1f vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb 495225e7bdb44fac1fbfa2baa7534ca5a8d6d9d6 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els53_all.deb 2844aff07ac9b7e794c7bb866a6c7735dbd97129 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els53_amd64.deb c20adb41dc60d1db567c1a97c012caeeca081efa CLSA-2025:1737471454 TuxCare License Agreement 0 * SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12085.patch: fix issue with checksum length manipulation leading to uninitialized memory leak - CVE-2024-12085 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12085.patch: fix issue with checksum length manipulation leading to uninitialized memory leak - CVE-2024-12085

0 tuxcare-ubuntu16.04-els rsync_3.1.1-3ubuntu1.3+tuxcare.els5_amd64.deb ea217ad464d182fa1f678d68300860f482c19b5e CLSA-2025:1738170434 TuxCare License Agreement 0 * SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 * debian/rules, debian/patches/series: use series file to manage patches * debian/patches/ssh-6-option.diff make it compatible with Quilt Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 * debian/rules, debian/patches/series: use series file to manage patches * debian/patches/ssh-6-option.diff make it compatible with Quilt

0 tuxcare-ubuntu16.04-els rsync_3.1.1-3ubuntu1.3+tuxcare.els6_amd64.deb ca19c219f0f174d7f96146d790b260b0f7e03592 CLSA-2025:1738632046 TuxCare License Agreement 0 * SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12086.patch: fix info leak when connecting to malicious server - CVE-2024-12086 * SECURITY UPDATE: arbitraty file write via inproper symlink verification - debian/patches/CVE-2024-12087.patch: fix writing malicious files to arbitrary locations when using '--inc-recursive' option - CVE-2024-12087 * SECURITY UPDATE: arbitraty file write when using '--safe-links' option - debian/patches/CVE-2024-12088.patch: properly verify if a symbolic link destination contains another symbolic link within it when using the '--safe-links' option - CVE-2024-12088 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12086.patch: fix info leak when connecting to malicious server - CVE-2024-12086 * SECURITY UPDATE: arbitraty file write via inproper symlink verification - debian/patches/CVE-2024-12087.patch: fix writing malicious files to arbitrary locations when using '--inc-recursive' option - CVE-2024-12087 * SECURITY UPDATE: arbitraty file write when using '--safe-links' option - debian/patches/CVE-2024-12088.patch: properly verify if a symbolic link destination contains another symbolic link within it when using the '--safe-links' option - CVE-2024-12088

0 tuxcare-ubuntu16.04-els rsync_3.1.1-3ubuntu1.3+tuxcare.els7_amd64.deb 37747a033659e133a650092bbfe87fd62377d2a3 CLSA-2025:1738957378 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47485 - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - sock: struct proto hash function may error - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47404 - HID: betop: fix slab-out-of-bounds Write in betop_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47254 - gfs2: Fix use-after-free in gfs2_glock_shrink_scan * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47506 - nfsd: fix use-after-free due to delegation race * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47280 - drm: Fix use-after-free read in drm_getunique() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47235 - net: ethernet: fix potential use-after-free in ec_bhf_remove * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47309 - net: validate lwtstate->data before returning from skb_tunnel_info() * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47549 - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE- url: https://ubuntu.com/security/CVE-2021-47500 - iio: mma8452: Fix trigger reference couting * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47483 - regmap: Fix possible double-free in regcache_rbtree_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47334 - misc/libmasm/module: Fix two use after free in ibmasm_init_one * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47355 - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47245 - netfilter: synproxy: Fix out of bounds when parsing TCP options * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47288 - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47485 - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - sock: struct proto hash function may error - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47404 - HID: betop: fix slab-out-of-bounds Write in betop_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47254 - gfs2: Fix use-after-free in gfs2_glock_shrink_scan * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47506 - nfsd: fix use-after-free due to delegation race * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47280 - drm: Fix use-after-free read in drm_getunique() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47235 - net: ethernet: fix potential use-after-free in ec_bhf_remove * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47309 - net: validate lwtstate->data before returning from skb_tunnel_info() * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47549 - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE- url: https://ubuntu.com/security/CVE-2021-47500 - iio: mma8452: Fix trigger reference couting * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47483 - regmap: Fix possible double-free in regcache_rbtree_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47334 - misc/libmasm/module: Fix two use after free in ibmasm_init_one * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47355 - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47245 - netfilter: synproxy: Fix out of bounds when parsing TCP options * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47288 - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb 8bfbf4f9289c8cdff97cb8dd8472a0e2d3beed4a linux-buildinfo-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 04ad03c2ad50ff0bf05c3c1fe5c1b11fd47d50a3 linux-cloud-tools-4.4.0-270-tuxcare.els41_4.4.0-270.304_amd64.deb b108430cc8df8ea9c6d729a8fa196590a1f1aa24 linux-cloud-tools-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb e69bddc664c62c5b5a8c63d5ded35bf882b7a72b linux-cloud-tools-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 182ad906f74bd16d2e968e7b1a9d3d5553085743 linux-cloud-tools-common_4.4.0-270.304_all.deb f45e75f6fbc7f4e45b2b44f14e9a0b2136fddf3f linux-cloud-tools-generic_4.4.0.270.304_amd64.deb 20acc0dce2ed77d94f68f20675861b467c148e0c linux-cloud-tools-lowlatency_4.4.0.270.304_amd64.deb d0dada35c17224ad7f8a3da67808d80ac4f5cb9d linux-crashdump_4.4.0.270.304_amd64.deb e96cf7fba9088e33d5ecf8f12ff9a2100f8495b9 linux-doc_4.4.0-270.304_all.deb c611933660042d02e151bdb76bce1bc29d78e9e1 linux-generic_4.4.0.270.304_amd64.deb 5c919ea32b8cebe8d7f0762d96f0c38c9003e1ae linux-headers-4.4.0-270-tuxcare.els41_4.4.0-270.304_all.deb 0a6db06a19c7c762a2683b63153082f82b804053 linux-headers-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb e41f1fe830d473a6c3421b1cc325028a96a27cb4 linux-headers-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb cee71e644fea8a02f241857dfc671f35228688e7 linux-headers-generic_4.4.0.270.304_amd64.deb 401c18e44d735dd5268d3b9c7bad9187703e723a linux-headers-lowlatency_4.4.0.270.304_amd64.deb 50f5c7d36a5c308130099ff63f2e5177d3f1ea42 linux-image-generic_4.4.0.270.304_amd64.deb 28efd66ca4d45e3e08e92aa7e3ebf5ac8e76e9e7 linux-image-lowlatency_4.4.0.270.304_amd64.deb 37977649b655537e69580b40a4ac8386598ca283 linux-image-unsigned-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb a376ea582fa9ed1fc0145b4c5c48f99218df3fd4 linux-image-unsigned-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 90b43f339279e98f2920000792d9252408ba7158 linux-libc-dev_4.4.0-270.304_amd64.deb 47f5414aeacf8430790fe85eaf8cbbecfb61107f linux-lowlatency_4.4.0.270.304_amd64.deb 5c97804eb378ef46a076703c371a7531232d94e0 linux-modules-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb 6087f8f2363b8d7825d2aea4c33982c3bb0d75be linux-modules-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb fbe8d00fbddc178f169fa3a239cef5767857a454 linux-modules-extra-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb 7fa4112067dfabf0167b909afa5eee4b3360994c linux-source_4.4.0.270.304_all.deb 7cd81d5dd9b2958ccfeb42457cff8c7dbbc34d24 linux-source-4.4.0_4.4.0-270.304_all.deb 07ee6d656a8994afda05864131df7ef2348414b9 linux-tools-4.4.0-270-tuxcare.els41_4.4.0-270.304_amd64.deb 9952cabcf5804c8a81f3a9b61d2b75dfcf2c0f59 linux-tools-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb bf11e4422661ef32a5d27395d33b8563029c799f linux-tools-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 7e8508851d0070e46ad2178102d6426250328144 linux-tools-common_4.4.0-270.304_all.deb c2268e7a424f0cfb58b32ecdf5962ad560e71fbd linux-tools-generic_4.4.0.270.304_amd64.deb 535b3f5c2c3e8acf191a8ad6aac004a759772ed4 linux-tools-host_4.4.0-270.304_all.deb 27b9d7141ece9b8e297c504dc3706ab7d6cf52b6 linux-tools-lowlatency_4.4.0.270.304_amd64.deb 27fbfd1af475e214a3acbdd9d1821f9b7f0807c6 CLSA-2025:1738958068 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47485 - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - sock: struct proto hash function may error - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47404 - HID: betop: fix slab-out-of-bounds Write in betop_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47254 - gfs2: Fix use-after-free in gfs2_glock_shrink_scan * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47506 - nfsd: fix use-after-free due to delegation race * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47280 - drm: Fix use-after-free read in drm_getunique() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47235 - net: ethernet: fix potential use-after-free in ec_bhf_remove * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47309 - net: validate lwtstate->data before returning from skb_tunnel_info() * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47549 - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE- url: https://ubuntu.com/security/CVE-2021-47500 - iio: mma8452: Fix trigger reference couting * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47483 - regmap: Fix possible double-free in regcache_rbtree_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47334 - misc/libmasm/module: Fix two use after free in ibmasm_init_one * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47355 - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47245 - netfilter: synproxy: Fix out of bounds when parsing TCP options * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47288 - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) // CVE- url: https://ubuntu.com/security/CVE-2021-47485 - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - sock: struct proto hash function may error - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47404 - HID: betop: fix slab-out-of-bounds Write in betop_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47254 - gfs2: Fix use-after-free in gfs2_glock_shrink_scan * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47506 - nfsd: fix use-after-free due to delegation race * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47280 - drm: Fix use-after-free read in drm_getunique() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47235 - net: ethernet: fix potential use-after-free in ec_bhf_remove * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47309 - net: validate lwtstate->data before returning from skb_tunnel_info() * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47549 - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE- url: https://ubuntu.com/security/CVE-2021-47500 - iio: mma8452: Fix trigger reference couting * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47483 - regmap: Fix possible double-free in regcache_rbtree_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47334 - misc/libmasm/module: Fix two use after free in ibmasm_init_one * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47355 - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47245 - netfilter: synproxy: Fix out of bounds when parsing TCP options * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) // CVE- url: https://ubuntu.com/security/CVE-2021-47288 - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb 8bfbf4f9289c8cdff97cb8dd8472a0e2d3beed4a linux-buildinfo-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 04ad03c2ad50ff0bf05c3c1fe5c1b11fd47d50a3 linux-cloud-tools-4.4.0-270-tuxcare.els41_4.4.0-270.304_amd64.deb b108430cc8df8ea9c6d729a8fa196590a1f1aa24 linux-cloud-tools-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb e69bddc664c62c5b5a8c63d5ded35bf882b7a72b linux-cloud-tools-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 182ad906f74bd16d2e968e7b1a9d3d5553085743 linux-cloud-tools-common_4.4.0-270.304_all.deb f45e75f6fbc7f4e45b2b44f14e9a0b2136fddf3f linux-cloud-tools-generic_4.4.0.270.304_amd64.deb 20acc0dce2ed77d94f68f20675861b467c148e0c linux-cloud-tools-lowlatency_4.4.0.270.304_amd64.deb d0dada35c17224ad7f8a3da67808d80ac4f5cb9d linux-crashdump_4.4.0.270.304_amd64.deb e96cf7fba9088e33d5ecf8f12ff9a2100f8495b9 linux-doc_4.4.0-270.304_all.deb c611933660042d02e151bdb76bce1bc29d78e9e1 linux-generic_4.4.0.270.304_amd64.deb 5c919ea32b8cebe8d7f0762d96f0c38c9003e1ae linux-headers-4.4.0-270-tuxcare.els41_4.4.0-270.304_all.deb 0a6db06a19c7c762a2683b63153082f82b804053 linux-headers-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb e41f1fe830d473a6c3421b1cc325028a96a27cb4 linux-headers-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb cee71e644fea8a02f241857dfc671f35228688e7 linux-headers-generic_4.4.0.270.304_amd64.deb 401c18e44d735dd5268d3b9c7bad9187703e723a linux-headers-lowlatency_4.4.0.270.304_amd64.deb 50f5c7d36a5c308130099ff63f2e5177d3f1ea42 linux-image-generic_4.4.0.270.304_amd64.deb 28efd66ca4d45e3e08e92aa7e3ebf5ac8e76e9e7 linux-image-lowlatency_4.4.0.270.304_amd64.deb 37977649b655537e69580b40a4ac8386598ca283 linux-image-unsigned-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb a376ea582fa9ed1fc0145b4c5c48f99218df3fd4 linux-image-unsigned-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 90b43f339279e98f2920000792d9252408ba7158 linux-libc-dev_4.4.0-270.304_amd64.deb 47f5414aeacf8430790fe85eaf8cbbecfb61107f linux-lowlatency_4.4.0.270.304_amd64.deb 5c97804eb378ef46a076703c371a7531232d94e0 linux-modules-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb 6087f8f2363b8d7825d2aea4c33982c3bb0d75be linux-modules-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb fbe8d00fbddc178f169fa3a239cef5767857a454 linux-modules-extra-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb 7fa4112067dfabf0167b909afa5eee4b3360994c linux-source_4.4.0.270.304_all.deb 7cd81d5dd9b2958ccfeb42457cff8c7dbbc34d24 linux-source-4.4.0_4.4.0-270.304_all.deb 07ee6d656a8994afda05864131df7ef2348414b9 linux-tools-4.4.0-270-tuxcare.els41_4.4.0-270.304_amd64.deb 9952cabcf5804c8a81f3a9b61d2b75dfcf2c0f59 linux-tools-4.4.0-270-tuxcare.els41-generic_4.4.0-270.304_amd64.deb bf11e4422661ef32a5d27395d33b8563029c799f linux-tools-4.4.0-270-tuxcare.els41-lowlatency_4.4.0-270.304_amd64.deb 7e8508851d0070e46ad2178102d6426250328144 linux-tools-common_4.4.0-270.304_all.deb c2268e7a424f0cfb58b32ecdf5962ad560e71fbd linux-tools-generic_4.4.0.270.304_amd64.deb 535b3f5c2c3e8acf191a8ad6aac004a759772ed4 linux-tools-host_4.4.0-270.304_all.deb 27b9d7141ece9b8e297c504dc3706ab7d6cf52b6 linux-tools-lowlatency_4.4.0.270.304_amd64.deb 27fbfd1af475e214a3acbdd9d1821f9b7f0807c6 CLSA-2025:1739525173 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb b4b40f1a5aaf925668c16b36d5fc0f7f0d7dccfe linux-buildinfo-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb dd7a3d4de7a52e6ec3a32591bce4142bc835e28a linux-cloud-tools-4.4.0-271-tuxcare.els42_4.4.0-271.305_amd64.deb f6805e5f5be6e3c9f3eae4ef35459216b912d06a linux-cloud-tools-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb 8fb6679f3e4211ae9fca02be3f1294958573fb52 linux-cloud-tools-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb 9ba89d3eff57ddb6874f25f4d8bc35bfaea65f07 linux-cloud-tools-common_4.4.0-271.305_all.deb 6682da59a805fe4a6fa321caa24ca70ec9c5f8b7 linux-cloud-tools-generic_4.4.0.271.305_amd64.deb 9d392e3fcde62e5b510065980b5b4702f1765711 linux-cloud-tools-lowlatency_4.4.0.271.305_amd64.deb 6e128d84c9f5c1638fc97deecef702ca673762a1 linux-crashdump_4.4.0.271.305_amd64.deb 5196cfb4ed792e82e810ec6df910e35864979ada linux-doc_4.4.0-271.305_all.deb 688b680dbaaa98b46838860e9d9fb128627ed7fa linux-generic_4.4.0.271.305_amd64.deb d6825c81eeab7678cd107322d52f615c0bacc7e9 linux-headers-4.4.0-271-tuxcare.els42_4.4.0-271.305_all.deb d86093d429384ada91a62a780f8fadb47612ea7d linux-headers-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb f1992f7ae2724c64f51829ebd91634cad1a560e1 linux-headers-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb f8611f1e0b798dea062d8028117b45ad4bbd7186 linux-headers-generic_4.4.0.271.305_amd64.deb 6de236b224f21e015b628e8f0323f9545fa32dea linux-headers-lowlatency_4.4.0.271.305_amd64.deb ad7408696ef96cb90d9ce1e7da9d6a068c313d38 linux-image-generic_4.4.0.271.305_amd64.deb 72e085a4e0e78f9ee92a5c7675c96b52c2c36f21 linux-image-lowlatency_4.4.0.271.305_amd64.deb 32c6dcd55889e6a6cd088a061e88bfca802bcb55 linux-image-unsigned-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb 4277951a2f9ddb6621f03a06287300a88740c6ca linux-image-unsigned-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb 75ab763d01a5a111f6547ea0d08e148fe7f4a7e6 linux-libc-dev_4.4.0-271.305_amd64.deb dfefc94512c4983462e6db0dea20c096ef854aa0 linux-lowlatency_4.4.0.271.305_amd64.deb 6fe956ec287da42d5bea4a3079c922683236f95e linux-modules-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb 895d806a8e487f3731c417599af14bf9eb41e239 linux-modules-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb f34882bbb3faa1c377205e3ca02ce95f08dacbb8 linux-modules-extra-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb c293708875ab0f4eb09bbe601d197abc5c6fe597 linux-source_4.4.0.271.305_all.deb 2c1d31bfa3adf2bd3b7c1b0f3cd1e407381dffa1 linux-source-4.4.0_4.4.0-271.305_all.deb 9e23203728f14702855d42f6a0f2a5a59376b5c6 linux-tools-4.4.0-271-tuxcare.els42_4.4.0-271.305_amd64.deb e0170ece13ca81c6b279c94288ead54fc2e6f841 linux-tools-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb c8bc7c1eb6bad9d1f0fcb26522ac10555dfb2eb5 linux-tools-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb cc35fce0a3c20c1c3bf21962408acad14a639a8f linux-tools-common_4.4.0-271.305_all.deb 74adc64ef3a041890ef6697af2b6403d8e82d61a linux-tools-generic_4.4.0.271.305_amd64.deb f76aa81d18663505f639158a8dd7489159c8993b linux-tools-host_4.4.0-271.305_all.deb e3addd90a5b269071f2738a6d755b1f499c7e14e linux-tools-lowlatency_4.4.0.271.305_amd64.deb b1ff92d403ea56a518d1658bb65b262ee02fb001 CLSA-2025:1739525872 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb b4b40f1a5aaf925668c16b36d5fc0f7f0d7dccfe linux-buildinfo-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb dd7a3d4de7a52e6ec3a32591bce4142bc835e28a linux-cloud-tools-4.4.0-271-tuxcare.els42_4.4.0-271.305_amd64.deb f6805e5f5be6e3c9f3eae4ef35459216b912d06a linux-cloud-tools-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb 8fb6679f3e4211ae9fca02be3f1294958573fb52 linux-cloud-tools-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb 9ba89d3eff57ddb6874f25f4d8bc35bfaea65f07 linux-cloud-tools-common_4.4.0-271.305_all.deb 6682da59a805fe4a6fa321caa24ca70ec9c5f8b7 linux-cloud-tools-generic_4.4.0.271.305_amd64.deb 9d392e3fcde62e5b510065980b5b4702f1765711 linux-cloud-tools-lowlatency_4.4.0.271.305_amd64.deb 6e128d84c9f5c1638fc97deecef702ca673762a1 linux-crashdump_4.4.0.271.305_amd64.deb 5196cfb4ed792e82e810ec6df910e35864979ada linux-doc_4.4.0-271.305_all.deb 688b680dbaaa98b46838860e9d9fb128627ed7fa linux-generic_4.4.0.271.305_amd64.deb d6825c81eeab7678cd107322d52f615c0bacc7e9 linux-headers-4.4.0-271-tuxcare.els42_4.4.0-271.305_all.deb d86093d429384ada91a62a780f8fadb47612ea7d linux-headers-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb f1992f7ae2724c64f51829ebd91634cad1a560e1 linux-headers-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb f8611f1e0b798dea062d8028117b45ad4bbd7186 linux-headers-generic_4.4.0.271.305_amd64.deb 6de236b224f21e015b628e8f0323f9545fa32dea linux-headers-lowlatency_4.4.0.271.305_amd64.deb ad7408696ef96cb90d9ce1e7da9d6a068c313d38 linux-image-generic_4.4.0.271.305_amd64.deb 72e085a4e0e78f9ee92a5c7675c96b52c2c36f21 linux-image-lowlatency_4.4.0.271.305_amd64.deb 32c6dcd55889e6a6cd088a061e88bfca802bcb55 linux-image-unsigned-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb 4277951a2f9ddb6621f03a06287300a88740c6ca linux-image-unsigned-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb 75ab763d01a5a111f6547ea0d08e148fe7f4a7e6 linux-libc-dev_4.4.0-271.305_amd64.deb dfefc94512c4983462e6db0dea20c096ef854aa0 linux-lowlatency_4.4.0.271.305_amd64.deb 6fe956ec287da42d5bea4a3079c922683236f95e linux-modules-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb 895d806a8e487f3731c417599af14bf9eb41e239 linux-modules-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb f34882bbb3faa1c377205e3ca02ce95f08dacbb8 linux-modules-extra-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb c293708875ab0f4eb09bbe601d197abc5c6fe597 linux-source_4.4.0.271.305_all.deb 2c1d31bfa3adf2bd3b7c1b0f3cd1e407381dffa1 linux-source-4.4.0_4.4.0-271.305_all.deb 9e23203728f14702855d42f6a0f2a5a59376b5c6 linux-tools-4.4.0-271-tuxcare.els42_4.4.0-271.305_amd64.deb e0170ece13ca81c6b279c94288ead54fc2e6f841 linux-tools-4.4.0-271-tuxcare.els42-generic_4.4.0-271.305_amd64.deb c8bc7c1eb6bad9d1f0fcb26522ac10555dfb2eb5 linux-tools-4.4.0-271-tuxcare.els42-lowlatency_4.4.0-271.305_amd64.deb cc35fce0a3c20c1c3bf21962408acad14a639a8f linux-tools-common_4.4.0-271.305_all.deb 74adc64ef3a041890ef6697af2b6403d8e82d61a linux-tools-generic_4.4.0.271.305_amd64.deb f76aa81d18663505f639158a8dd7489159c8993b linux-tools-host_4.4.0-271.305_all.deb e3addd90a5b269071f2738a6d755b1f499c7e14e linux-tools-lowlatency_4.4.0.271.305_amd64.deb b1ff92d403ea56a518d1658bb65b262ee02fb001 CLSA-2025:1739812242 TuxCare License Agreement 0 * SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 * debian/control: add package Recommends to krb5-doc Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 * debian/control: add package Recommends to krb5-doc

0 tuxcare-ubuntu16.04-els krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 828aaed5c18283a3150d82fa1e5cbd0740967de9 krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_all.deb 383b511a7f6486c838323863b5e91d7c1bf3c7e6 krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 3ae00970ffb45a4aaee2aa7d7f92356552dcda33 krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 2bfd28211ae3da2ed08158ad4560c8ed03c9ff9b krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb d35d897b48a4938d2593c1c60641a1c97822a0b8 krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 0d0a63ec73c5bea6f14652f1aa6f86f33e143331 krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_all.deb 4f252c4fde5c8a0415367601337b2521739947d3 krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 4fd5ab090f208ae2f0b623ecfe855fb15c82d4d2 krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 9f69ee204dddd4454c68f9c5421b7ed3c8440f85 krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 6ad08dd4ed2dfe8ac3100b8d62c148f44f642727 krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 56a7fec96134170c647118752cd791cccfe0e32e libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 172d0b5a4cd5b80047e86eeb33c131a52c6490fa libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb c5475a2aa2ff8460ae6c60b851953572e789c620 libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 58da5b1103b3b515798aab7b20f8707fee703b13 libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 57a96ddbd81a93ce87767e38bc9e4c505df54089 libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb e269997f469e967d03a40b555ec52c04ca048714 libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb c273a7894efabb4133b8de153474b264e04b35c5 libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 6ace738deb6673a53abb86e49a4b42818674f78a libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb f3fab277b7a02dd1499348b16db0141f18be769f libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 83b7a5e4d63c8737038a9399a90fb069ad552518 libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb f828439341162250416f36ab10c187fa9449be9d libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els5_amd64.deb 936a3315ceddd167545ad4543b7ad0cd44f8137d CLSA-2025:1740230077 TuxCare License Agreement 0 * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile header parsing - debian/patches/CVE-2024-6232.patch: Fix header parsing vulnerability that could lead to ReDoS - CVE-2024-6923 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile header parsing - debian/patches/CVE-2024-6232.patch: Fix header parsing vulnerability that could lead to ReDoS - CVE-2024-6923

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_all.deb a6a0ca992469165ae891ef1fd9d7b3b4cf90b4a9 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb 20b2fea26cdbed9df7bb27febca6533b492e27ae libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb a5cd2fa8761f966ecb38529b72510f02e734256e libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb e038a7ce7951bbe4fc2bd062867980d63e8ba4a4 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb 17ad0ecf63ef6b9e9b4123661955430c551a1852 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_all.deb d91a113770b5558c3f0a872a271f4cb3bfbdab0a python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb 5308198b0a014958ff0b681176c224a73c1e4fe2 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb 2e2a190088acfb2a6f770ebf037a01029e14a370 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_all.deb 3df45d7ba440f323de56d7fb3da2139c9fe39eff python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_all.deb 8810dbc0b2f2443b69e70783828f240391620ed3 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb 43715c7003222f4a881b140c118cbd0d8a746d73 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els16_amd64.deb 38dbda9a80a30a5d7360d2f7129c3ed5ae5d499f CLSA-2025:1740470259 TuxCare License Agreement 0 * SECURITY UPDATE: insufficient space allocation in assert() function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abort_msg_s struct to store the length of the message string - CVE-2025-0395 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insufficient space allocation in assert() function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abort_msg_s struct to store the length of the message string - CVE-2025-0395

0 tuxcare-ubuntu16.04-els glibc-doc_2.23-0ubuntu11.5+tuxcare.els9_all.deb 5ee7e68a9ae06450ce62bedd14453cff637cdf24 glibc-source_2.23-0ubuntu11.5+tuxcare.els9_all.deb 5472e73143ee89827eb6d4f3759eb04af56220ca libc-bin_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 03b9ab62a9983bb8b3fb69f935f44317b03cfba5 libc-dev-bin_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 5d2e53c93a29faf34d4c5021bd85c88f6c46cca5 libc6_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 824135be15b580c921820b021d335e1b77c59d36 libc6-dev_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 96b5a37037d1fbd8ad3b59d0b484ff093755e109 libc6-dev-i386_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb bf22a48cdd43cb7f600cddf194644b7155f211ab libc6-dev-x32_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb f9909d479919804d7b40c16a0b82d192c565761c libc6-i386_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 6ccecf04f48ec8d5047262ce201b2c11093196ad libc6-pic_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 87dffdc9e833adc8cd489b6f673ce6e30155c550 libc6-x32_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb cd69f19243d926669f084c4d4b41adfcc479a9ba locales_2.23-0ubuntu11.5+tuxcare.els9_all.deb e8533ead41a88ad3a8f0d2a1e0bef44dee51d55c locales-all_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb 168f61b9f91912ff071024ddfd012a65e927b39c multiarch-support_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb e8e3c86a02a06b992da7e8c0f77121691503c692 nscd_2.23-0ubuntu11.5+tuxcare.els9_amd64.deb ad0f6117fbb0bc119e70b1f77103c868671480eb CLSA-2025:1740645307 TuxCare License Agreement 0 * SECURITY UPDATE: Ability to modify permissions with privileged programs - debian/patches/CVE-2023-6597.patch: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2023-6597 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ability to modify permissions with privileged programs - debian/patches/CVE-2023-6597.patch: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2023-6597

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_all.deb 36ad7a3b88b8ae15fada09c3c2a2745a4f21fff2 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 14f7fc382a3501bf831a6419ef2657bdf2de90da libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 2d601d4c0b80c69781243f5a93d98b7b0bb2e3e8 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 8c2d9ca60089974dfe2b3234190cb812719570e9 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 1aeee0f51323841857ea03939ee16b4abe07954f libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_all.deb 0e31480094a043025b5542724ccee2df1022f652 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 44734c25aec9836059af7e69efe5fce501168824 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 0e8598093337e701e55548b7680aa64da996b56f python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_all.deb 067bb27299e1b1d97803d9da468550e152055cc6 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_all.deb 4ac7403872eb63a7191837b7f2689ec56760a270 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb 13a6cbf567de1f7a779d0be81e21207c686cff88 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els17_amd64.deb d2ca13326257bef085fb01daa81fb237413769cd CLSA-2025:1741216285 TuxCare License Agreement 0 * SECURITY UPDATE: PPD injection issues - debian/patches/CVE-2024-47175.patch: sanitize make and model, PPDize preset and template names in cups/ppd-cache.c - CVE-2024-47175 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: PPD injection issues - debian/patches/CVE-2024-47175.patch: sanitize make and model, PPDize preset and template names in cups/ppd-cache.c - CVE-2024-47175

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 606fb64c8836bfe8372b7976cfc9b7cc5e3d2949 cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 6aa8605c2ee196690a13fc204973211bb2d2356f cups-client_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 77b595a0cbb949a776058eab7286f7b805963c1e cups-common_2.1.3-4ubuntu0.11+tuxcare.els6_all.deb 502f459d29a79838cd2887b970e2fb1c60e70830 cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 38f8c22cc73133f86c4b8c22d4be8b515d7c4271 cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 5a67c6d3016f514945b3ab0f2d9b5d04b59d5cba cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 8a03ee161f165ff749df3971862621b84f1eb1ea cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb f8e4cc18eab140d9f93e68ea4ea1076a803d1074 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els6_all.deb 96129efdb287067b7a1d5fc36ff5679e42f37749 libcups2_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 8950d0a3d08636ac104a62ed16917b819816a21d libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb f67b00410b765f2dd2a489804b8eac10f9d195e3 libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb e09abf53bfa6bbc1cbcf6ae1d3b7b75b8aae3fa3 libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 42664857db175d5b942d1ee06e6d0e4e8df83c53 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb d5af6a0356edd0b350bc548837b192fe907a239d libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 46e86737054fc8046e27c71779d98861e3f3f543 libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 2e7a00ec9bc9a5c9ec88ab8a9ae2203694043b2b libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 2fe5ad485cbb113e04dd55148e9c7e8c701e3e47 libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb d2bb17364954706276c34dcb15a0ec915f599bc6 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els6_amd64.deb 692ddb177202fd7782f2630619b9f27029f932a0 CLSA-2025:1741216500 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-02-11: - New microcodes: sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952 sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032 sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496 sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 * SECURITY UPDATE: - CVE-2024-31068 (INTEL-SA-01166) - CVE-2024-36293 (INTEL-SA-01213) - CVE-2024-39279 (INTEL-SA-01139) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-02-11: - New microcodes: sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952 sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032 sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496 sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 * SECURITY UPDATE: - CVE-2024-31068 (INTEL-SA-01166) - CVE-2024-36293 (INTEL-SA-01213) - CVE-2024-39279 (INTEL-SA-01139)

0 tuxcare-ubuntu16.04-els intel-microcode_3.20250211.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb a2df4a58943be53deaae3d98a3fd4bba7aab5ae1 CLSA-2025:1741286239 TuxCare License Agreement 0 * SECURITY UPDATE: buffer over-read in xmlHTMLPrintFileContext - debian/patches/CVE-2024-34459.patch: Fix buffer overread with `xmllint --htmlout` by adding a missing bounds check - CVE-2024-34459 * SECURITY UPDATE: use-after-free vulnerability in xinclude.c - debian/patches/CVE-2022-49043.patch: Fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free - CVE-2022-49043 * SECURITY UPDATE: stack-based buffer overflow in xmlSnprintfElements in valid.c - debian/patches/CVE-2025-24928.patch: Fix stack-buffer-overflow in xmlSnprintfElements caused by improperly calculating qname length - CVE-2025-24928 * SECURITY UPDATE: NULL pointer dereference in xmlPatMatch in pattern.c - debian/patches/CVE-2025-27113.patch: Fix compilation of explicit child axis to generate XML_OP_ELEM like the case without an axis - CVE-2025-27113 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer over-read in xmlHTMLPrintFileContext - debian/patches/CVE-2024-34459.patch: Fix buffer overread with `xmllint --htmlout` by adding a missing bounds check - CVE-2024-34459 * SECURITY UPDATE: use-after-free vulnerability in xinclude.c - debian/patches/CVE-2022-49043.patch: Fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free - CVE-2022-49043 * SECURITY UPDATE: stack-based buffer overflow in xmlSnprintfElements in valid.c - debian/patches/CVE-2025-24928.patch: Fix stack-buffer-overflow in xmlSnprintfElements caused by improperly calculating qname length - CVE-2025-24928 * SECURITY UPDATE: NULL pointer dereference in xmlPatMatch in pattern.c - debian/patches/CVE-2025-27113.patch: Fix compilation of explicit child axis to generate XML_OP_ELEM like the case without an axis - CVE-2025-27113 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8_amd64.deb 4f2deffd9e950fbb513c62ab0b6ae7752bd39f1c libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8_amd64.deb 17618ab020c27af4cc298d36acd7b80a8c8f1deb libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8_all.deb d34c631dffd20b6caf5f0e24ada6c5156ffa4aa8 libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8_amd64.deb ce0ee694593e228f485ec35138b21009c3190f28 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els8_amd64.deb 19360b39fd8bce486cac91c59f403e8617921957 CLSA-2025:1742319829 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neigh_periodic_work() * CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211_get_station * CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma buf fence polling * CVE-url: https://ubuntu.com/security/CVE-2024-44931 - gpio: prevent potential speculation leaks in gpio_device_get_desc() * CVE-url: https://ubuntu.com/security/CVE-2024-50229 - nilfs2: fix potential deadlock with newly created symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-50171 - net: systemport: fix potential memory leak in bcm_sysport_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-50233 - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() * CVE-url: https://ubuntu.com/security/CVE-2024-44938 - jfs: Fix shift-out-of-bounds in dbDiscardAG * CVE-url: https://ubuntu.com/security/CVE-2024-50117 - drm/amd: Guard against bad data for ATIF ACPI method * CVE-url: https://ubuntu.com/security/CVE-2024-49902 - jfs: check if leafidx greater than num leaves per dmap tree * CVE-url: https://ubuntu.com/security/CVE-2023-52799 - jfs: fix array-index-out-of-bounds in dbFindLeaf * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: fix power_on vs close race - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-50267 - USB: serial: io_edgeport: fix use after free in debug printk * CVE-url: https://ubuntu.com/security/CVE-2024-50230 - nilfs2: fix kernel bug due to missing clearing of checked flag * CVE-url: https://ubuntu.com/security/CVE-2024-50302 - HID: core: zero-initialize the report buffer * CVE-url: https://ubuntu.com/security/CVE-2024-50180 - fbdev: sisfb: Fix strbuf array overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing - dm cache: fix potential out-of-bounds access on the first resume * CVE-url: https://ubuntu.com/security/CVE-2024-50234 - wifi: iwlegacy: Clear stale interrupts before resuming device * CVE-url: https://ubuntu.com/security/CVE-2024-50301 - security/keys: fix slab-out-of-bounds in key_task_permission * CVE-url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Add __must_check attribute to check_*() helpers - compiler.h: drop fallback overflow checkers - overflow: Allow mixed type arguments - udf: fix uninit-value use in udf_get_fileshortad * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Include header file with SIZE_MAX declaration * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow.h: Add allocation size calculation helpers * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow.h: Add arithmetic shift helper * CVE-url: https://ubuntu.com/security/CVE-2024-53061 - media: s5p-jpeg: prevent buffer overflows * CVE-url: https://ubuntu.com/security/CVE-2024-47809 - dlm: fix possible lkb_resource null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neigh_periodic_work() * CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211_get_station * CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma buf fence polling * CVE-url: https://ubuntu.com/security/CVE-2024-44931 - gpio: prevent potential speculation leaks in gpio_device_get_desc() * CVE-url: https://ubuntu.com/security/CVE-2024-50229 - nilfs2: fix potential deadlock with newly created symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-50171 - net: systemport: fix potential memory leak in bcm_sysport_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-50233 - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() * CVE-url: https://ubuntu.com/security/CVE-2024-44938 - jfs: Fix shift-out-of-bounds in dbDiscardAG * CVE-url: https://ubuntu.com/security/CVE-2024-50117 - drm/amd: Guard against bad data for ATIF ACPI method * CVE-url: https://ubuntu.com/security/CVE-2024-49902 - jfs: check if leafidx greater than num leaves per dmap tree * CVE-url: https://ubuntu.com/security/CVE-2023-52799 - jfs: fix array-index-out-of-bounds in dbFindLeaf * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: fix power_on vs close race - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-50267 - USB: serial: io_edgeport: fix use after free in debug printk * CVE-url: https://ubuntu.com/security/CVE-2024-50230 - nilfs2: fix kernel bug due to missing clearing of checked flag * CVE-url: https://ubuntu.com/security/CVE-2024-50302 - HID: core: zero-initialize the report buffer * CVE-url: https://ubuntu.com/security/CVE-2024-50180 - fbdev: sisfb: Fix strbuf array overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing - dm cache: fix potential out-of-bounds access on the first resume * CVE-url: https://ubuntu.com/security/CVE-2024-50234 - wifi: iwlegacy: Clear stale interrupts before resuming device * CVE-url: https://ubuntu.com/security/CVE-2024-50301 - security/keys: fix slab-out-of-bounds in key_task_permission * CVE-url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Add __must_check attribute to check_*() helpers - compiler.h: drop fallback overflow checkers - overflow: Allow mixed type arguments - udf: fix uninit-value use in udf_get_fileshortad * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Include header file with SIZE_MAX declaration * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow.h: Add allocation size calculation helpers * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461) // CVE- url: https://ubuntu.com/security/CVE-2024-50143 - overflow.h: Add arithmetic shift helper * CVE-url: https://ubuntu.com/security/CVE-2024-53061 - media: s5p-jpeg: prevent buffer overflows * CVE-url: https://ubuntu.com/security/CVE-2024-47809 - dlm: fix possible lkb_resource null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb 4439900e3769f51d8387166d2bde2e091ce9106c linux-buildinfo-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb abf86c62f500b5640b72bed61e3fcdce966e48e2 linux-cloud-tools-4.4.0-272-tuxcare.els43_4.4.0-272.306_amd64.deb 1e1f96e6274d93881889eed37bc975df2a1b0214 linux-cloud-tools-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb d7e64694e34d6c09eb2ed50ffab80905aa8e9d67 linux-cloud-tools-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb 7eea9bc6e4ec25881f1e6351ab5225dc1a5c78d7 linux-cloud-tools-common_4.4.0-272.306_all.deb 7f6b258e65233bdf91a4aebe1f041cfd97cbe527 linux-cloud-tools-generic_4.4.0.272.306_amd64.deb ab14296ac71f8660b199f4f2cfb539a5b8e518b7 linux-cloud-tools-lowlatency_4.4.0.272.306_amd64.deb f95974cfc737cbccb46b4f8e6a1aea0265bb0702 linux-crashdump_4.4.0.272.306_amd64.deb 394d2e94fdc3e40dd7e113409267b55bcf4fa4e4 linux-doc_4.4.0-272.306_all.deb dbff9eea06d955ef0bb0c5a63cd938d77357110f linux-generic_4.4.0.272.306_amd64.deb 9adffca621f732ce08f3c9d3e2596bc74d3b14a9 linux-headers-4.4.0-272-tuxcare.els43_4.4.0-272.306_all.deb f41e8cddc7dbf130e9eb65d2c38ed01b21a1c2b3 linux-headers-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb 58c8042ba0d71698bb43e27e6ddf682630779f23 linux-headers-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb 7d8775776927420d41bb509cb667aad5b6d802ba linux-headers-generic_4.4.0.272.306_amd64.deb 4ad76f65048277af04cba4f2cd6aabd3879f96a5 linux-headers-lowlatency_4.4.0.272.306_amd64.deb 54a7064bbb9af0681839ed46985caf6002daee54 linux-image-generic_4.4.0.272.306_amd64.deb a2916671b21dc77dcc50efc3c4ce014f9671b644 linux-image-lowlatency_4.4.0.272.306_amd64.deb 9c5534c6c439d195bf6944b1025a97e64aa6cf08 linux-image-unsigned-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb b52985b58598ea812abff8653afa3751c3f07d8e linux-image-unsigned-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb 84387e0fb0cf9d795693ec57a67021c1f7c86c8c linux-libc-dev_4.4.0-272.306_amd64.deb 3b4fa6834e40fb54cfa953d60be00dbea1722b0d linux-lowlatency_4.4.0.272.306_amd64.deb 836b85c5b58653f892b20f5b0dc670478ecae9af linux-modules-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb 6afe7008c05c814a185ee04583cf90a0b1b4a45e linux-modules-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb e1fe3bd43b52d7dad91906c289f072fad0fc6920 linux-modules-extra-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb 6cb018d638c9fc4e41dcfa4b9adf97602e2333c0 linux-source_4.4.0.272.306_all.deb c0e0211ce594bf5cfc50e7ee5c9d8c6b1dd0d605 linux-source-4.4.0_4.4.0-272.306_all.deb 54600b105ca124f21f279e76517ef0f33ee65abc linux-tools-4.4.0-272-tuxcare.els43_4.4.0-272.306_amd64.deb fee5eb53051c35a2087037a7fa3dc0db11ab75c2 linux-tools-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb 150c493ae28350be16eed17952d3bb4838f63d5c linux-tools-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb 0f7b3fc34d8b0bda0fb73546575b8aefb172d475 linux-tools-common_4.4.0-272.306_all.deb 7071f000a6e925eabc0967a0a61961bf8289d9ef linux-tools-generic_4.4.0.272.306_amd64.deb aa71b0ad2f87e418232b2c18aa3c16709f5bba45 linux-tools-host_4.4.0-272.306_all.deb 24779e823af7dad4252b4f8295e95e9f36c38fc7 linux-tools-lowlatency_4.4.0.272.306_amd64.deb 11f2dc116c8df9c7d7d383819e08181ed1d823e1 CLSA-2025:1742320596 TuxCare License Agreement 0 * Bump ABI 4.4.0-272 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-272

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.272.306_amd64.deb ab14296ac71f8660b199f4f2cfb539a5b8e518b7 linux-cloud-tools-lowlatency_4.4.0.272.306_amd64.deb f95974cfc737cbccb46b4f8e6a1aea0265bb0702 linux-crashdump_4.4.0.272.306_amd64.deb 394d2e94fdc3e40dd7e113409267b55bcf4fa4e4 linux-generic_4.4.0.272.306_amd64.deb 9adffca621f732ce08f3c9d3e2596bc74d3b14a9 linux-headers-generic_4.4.0.272.306_amd64.deb 4ad76f65048277af04cba4f2cd6aabd3879f96a5 linux-headers-lowlatency_4.4.0.272.306_amd64.deb 54a7064bbb9af0681839ed46985caf6002daee54 linux-image-generic_4.4.0.272.306_amd64.deb a2916671b21dc77dcc50efc3c4ce014f9671b644 linux-image-lowlatency_4.4.0.272.306_amd64.deb 9c5534c6c439d195bf6944b1025a97e64aa6cf08 linux-lowlatency_4.4.0.272.306_amd64.deb 836b85c5b58653f892b20f5b0dc670478ecae9af linux-source_4.4.0.272.306_all.deb c0e0211ce594bf5cfc50e7ee5c9d8c6b1dd0d605 linux-tools-generic_4.4.0.272.306_amd64.deb aa71b0ad2f87e418232b2c18aa3c16709f5bba45 linux-tools-lowlatency_4.4.0.272.306_amd64.deb 11f2dc116c8df9c7d7d383819e08181ed1d823e1 CLSA-2025:1742379028 TuxCare License Agreement 0 * SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE: Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938 * SECURITY UPDATE: Incorrent information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private” in ipaddress module - debian/patches/CVE-2024-4032.patch: fix "private" (non-global) IP address ranges - CVE-2024-4032 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE: Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938 * SECURITY UPDATE: Incorrent information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private” in ipaddress module - debian/patches/CVE-2024-4032.patch: fix "private" (non-global) IP address ranges - CVE-2024-4032

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb 261001ccee00441aba5f6248b4007c993dfb8451 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb 3fa5a4fbf0368ddcdc1b93d83ee265028e4a5afc libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb 63ce68a8ceb8eeca73e30e51efbb07fe9b9abc16 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb 88ded98c931aa00de890916a54dd8193673a4118 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb 430fec4662ab1aad803c71393bf8f9bd71f86fb5 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb 0865460480df741db55f832f8d5a3ec94eeea2e9 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb 9515aa240afa39088caf4e7d6056c9fbb84accdc python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb d5e597257a00045dcb6564fa5c50d6aeb64ecffb python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb 31f0eaa04660e878bb470218b97b5049069d7f3e python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb ba313fa15c7c3e01c8153fe223e67df2a551d5dc python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb edaa88d70963700ced34327603ecafb934711064 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb b6fd34db1463a97eaf44f9ee5383d74bdf7c68b1 CLSA-2025:1742379365 TuxCare License Agreement 0 * SECURITY UPDATE: stack-based buffer overflow via manipulation of argument - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow at objdump disassemble_bytes by restricting insn_width to range 1-49 - CVE-2025-0840 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack-based buffer overflow via manipulation of argument - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow at objdump disassemble_bytes by restricting insn_width to range 1-49 - CVE-2025-0840

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 2060c1bf443cbf331d7bea4b7407feae5792c0a6 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb f417347c4cee565d4af27c8db81595deaa3741fe binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb c698a285a0474e278e17e048ad98d94959070692 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 85a61a625739d86b473d426a1dfa5dd28f5ffa38 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 65a57ad2c1f5442b165058731c60df7d032148c6 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 98b7a7df180ed164c973733dd9c86ee9ddd30cca binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_all.deb 2950cf0338bb51de10ff167ad039d90139116b72 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb f09c059fe91d6a7c3d606e7138b3ea9f5ee95871 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 9d3db8d7e8d636edaa902105f5722f1356ef292b binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 3b5d61523c509204182521b44bf05cae5471cce1 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb a8f8d7d6e717579ad88e0accea69821b5d9cb54a binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 83ea38705c49fbb1b67728e3f71f1d5180b4181e binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 85b9e3c97bb3c8ec6d3c353d2ffe8b87d8ad74fd binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 6f06c66f96b724b841ba1b02ca9f999592d7c845 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 4f68c2ef446dd2f6193782595107befa655c791b binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 1c69add5cd3272b7d4ae8cbbaadd61717eb835c7 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 84b3d6ea19c896fc38c1e6306912d0fa9e4cbd62 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 2bd907ee0eaf7a7059973c17fe7786d2ede3ce41 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb fac6e44707ddba18ca9076880ae1cbc8d60e7389 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 466284d6290d3c70188acf5b13f7564409895a70 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 89a4745edf1e43e8372cac13315bbfc4a4e5270e binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 6393f11762bd34fabe54a1238d9b10a9435a85f4 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_all.deb 547d92c0e3e9a13cda45c4e0f9d4dad3accc0c56 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els13_amd64.deb 1f5b1dbe2b768a166796e186529e0544774202d7 CLSA-2025:1742466441 TuxCare License Agreement 0 * SECURITY UPDATE: Incorrect path quoting in venv allows command injection - debian/patches/CVE-2024-9287.patch: Quote template strings in venv activation - CVE-2024-9287 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incorrect path quoting in venv allows command injection - debian/patches/CVE-2024-9287.patch: Quote template strings in venv activation - CVE-2024-9287

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_all.deb 45bcaed918f0344fc53a4abd31a7b8ac900ef9a2 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb 6833a008e12fe7c575bd763945f4876ab467f041 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb cba554c663872979018528753bea55142f3569da libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb 98b600a17098f750c721d8ac3405c27a63332914 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb 33627bcc620b42a0668ea46df656e084d6fc0811 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_all.deb 2c1ad06b6ffcd350069202f868a0dbb5652837a8 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb 38d0ce00a83bbc0f1c06f1a30dec7b10dcc52a73 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb b557661d0650773686fd208ae153e58480fe8290 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_all.deb a36ac53f8d725fb5bf37fe2c25163c22a9d6fba2 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_all.deb c5f5899b450dfeb8066b6a8b0001fd2a6ec87491 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb 43537ea05afbb573d90463f6041c986a4d468284 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els18_amd64.deb 9b942b391013ea760b1bd6e5d7dd41b23157710d CLSA-2025:1742471210 TuxCare License Agreement 0 * SECURITY UPDATE: PostgreSQL libpq incorrect neutralization of quoting syntax allows SQL injection - debian/patches/CVE-2025-1094.patch: Add full encoding validation in libpq data-quoting functions. - CVE-2025-1094 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: PostgreSQL libpq incorrect neutralization of quoting syntax allows SQL injection - debian/patches/CVE-2025-1094.patch: Add full encoding validation in libpq data-quoting functions. - CVE-2025-1094

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 960522587ee1da08560560ea22545b869b6eabbc libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 8f1ca57af1cdcde55619a1f7c9480c4bc5c2bca6 libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb f07ee0882b57e224df39ca8684666b5f3e78e06c libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb d2d3bdb15efda90e9671962155742906b4217a95 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 54656452e4844b46b7256258a2d6a60aecdf9f0b libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 4a107411261e0d845ebe8e15adc582e36b18b6c6 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 238165dd152498f93aea1868d8b1eb0c04eb2eca postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb bada3c97c04e35d0ab5ad0dad6fb023266d63902 postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 5dfc705539a2447156d971eff777de93c091fb21 postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_all.deb e3a249fb895dfafd81548ffaf4d3c7dd2c621cac postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 3738920202cd0ef580d7c28387d895ea025ad304 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 12d3df2619a3dda0acae1225698632ce6d45f2fd postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb b038065d54a59ee9eb1cf9bfe3fc1f0029128742 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 013b63a20c56204db5909d36a5138011a877ca74 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els9_amd64.deb 036b793f69fb7b568abad83ad59455fba0ee5780 CLSA-2025:1742472067 TuxCare License Agreement 0 * SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465

0 tuxcare-ubuntu16.04-els openssh-client_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb 70d74afc8a56f83a372686fb2e0f218a548c3e05 openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb c746d0b0a3c6937c5b1d471d5f77de058a34c0ad openssh-server_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb 44da2fe8dbfa219b8e10b292ca8d48eb1880701a openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb 25e59fca151feb77e71be3f253831199d8405155 ssh_7.2p2-4ubuntu2.10+tuxcare.els7_all.deb 909bb58297c5f0897ff6306e1230be731e5ba034 ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb cb6b90418c74648f18d2062628fc7947c5a6988f ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els7_all.deb 59ed760761623d5269b45dde37a31d143fb1e137 CLSA-2025:1742577500 TuxCare License Agreement 0 * SECURITY UPDATE: Possible inject of arbitrary data into third-party executables or plug-ins - debian/patches/CVE-2017-12166.patch: Fix an out-of-bounds issue preventing potential stack overflow - CVE-2017-12166 * UPDATE CERTIFICATES: Renew sample keys - debian/patches/sample-keys-renew.patch: Renew sample keys for 10 years Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Possible inject of arbitrary data into third-party executables or plug-ins - debian/patches/CVE-2017-12166.patch: Fix an out-of-bounds issue preventing potential stack overflow - CVE-2017-12166 * UPDATE CERTIFICATES: Renew sample keys - debian/patches/sample-keys-renew.patch: Renew sample keys for 10 years

0 tuxcare-ubuntu16.04-els openvpn_2.3.10-1ubuntu2.2+tuxcare.els2_amd64.deb ce7d2f1c98af2da0c7a59c07c962125680c1894a CLSA-2025:1744116044 TuxCare License Agreement 0 * SECURITY UPDATE: improper verification of key fingerprints in apt_key module - debian/patches/CVE-2016-8614.patch: fix use of long key IDs for delete, check for key_id presence and fix key_id length for verification. Fix reversed order of return values in parse_key_id function - CVE-2016-8614 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper verification of key fingerprints in apt_key module - debian/patches/CVE-2016-8614.patch: fix use of long key IDs for delete, check for key_id presence and fix key_id length for verification. Fix reversed order of return values in parse_key_id function - CVE-2016-8614

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els1_all.deb 6478c334db520d0fdfa80556ea90c349f7ff47d4 CLSA-2025:1744628190 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability in logging credentials at DEBUG level - debian/patches/CVE-2019-14846.patch: Fix plugins leaking boto credentials to logs by switching logging level to INFO - CVE-2019-14846 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability in logging credentials at DEBUG level - debian/patches/CVE-2019-14846.patch: Fix plugins leaking boto credentials to logs by switching logging level to INFO - CVE-2019-14846

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els2_all.deb 579159458b357cca4ce4fc9eade72d47ae384af8 CLSA-2025:1744713316 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26872 - RDMA/srpt: Do not register event handler until srpt device is fully setup * CVE-url: https://ubuntu.com/security/CVE-2024-53179 - smb: client: fix use-after-free of signing key * CVE-url: https://ubuntu.com/security/CVE-2021-47357 - atm: iphase: fix possible use-after-free in ia_module_exit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2021-47103 - inet: fully convert sk->sk_rx_dst to RCU rules * CVE-url: https://ubuntu.com/security/CVE-2025-21858 - geneve: Fix use-after-free in geneve_find_dev(). * CVE-url: https://ubuntu.com/security/CVE-2024-36921 - wifi: iwlwifi: mvm: guard against invalid STA ID on removal * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49478 - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init * CVE-url: https://ubuntu.com/security/CVE-2023-52621 - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers * CVE-url: https://ubuntu.com/security/CVE-2025-21855 - ibmvnic: Don't reference skb after sending to VIOS * CVE-url: https://ubuntu.com/security/CVE-2021-47110 - x86/kvm: Disable kvmclock on all CPUs on shutdown * CVE-url: https://ubuntu.com/security/CVE-2024-57980 - media: uvcvideo: Fix double free in error path * CVE-url: https://ubuntu.com/security/CVE-2025-21718 - net: rose: fix timer races against user threads * CVE-url: https://ubuntu.com/security/CVE-2025-21735 - NFC: nci: Add bounds checking in nci_hci_create_pipe() * CVE-url: https://ubuntu.com/security/CVE-2023-52805 - jfs: fix array-index-out-of-bounds in diAlloc * CVE-url: https://ubuntu.com/security/CVE-2023-52847 - media: bttv: fix use after free error due to btv->timeout timer * CVE-url: https://ubuntu.com/security/CVE-2024-41014 - xfs: add bounds checking to xlog_recover_process_data * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48702 - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48701 - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-26982 - Squashfs: check the inode number is not the invalid value of zero * CVE-url: https://ubuntu.com/security/CVE-2024-56548 - hfsplus: don't query the device logical block size multiple times * CVE-url: https://ubuntu.com/security/CVE-2024-57850 - jffs2: Prevent rtime decompress memory corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49982 - aoe: fix the potential use-after-free problem in more places * CVE-url: https://ubuntu.com/security/CVE-2025-21687 - vfio/platform: check the bounds of read/write syscalls * CVE-url: https://ubuntu.com/security/CVE-2024-56539 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() * CVE-url: https://ubuntu.com/security/CVE-2024-53680 - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() * CVE-url: https://ubuntu.com/security/CVE-2024-56630 - ocfs2: free inode when ocfs2_get_init_inode() fails * CVE-url: https://ubuntu.com/security/CVE-2024-53184 - um: ubd: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57884 - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() * CVE-url: https://ubuntu.com/security/CVE-2024-56597 - jfs: fix shift-out-of-bounds in dbSplit * CVE-url: https://ubuntu.com/security/CVE-2025-21664 - dm thin: make get_first_thin use rcu-safe list first function * CVE-url: https://ubuntu.com/security/CVE-2024-56594 - drm/amdgpu: set the right AMDGPU sg segment limitation * CVE-url: https://ubuntu.com/security/CVE-2024-52332 - igb: Fix potential invalid memory access in igb_init_module() * CVE-url: https://ubuntu.com/security/CVE-2024-53172 - ubi: fastmap: Fix duplicate slab cache names while attaching * CVE-url: https://ubuntu.com/security/CVE-2024-56532 - ALSA: us122l: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53183 - um: net: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57948 - mac802154: check local interfaces before deleting sdata list * CVE-url: https://ubuntu.com/security/CVE-2024-57904 - iio: adc: at91: call input_free_device() on allocated iio_dev * CVE-url: https://ubuntu.com/security/CVE-2024-56637 - netfilter: ipset: Hold module reference while requesting a module * CVE-url: https://ubuntu.com/security/CVE-2024-53214 - vfio/pci: Properly hide first-in-list PCIe extended capability * CVE-url: https://ubuntu.com/security/CVE-2024-56700 - media: wl128x: Fix atomicity violation in fmc_send_cmd() * CVE-url: https://ubuntu.com/security/CVE-2024-56531 - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53194 - PCI: Fix use-after-free of slot->bus on hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-56619 - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2021-47636 - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49058 - cifs: potential buffer overflow in handling symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-5317 - nfsd: make sure exp active before svc_export_show * CVE-url: https://ubuntu.com/security/CVE-2024-53174 - SUNRPC: make sure cache entry active before cache_show * CVE-url: https://ubuntu.com/security/CVE-2021-47219 - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() * CVE-url: https://ubuntu.com/security/CVE-2024-50269 - usb: musb: sunxi: Fix accessing an released usb phy * CVE-url: https://ubuntu.com/security/CVE-2024-57908 - iio: imu: kmx61: fix information leak in triggered buffer Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26872 - RDMA/srpt: Do not register event handler until srpt device is fully setup * CVE-url: https://ubuntu.com/security/CVE-2024-53179 - smb: client: fix use-after-free of signing key * CVE-url: https://ubuntu.com/security/CVE-2021-47357 - atm: iphase: fix possible use-after-free in ia_module_exit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2021-47103 - inet: fully convert sk->sk_rx_dst to RCU rules * CVE-url: https://ubuntu.com/security/CVE-2025-21858 - geneve: Fix use-after-free in geneve_find_dev(). * CVE-url: https://ubuntu.com/security/CVE-2024-36921 - wifi: iwlwifi: mvm: guard against invalid STA ID on removal * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49478 - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init * CVE-url: https://ubuntu.com/security/CVE-2023-52621 - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers * CVE-url: https://ubuntu.com/security/CVE-2025-21855 - ibmvnic: Don't reference skb after sending to VIOS * CVE-url: https://ubuntu.com/security/CVE-2021-47110 - x86/kvm: Disable kvmclock on all CPUs on shutdown * CVE-url: https://ubuntu.com/security/CVE-2024-57980 - media: uvcvideo: Fix double free in error path * CVE-url: https://ubuntu.com/security/CVE-2025-21718 - net: rose: fix timer races against user threads * CVE-url: https://ubuntu.com/security/CVE-2025-21735 - NFC: nci: Add bounds checking in nci_hci_create_pipe() * CVE-url: https://ubuntu.com/security/CVE-2023-52805 - jfs: fix array-index-out-of-bounds in diAlloc * CVE-url: https://ubuntu.com/security/CVE-2023-52847 - media: bttv: fix use after free error due to btv->timeout timer * CVE-url: https://ubuntu.com/security/CVE-2024-41014 - xfs: add bounds checking to xlog_recover_process_data * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48702 - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE- url: https://ubuntu.com/security/CVE-2022-48701 - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-26982 - Squashfs: check the inode number is not the invalid value of zero * CVE-url: https://ubuntu.com/security/CVE-2024-56548 - hfsplus: don't query the device logical block size multiple times * CVE-url: https://ubuntu.com/security/CVE-2024-57850 - jffs2: Prevent rtime decompress memory corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49982 - aoe: fix the potential use-after-free problem in more places * CVE-url: https://ubuntu.com/security/CVE-2025-21687 - vfio/platform: check the bounds of read/write syscalls * CVE-url: https://ubuntu.com/security/CVE-2024-56539 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() * CVE-url: https://ubuntu.com/security/CVE-2024-53680 - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() * CVE-url: https://ubuntu.com/security/CVE-2024-56630 - ocfs2: free inode when ocfs2_get_init_inode() fails * CVE-url: https://ubuntu.com/security/CVE-2024-53184 - um: ubd: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57884 - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() * CVE-url: https://ubuntu.com/security/CVE-2024-56597 - jfs: fix shift-out-of-bounds in dbSplit * CVE-url: https://ubuntu.com/security/CVE-2025-21664 - dm thin: make get_first_thin use rcu-safe list first function * CVE-url: https://ubuntu.com/security/CVE-2024-56594 - drm/amdgpu: set the right AMDGPU sg segment limitation * CVE-url: https://ubuntu.com/security/CVE-2024-52332 - igb: Fix potential invalid memory access in igb_init_module() * CVE-url: https://ubuntu.com/security/CVE-2024-53172 - ubi: fastmap: Fix duplicate slab cache names while attaching * CVE-url: https://ubuntu.com/security/CVE-2024-56532 - ALSA: us122l: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53183 - um: net: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57948 - mac802154: check local interfaces before deleting sdata list * CVE-url: https://ubuntu.com/security/CVE-2024-57904 - iio: adc: at91: call input_free_device() on allocated iio_dev * CVE-url: https://ubuntu.com/security/CVE-2024-56637 - netfilter: ipset: Hold module reference while requesting a module * CVE-url: https://ubuntu.com/security/CVE-2024-53214 - vfio/pci: Properly hide first-in-list PCIe extended capability * CVE-url: https://ubuntu.com/security/CVE-2024-56700 - media: wl128x: Fix atomicity violation in fmc_send_cmd() * CVE-url: https://ubuntu.com/security/CVE-2024-56531 - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53194 - PCI: Fix use-after-free of slot->bus on hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-56619 - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2021-47636 - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49058 - cifs: potential buffer overflow in handling symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-5317 - nfsd: make sure exp active before svc_export_show * CVE-url: https://ubuntu.com/security/CVE-2024-53174 - SUNRPC: make sure cache entry active before cache_show * CVE-url: https://ubuntu.com/security/CVE-2021-47219 - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() * CVE-url: https://ubuntu.com/security/CVE-2024-50269 - usb: musb: sunxi: Fix accessing an released usb phy * CVE-url: https://ubuntu.com/security/CVE-2024-57908 - iio: imu: kmx61: fix information leak in triggered buffer

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb 882f7a6c63a6a772f64cc20c9c1acac176f27a05 linux-buildinfo-4.4.0-273-tuxcare.els44-lowlatency_4.4.0-273.307_amd64.deb 9320a3cbbd857fbb6ab408c13ec0b4d517efdd0f linux-cloud-tools-4.4.0-273-tuxcare.els44_4.4.0-273.307_amd64.deb d8706e0e459c3fc9e062223bcbf0a517807cdf4c linux-cloud-tools-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb f41c87658e4b959f29fa549c7b996c1d01e64a94 linux-cloud-tools-4.4.0-273-tuxcare.els44-lowlatency_4.4.0-273.307_amd64.deb 99d6e61a3b685d212df0ad260ef2bb484211bc11 linux-cloud-tools-common_4.4.0-273.307_all.deb b68a3df6296ff316ef6f448fc3238669c7211d71 linux-cloud-tools-generic_4.4.0.273.307_amd64.deb 42e9d0e1d35cadcb7de14ab7aa8b0a88153081d9 linux-cloud-tools-lowlatency_4.4.0.273.307_amd64.deb 9c74cbb174f65b83dbfeb5d2c4db506c0758d679 linux-crashdump_4.4.0.273.307_amd64.deb 3698a5b31b3ce3ba4fc34c66fb557f1321d277a2 linux-doc_4.4.0-273.307_all.deb 25c34748775b01ef2cee0aaf79ba1bf892b5c36a linux-generic_4.4.0.273.307_amd64.deb e6a972ee245c288beb1d4209a824ba9321d4802f linux-headers-4.4.0-273-tuxcare.els44_4.4.0-273.307_all.deb ea78aed96ab70fefcfe367a91d4af715d9a9e67a linux-headers-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb d6d83e0023bd8f89af78ade646e2a7fdc52cf5ca linux-headers-4.4.0-273-tuxcare.els44-lowlatency_4.4.0-273.307_amd64.deb 13368f7441a366cb119951ea4e2f6aacc7abd729 linux-headers-generic_4.4.0.273.307_amd64.deb 50110fea3683c55d4711071bd2ac9b1e18157d73 linux-headers-lowlatency_4.4.0.273.307_amd64.deb a38281858fc5d1b18830cb39a280456e618ba041 linux-image-generic_4.4.0.273.307_amd64.deb 443e3259b2e9bd224b95f11931cbc869b9a91e90 linux-image-lowlatency_4.4.0.273.307_amd64.deb 969984a9c379a4ee1d862599e3f583121626cd00 linux-image-unsigned-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb 8d1f56d8552803b44514e0fa78bda24dc70f8281 linux-image-unsigned-4.4.0-273-tuxcare.els44-lowlatency_4.4.0-273.307_amd64.deb db8e8f709e9c35e251a2d5ef3f4a1b005d0797c0 linux-libc-dev_4.4.0-273.307_amd64.deb 743a3b0b6fe96ca108e175c0d26dcf2f6a02b445 linux-lowlatency_4.4.0.273.307_amd64.deb 962ffa962cc4efc6208eefee4cd6147438eb8ace linux-modules-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb 06edd0ad4ec4292e6f8c7a19f099577b1dcab944 linux-modules-4.4.0-273-tuxcare.els44-lowlatency_4.4.0-273.307_amd64.deb 00eb201a9474565ace3084bb6403297a154db925 linux-modules-extra-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb 9d1599a59d1e9122b7c938908c683ad093f7986a linux-source_4.4.0.273.307_all.deb 48b3ce44e19fc86987c926b2db9dc0d65a788efb linux-source-4.4.0_4.4.0-273.307_all.deb b0ae9d8d92232475993e932d4a8e75b1f4b31b4a linux-tools-4.4.0-273-tuxcare.els44_4.4.0-273.307_amd64.deb ddaab3cb470610b46028971f28172fb66d953e28 linux-tools-4.4.0-273-tuxcare.els44-generic_4.4.0-273.307_amd64.deb b245f42d56a50e8d96644e0b93c79c5a2adad50c linux-tools-4.4.0-273-tuxcare.els44-lowlatency_4.4.0-273.307_amd64.deb 99b93d1fd37a760952b67e77707adab6a5cf9883 linux-tools-common_4.4.0-273.307_all.deb 3865d46e1f417bed9a344e4e4b0ec8c2bc42efa4 linux-tools-generic_4.4.0.273.307_amd64.deb b54b956815c29141243fd1ebb69658c9fe64f70c linux-tools-host_4.4.0-273.307_all.deb a9668f5b98e91c943ee0b52ba51bc78564e2d27f linux-tools-lowlatency_4.4.0.273.307_amd64.deb 64984ab3abc35dc412ba5248e8e93db184d0795d CLSA-2025:1744714100 TuxCare License Agreement 0 * Bump ABI 4.4.0-273 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-273

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.273.307_amd64.deb 42e9d0e1d35cadcb7de14ab7aa8b0a88153081d9 linux-cloud-tools-lowlatency_4.4.0.273.307_amd64.deb 9c74cbb174f65b83dbfeb5d2c4db506c0758d679 linux-crashdump_4.4.0.273.307_amd64.deb 3698a5b31b3ce3ba4fc34c66fb557f1321d277a2 linux-generic_4.4.0.273.307_amd64.deb e6a972ee245c288beb1d4209a824ba9321d4802f linux-headers-generic_4.4.0.273.307_amd64.deb 50110fea3683c55d4711071bd2ac9b1e18157d73 linux-headers-lowlatency_4.4.0.273.307_amd64.deb a38281858fc5d1b18830cb39a280456e618ba041 linux-image-generic_4.4.0.273.307_amd64.deb 443e3259b2e9bd224b95f11931cbc869b9a91e90 linux-image-lowlatency_4.4.0.273.307_amd64.deb 969984a9c379a4ee1d862599e3f583121626cd00 linux-lowlatency_4.4.0.273.307_amd64.deb 962ffa962cc4efc6208eefee4cd6147438eb8ace linux-source_4.4.0.273.307_all.deb 48b3ce44e19fc86987c926b2db9dc0d65a788efb linux-tools-generic_4.4.0.273.307_amd64.deb b54b956815c29141243fd1ebb69658c9fe64f70c linux-tools-lowlatency_4.4.0.273.307_amd64.deb 64984ab3abc35dc412ba5248e8e93db184d0795d CLSA-2025:1744719966 TuxCare License Agreement 0 * SECURITY UPDATE: insufficiently random password generation vulnerability - debian/patches/CVE-2020-10729.patch: Fix issue with caching Jinja2 expressions, only cache results of single variable names - CVE-2020-10729 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insufficiently random password generation vulnerability - debian/patches/CVE-2020-10729.patch: Fix issue with caching Jinja2 expressions, only cache results of single variable names - CVE-2020-10729

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els4_all.deb 13fcc71cbf43ed245134ed095d4d68142012553c CLSA-2025:1744727573 TuxCare License Agreement 0 * SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594

0 tuxcare-ubuntu16.04-els openvpn_2.3.10-1ubuntu2.2+tuxcare.els3_amd64.deb bdeaf69c664b38040e39c701399040b1b0836fd2 CLSA-2025:1745530034 TuxCare License Agreement 0 * SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_all.deb 1cda0aa06b754240a847bb4db638bfde22f6e948 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb b9142b0296474a8e769351d4ba8d03c994d3e0e5 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb e504ae85ad1376e79b6cab91e93dcd3bab37ee35 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb c887e9909006e9f954c723d9d64a86a67c61829d libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb 9b28ea32316f14314ea3f4cafd265b70a6ee0c6f libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_all.deb 561abf1fe99a448f7932cbd564c0568aa12ba4da python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb 5b16bba656f43bfc19a05679c02cecd001bc5f1e python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb 40bf070c6b96047eb2786c6d9e19b4041dd661a7 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_all.deb 754ffa9013f250129f38a54609e55a4e327cefe3 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_all.deb 038ef3a853b64bc7e33ee8420929bbe4442a5a7d python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb c2ec5c75685f1d458c2b23bdea180eacfac58023 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els20_amd64.deb 338b8bf76028376317cd409cea2864bac5ca24d8 CLSA-2025:1746654462 TuxCare License Agreement 0 * SECURITY UPDATE: insecure password handling in svn module - debian/patches/CVE-2020-1739.patch: Update subversion module to provide password securely with --password-from-stdin option to prevent leaking in case of outdated svn versions - CVE-2020-1739 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insecure password handling in svn module - debian/patches/CVE-2020-1739.patch: Update subversion module to provide password securely with --password-from-stdin option to prevent leaking in case of outdated svn versions - CVE-2020-1739

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els5_all.deb 78192e7dc46dfcbda2dcbef5b047ec8c886fb4c1 CLSA-2025:1747430034 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-23041 - xen/gnttab: fix gnttab_end_foreign_access() without page specified * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49850 - nilfs2: fix deadlock in nilfs_count_free_blocks() * CVE-url: https://ubuntu.com/security/CVE-2024-42305 - ext4: check dot and dotdot of dx_root before making dir indexed * CVE-url: https://ubuntu.com/security/CVE-2024-53168 - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket * CVE-url: https://ubuntu.com/security/CVE-2024-26915 - drm/amdgpu: Add check to prevent IH overflow - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit * CVE-url: https://ubuntu.com/security/CVE-2024-56770 - net/sched: netem: account for backlog updates from child qdisc - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47587 - net: systemport: Add global locking for descriptor lifecycle * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46959 - spi: Fix use-after-free with devm_spi_alloc_* * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-53066 - nfs: Fix KMSAN warning in decode_getfattr_attrs() * CVE-url: https://ubuntu.com/security/CVE-2024-49944 - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start * CVE-url: https://ubuntu.com/security/CVE-2024-50237 - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower * CVE-url: https://ubuntu.com/security/CVE-2024-46780 - nilfs2: protect references to superblock parameters exposed in sysfs * CVE-url: https://ubuntu.com/security/CVE-2024-53063 - media: dvbdev: prevent the risk of out of memory access - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set * CVE-url: https://ubuntu.com/security/CVE-2021-47150 - net: fec: fix the potential memory leak in fec_enet_init() * CVE-url: https://ubuntu.com/security/CVE-2024-53140 - netlink: terminate outstanding dump on socket close * CVE-url: https://ubuntu.com/security/CVE-2025-21971 - net_sched: Prevent creation of classes with TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2023-52572 - cifs: Fix UAF in cifs_demultiplex_thread() * CVE-url: https://ubuntu.com/security/CVE-2025-37785 - ext4: fix OOB read when checking dotdot dir * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47277 - kvm: avoid speculation-based attacks from out-of-range memslot accesses * CVE-url: https://ubuntu.com/security/CVE-2022-49740 - wifi: brcmfmac: Check the count value of channel spec to prevent out-of- bounds reads * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49404 - RDMA/hfi1: Fix potential integer multiplication overflow errors * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2022-49757 - EDAC/highbank: Fix memory leak in highbank_mc_probe() * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49395 - um: Fix out-of-bounds read in LDT setup * CVE-url: https://ubuntu.com/security/CVE-2022-49738 - f2fs: fix to do sanity check on summary info - f2fs: should put a page when checking the summary info - f2fs: fix to do sanity check on i_extra_isize in is_alive() * CVE-url: https://ubuntu.com/security/ - ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules * CVE-url: https://ubuntu.com/security/CVE-2025-21891 - ipvlan: ensure network headers are in skb linear part * CVE-url: https://ubuntu.com/security/CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd * CVE-url: https://ubuntu.com/security/CVE-2025-21957 - scsi: qla1280: Fix kernel oops when debug level > 2 * CVE-url: https://ubuntu.com/security/CVE-2025-21948 - HID: appleir: Fix potential NULL dereference at raw event handle * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52989 - firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52932 - mm/swapfile: add cond_resched() in get_swap_pages() * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2023-53015 - HID: betop: check shape of output reports * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2023-52993 - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL * CVE-url: https://ubuntu.com/security/CVE-2025-21912 - gpio: rcar: Use raw_spinlock to protect register access * CVE-url: https://ubuntu.com/security/CVE-2025-21922 - ppp: Fix KMSAN uninit-value warning with bpf * CVE-url: https://ubuntu.com/security/CVE-2025-21959 - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52988 - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() * CVE-url: https://ubuntu.com/security/CVE-2025-21996 - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() * CVE-url: https://ubuntu.com/security/CVE-2025-21917 - usb: renesas_usbhs: Flush the notify_hotplug_work * CVE-url: https://ubuntu.com/security/CVE-2023-53001 - drm/drm_vma_manager: Add drm_vma_node_allow_once() * CVE-url: https://ubuntu.com/security/CVE-2025-21920 - vlan: enforce underlying device type * CVE-url: https://ubuntu.com/security/CVE-2025-21904 - caif_virtio: fix wrong pointer check in cfv_probe() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47320 - net: caif: added cfserl_release function - net: caif: add proper error handling - net: caif: fix memory leak in caif_device_notify * CVE-url: https://ubuntu.com/security/CVE-2021-47342 - ext4: fix memory leak in ext4_fill_super - ext4: fix timer use-after-free on failed mount * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47320 - nfs: fix acl memory leak of posix_acl_create() * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47602 - mac80211: track only QoS data frames for admission control * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2025-21702 - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 * CVE-url: https://ubuntu.com/security/CVE-2024-56658 - net: defer final 'struct net' free in netns dismantle * CVE-url: https://ubuntu.com/security/CVE-2024-50265 - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46826 - ELF: fix kernel.randomize_va_space double read * CVE-url: https://ubuntu.com/security/CVE-2025-21700 - net: sched: Disallow replacing of child qdisc from one parent to another * CVE-url: https://ubuntu.com/security/CVE-2024-50167 - be2net: fix potential memory leak in be_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-49952 - netfilter: nf_tables: prevent nf_skb_duplicated corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49948 - net: add more sanity checks to qdisc_pkt_len_init() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE- url: https://ubuntu.com/security/CVE-2022-23041 - xen/gnttab: fix gnttab_end_foreign_access() without page specified * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49850 - nilfs2: fix deadlock in nilfs_count_free_blocks() * CVE-url: https://ubuntu.com/security/CVE-2024-42305 - ext4: check dot and dotdot of dx_root before making dir indexed * CVE-url: https://ubuntu.com/security/CVE-2024-53168 - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket * CVE-url: https://ubuntu.com/security/CVE-2024-26915 - drm/amdgpu: Add check to prevent IH overflow - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit * CVE-url: https://ubuntu.com/security/CVE-2024-56770 - net/sched: netem: account for backlog updates from child qdisc - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47587 - net: systemport: Add global locking for descriptor lifecycle * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) // CVE- url: https://ubuntu.com/security/CVE-2021-46959 - spi: Fix use-after-free with devm_spi_alloc_* * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-53066 - nfs: Fix KMSAN warning in decode_getfattr_attrs() * CVE-url: https://ubuntu.com/security/CVE-2024-49944 - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start * CVE-url: https://ubuntu.com/security/CVE-2024-50237 - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower * CVE-url: https://ubuntu.com/security/CVE-2024-46780 - nilfs2: protect references to superblock parameters exposed in sysfs * CVE-url: https://ubuntu.com/security/CVE-2024-53063 - media: dvbdev: prevent the risk of out of memory access - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set * CVE-url: https://ubuntu.com/security/CVE-2021-47150 - net: fec: fix the potential memory leak in fec_enet_init() * CVE-url: https://ubuntu.com/security/CVE-2024-53140 - netlink: terminate outstanding dump on socket close * CVE-url: https://ubuntu.com/security/CVE-2025-21971 - net_sched: Prevent creation of classes with TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2023-52572 - cifs: Fix UAF in cifs_demultiplex_thread() * CVE-url: https://ubuntu.com/security/CVE-2025-37785 - ext4: fix OOB read when checking dotdot dir * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47277 - kvm: avoid speculation-based attacks from out-of-range memslot accesses * CVE-url: https://ubuntu.com/security/CVE-2022-49740 - wifi: brcmfmac: Check the count value of channel spec to prevent out-of- bounds reads * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49404 - RDMA/hfi1: Fix potential integer multiplication overflow errors * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2022-49757 - EDAC/highbank: Fix memory leak in highbank_mc_probe() * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49395 - um: Fix out-of-bounds read in LDT setup * CVE-url: https://ubuntu.com/security/CVE-2022-49738 - f2fs: fix to do sanity check on summary info - f2fs: should put a page when checking the summary info - f2fs: fix to do sanity check on i_extra_isize in is_alive() * CVE-url: https://ubuntu.com/security/ - ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules * CVE-url: https://ubuntu.com/security/CVE-2025-21891 - ipvlan: ensure network headers are in skb linear part * CVE-url: https://ubuntu.com/security/CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd * CVE-url: https://ubuntu.com/security/CVE-2025-21957 - scsi: qla1280: Fix kernel oops when debug level > 2 * CVE-url: https://ubuntu.com/security/CVE-2025-21948 - HID: appleir: Fix potential NULL dereference at raw event handle * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52989 - firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52932 - mm/swapfile: add cond_resched() in get_swap_pages() * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2023-53015 - HID: betop: check shape of output reports * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE- url: https://ubuntu.com/security/CVE-2023-52993 - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL * CVE-url: https://ubuntu.com/security/CVE-2025-21912 - gpio: rcar: Use raw_spinlock to protect register access * CVE-url: https://ubuntu.com/security/CVE-2025-21922 - ppp: Fix KMSAN uninit-value warning with bpf * CVE-url: https://ubuntu.com/security/CVE-2025-21959 - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-52988 - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() * CVE-url: https://ubuntu.com/security/CVE-2025-21996 - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() * CVE-url: https://ubuntu.com/security/CVE-2025-21917 - usb: renesas_usbhs: Flush the notify_hotplug_work * CVE-url: https://ubuntu.com/security/CVE-2023-53001 - drm/drm_vma_manager: Add drm_vma_node_allow_once() * CVE-url: https://ubuntu.com/security/CVE-2025-21920 - vlan: enforce underlying device type * CVE-url: https://ubuntu.com/security/CVE-2025-21904 - caif_virtio: fix wrong pointer check in cfv_probe() * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) // CVE- url: https://ubuntu.com/security/CVE-2021-47320 - net: caif: added cfserl_release function - net: caif: add proper error handling - net: caif: fix memory leak in caif_device_notify * CVE-url: https://ubuntu.com/security/CVE-2021-47342 - ext4: fix memory leak in ext4_fill_super - ext4: fix timer use-after-free on failed mount * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47320 - nfs: fix acl memory leak of posix_acl_create() * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE- url: https://ubuntu.com/security/CVE-2021-47602 - mac80211: track only QoS data frames for admission control * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2025-21702 - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 * CVE-url: https://ubuntu.com/security/CVE-2024-56658 - net: defer final 'struct net' free in netns dismantle * CVE-url: https://ubuntu.com/security/CVE-2024-50265 - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46826 - ELF: fix kernel.randomize_va_space double read * CVE-url: https://ubuntu.com/security/CVE-2025-21700 - net: sched: Disallow replacing of child qdisc from one parent to another * CVE-url: https://ubuntu.com/security/CVE-2024-50167 - be2net: fix potential memory leak in be_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-49952 - netfilter: nf_tables: prevent nf_skb_duplicated corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49948 - net: add more sanity checks to qdisc_pkt_len_init()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb 263d280628ecc3ed0b4c0bdaba73e1269f470f86 linux-buildinfo-4.4.0-274-tuxcare.els45-lowlatency_4.4.0-274.308_amd64.deb c42ff08f1cc681bbfc6a1d97351a121373a39868 linux-cloud-tools-4.4.0-274-tuxcare.els45_4.4.0-274.308_amd64.deb dc773d34fa86347767141864cf6fa114678f20d5 linux-cloud-tools-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb 6182fc5b568152c24ea2305c9589b50748f0b744 linux-cloud-tools-4.4.0-274-tuxcare.els45-lowlatency_4.4.0-274.308_amd64.deb 5f15641baca5d5fd70c20ac5dc42bc5450891ad5 linux-cloud-tools-common_4.4.0-274.308_all.deb 0843505f03ffb16f45a2c458e6c9a243eea009a7 linux-cloud-tools-generic_4.4.0.274.308_amd64.deb dd257775d08a9a52bf6af10298a0467367cf8ecd linux-cloud-tools-lowlatency_4.4.0.274.308_amd64.deb e899eebdd08419ae0150ad5c9edcde8e43d95cbb linux-crashdump_4.4.0.274.308_amd64.deb 6eda4e25432e9a9faf4429fe945134aacad6ed15 linux-doc_4.4.0-274.308_all.deb 2cc68709f0748a5fbf4a5f1dc7e863cb97531c40 linux-generic_4.4.0.274.308_amd64.deb a9972696ab5954edca091ed5086dd8e9b07ed1ed linux-headers-4.4.0-274-tuxcare.els45_4.4.0-274.308_all.deb aa8c52824dfbb8e7bd640ad576edd582dcc0cb6b linux-headers-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb 3ed3b3c69a48a45ffa74d231af1bf62b5ebf33b8 linux-headers-4.4.0-274-tuxcare.els45-lowlatency_4.4.0-274.308_amd64.deb abccc39be47795250fb8b9afcc4c5fec2069abb6 linux-headers-generic_4.4.0.274.308_amd64.deb bb2b67cc106ac862d1a9b1735e715b66108be274 linux-headers-lowlatency_4.4.0.274.308_amd64.deb 3b5fb3dc4d8baab663cf6d7eb21114107448ec22 linux-image-generic_4.4.0.274.308_amd64.deb f24c5599a779f93773661b753ccf3c56d8c194f0 linux-image-lowlatency_4.4.0.274.308_amd64.deb 3513c38d1826c9df4291ad43d7006eda131e326c linux-image-unsigned-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb 42cadbdf0510484b4d84214be9b7e639d5dd746a linux-image-unsigned-4.4.0-274-tuxcare.els45-lowlatency_4.4.0-274.308_amd64.deb 31d0fcec5bc69e95ea20aa55df808cae8406ed06 linux-libc-dev_4.4.0-274.308_amd64.deb e0261f9b1f8842d4a6badfa2da0d4826b89174ef linux-lowlatency_4.4.0.274.308_amd64.deb 99ef02417d1e312ead361ce81ca37dadccd1096d linux-modules-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb bd78e5065f676cfce479b7ca8ca8cca9cfb2fad1 linux-modules-4.4.0-274-tuxcare.els45-lowlatency_4.4.0-274.308_amd64.deb 268014d47426b9263b6aa030f0c79d81d13d2297 linux-modules-extra-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb 952cfe5aa9c2d3c46a4af74b036f58fad6edbdb5 linux-source_4.4.0.274.308_all.deb 844a77d6ccc72a42365733e1ae94f6f09bb1d647 linux-source-4.4.0_4.4.0-274.308_all.deb 74e247f1e04539b25ab062500501d2be46054651 linux-tools-4.4.0-274-tuxcare.els45_4.4.0-274.308_amd64.deb b1d84b20bdd99773d2399a9378d7fd13395103cf linux-tools-4.4.0-274-tuxcare.els45-generic_4.4.0-274.308_amd64.deb 22ac08ba45a8d17835daacf52090b1a8883d5be8 linux-tools-4.4.0-274-tuxcare.els45-lowlatency_4.4.0-274.308_amd64.deb 73f7c655fbcbf20187df92e11b51483c1d76c42b linux-tools-common_4.4.0-274.308_all.deb 4dc4c19bcdc51ba4ca89efedf1439676c6f958c1 linux-tools-generic_4.4.0.274.308_amd64.deb d91a65995a88cb7d1b1a361ef46b44864228e063 linux-tools-host_4.4.0-274.308_all.deb 8cd30ff2c9b58ebd4358b2a826c3ef71f38fc872 linux-tools-lowlatency_4.4.0.274.308_amd64.deb 7a6a9778b93e36c468934573267aa708002de65a CLSA-2025:1747431041 TuxCare License Agreement 0 * SECURITY UPDATE: incomplete tracking of row security allows unauthorized access to data - debian/patches/CVE-2024-10976.patch: Ensure cached plans to be correctly marked as dependent on role to fix the issue of neglected marking which could lead to incorrect row visibility. - CVE-2024-10976 * SECURITY UPDATE: server error message leakage - debian/patches/CVE-2024-10977.patch: Discard error messages received during SSL and GSS negotiation to prevent arbitrary bytes written to the client's terminal - CVE-2024-10977 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: incomplete tracking of row security allows unauthorized access to data - debian/patches/CVE-2024-10976.patch: Ensure cached plans to be correctly marked as dependent on role to fix the issue of neglected marking which could lead to incorrect row visibility. - CVE-2024-10976 * SECURITY UPDATE: server error message leakage - debian/patches/CVE-2024-10977.patch: Discard error messages received during SSL and GSS negotiation to prevent arbitrary bytes written to the client's terminal - CVE-2024-10977

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb 1e37fd9948ba3efde7a29126a162932744e545eb libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb ec3064c65a20f080da4593eba7c6b70ec602596b libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb d5080ba5900b6349c2c8f0713ab8d0c8afb063b6 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb 74f1549978f83ef27e9fbda8c9c906691f1d6140 libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb 0412179d4ab41542dfac05bf9b92407ff18c5bd1 libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb ab5eefc26e4f27308d504920e49151213b37c86e postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb edc7cc29f84c66158ad71ba85a3d2afec34cc82b postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb da0534de4fb13910100a708a5f7a60f26c883fec postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb 81869eda117a784b3beadee3430cd969da65c6d2 postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_all.deb 9bc1d74d516a5b2a542754cf549e59a857ca312a postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb b58320534de02274593c7eda0fbb710abc01da01 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb fe60410b1e9780002102bf08f59167ed3e3a385a postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb 825eff16dcc745f9bed2d35d041c46c71d87280f postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb 39ed1425e7fd6aa57162467c4795145d27ac6216 postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb dab472c1d1556f42e44f9d275d399f8fbe9a912b CLSA-2025:1747431252 TuxCare License Agreement 0 * Bump ABI 4.4.0-274 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-274

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.274.308_amd64.deb dd257775d08a9a52bf6af10298a0467367cf8ecd linux-cloud-tools-lowlatency_4.4.0.274.308_amd64.deb e899eebdd08419ae0150ad5c9edcde8e43d95cbb linux-crashdump_4.4.0.274.308_amd64.deb 6eda4e25432e9a9faf4429fe945134aacad6ed15 linux-generic_4.4.0.274.308_amd64.deb a9972696ab5954edca091ed5086dd8e9b07ed1ed linux-headers-generic_4.4.0.274.308_amd64.deb bb2b67cc106ac862d1a9b1735e715b66108be274 linux-headers-lowlatency_4.4.0.274.308_amd64.deb 3b5fb3dc4d8baab663cf6d7eb21114107448ec22 linux-image-generic_4.4.0.274.308_amd64.deb f24c5599a779f93773661b753ccf3c56d8c194f0 linux-image-lowlatency_4.4.0.274.308_amd64.deb 3513c38d1826c9df4291ad43d7006eda131e326c linux-lowlatency_4.4.0.274.308_amd64.deb 99ef02417d1e312ead361ce81ca37dadccd1096d linux-source_4.4.0.274.308_all.deb 844a77d6ccc72a42365733e1ae94f6f09bb1d647 linux-tools-generic_4.4.0.274.308_amd64.deb d91a65995a88cb7d1b1a361ef46b44864228e063 linux-tools-lowlatency_4.4.0.274.308_amd64.deb 7a6a9778b93e36c468934573267aa708002de65a CLSA-2025:1747849358 TuxCare License Agreement 0 * SECURITY UPDATE: Externally controlled reference to resources. - debian/patches/CVE-2024-10979.patch: Remove magic property of ENV in ./src/pl/plperl/plc_trusted.pl. Add get_environ to ./src/test/regress/regress.c. - CVE-2024-10979 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Externally controlled reference to resources. - debian/patches/CVE-2024-10979.patch: Remove magic property of ENV in ./src/pl/plperl/plc_trusted.pl. Add get_environ to ./src/test/regress/regress.c. - CVE-2024-10979

0 tuxcare-ubuntu16.04-els libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 34061968fccdbb7c608ad12ff8f17aeed568353b libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 729e95f25668f28b2f52547e32a09737724b1310 libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 96da7b9885f453097c46b72498bed801cd88cfe8 libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 67e897c94fab2930c408686cc3aa5f894a87046f libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 1c8dd17367e8f912a8445a1e92a96008efc4b4d6 libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 4479114484b11e73d4d6af00183fc49d65ebe485 postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb afd5657d5066094cc26782dc1718db6cd1eee1cb postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 9d8c2eeb49b1a57419d0a96928c3f7b478b3dda4 postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 3a0a98f6e7f63597744f9be5e80b047c47d9b0cd postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_all.deb e2f904c3e5eb503acff7db65ced6d901e97c5fb8 postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 9cbb0d11ca9e3e1c0c5836ac19516f40756e8544 postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb b0135b7e947d48f2d3356d64e107d92c6f5d7080 postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 46863f70bcd0d1d351866575a35452c1deb10806 postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 46240e8f1e7adff8d82462fb618b38f1999008aa postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els12_amd64.deb 615d9d9d6d21d5e843180344d00d933f73be8880 CLSA-2025:1747902752 TuxCare License Agreement 0 * SECURITY UPDATE: sensitive data leakage through User module - debian/patches/CVE-2018-16837.patch: do not pass ssh_key_passphrase on cmdline, fix passphrase being passed on command line - CVE-2018-16837 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: sensitive data leakage through User module - debian/patches/CVE-2018-16837.patch: do not pass ssh_key_passphrase on cmdline, fix passphrase being passed on command line - CVE-2018-16837

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els8_all.deb b16d25743633ae00ef0a3f6bb394728a06b12c35 CLSA-2025:1748262659 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-04-10: - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x00860F81(ver:0x08608108); - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206), cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107), cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D), cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209), cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011), cpuid:0x00A20F12(ver:0x0A201210); - Update AMD CPU microcode for processor family 0x17: cpuid:0x008A0F00(ver:0x08A0000A); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-04-10: - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x00860F81(ver:0x08608108); - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206), cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107), cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D), cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209), cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011), cpuid:0x00A20F12(ver:0x0A201210); - Update AMD CPU microcode for processor family 0x17: cpuid:0x008A0F00(ver:0x08A0000A);

0 tuxcare-ubuntu16.04-els amd64-microcode_3.20250410.1ubuntu0.16.04.2+tuxcare.els1_amd64.deb e9878eeb96e9d592f1883ba8b26144ecc2b90fcb CLSA-2025:1748282288 TuxCare License Agreement 0 * SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 * SECURITY UPDATE: Heap buffer under-read in XML schema validation - debian/patches/CVE-2025-32415.patch: Fix heap buffer overflow in xmlSchemaIDCFillNodeTables - CVE-2025-32415 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 * SECURITY UPDATE: Heap buffer under-read in XML schema validation - debian/patches/CVE-2025-32415.patch: Fix heap buffer overflow in xmlSchemaIDCFillNodeTables - CVE-2025-32415

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb 170c7508853663777c948f2099dfd4579ea6f113 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb 2f11e1d69374c6be5b2d05ee6b52155320c0d2e0 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_all.deb 8c6030038b132968c2a52b37127ebad2513444d4 libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb a9398b97f2ca84905ca94b72d916f742418159a8 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb c995265f0a2a9c8ad31a0b56e8514d84362ac059 CLSA-2025:1748451788 TuxCare License Agreement 0 * SECURITY UPDATE: template Injection Vulnerability - debian/patches/CVE-2021-3583.patch: fix unsafe preservation across newlines to ensure always having unsafe - CVE-2021-3583 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: template Injection Vulnerability - debian/patches/CVE-2021-3583.patch: fix unsafe preservation across newlines to ensure always having unsafe - CVE-2021-3583

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els11_all.deb 4dcd5b0d880bbc808aa8698622fc5458b32512e8 CLSA-2025:1748945064 TuxCare License Agreement 0 * SECURITY UPDATE: password prompt vulnerability from template expansion - debian/patches/CVE-2019-10206.patch: prevent templating of passwords from prompt to avoid special characters triggering it incorrectly - CVE-2019-10206 - debian/patches/CVE-2019-14856.patch: fix incomplete CVE-2019-10206 patch - CVE-2019-14856 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: password prompt vulnerability from template expansion - debian/patches/CVE-2019-10206.patch: prevent templating of passwords from prompt to avoid special characters triggering it incorrectly - CVE-2019-10206 - debian/patches/CVE-2019-14856.patch: fix incomplete CVE-2019-10206 patch - CVE-2019-14856

0 tuxcare-ubuntu16.04-els ansible_2.1.1.0-1~ubuntu16.04.1+tuxcare.els12_all.deb 117a493500665002e54c9519fbbe9685fb328cef CLSA-2025:1749548218 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc * CVE-url: https://ubuntu.com/security/CVE-2024-56661 - tipc: fix NULL deref in cleanup_bearer() * CVE-url: https://ubuntu.com/security/CVE-2024-56642 - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). * CVE-url: https://ubuntu.com/security/CVE-2021-47163 - tipc: wait and exit until all work queues are done * Miscellaneous upstream changes - Revert "block: add check that partition length needs to be aligned with block size" Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc * CVE-url: https://ubuntu.com/security/CVE-2024-56661 - tipc: fix NULL deref in cleanup_bearer() * CVE-url: https://ubuntu.com/security/CVE-2024-56642 - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). * CVE-url: https://ubuntu.com/security/CVE-2021-47163 - tipc: wait and exit until all work queues are done * Miscellaneous upstream changes - Revert "block: add check that partition length needs to be aligned with block size"

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb 1d89fa589f7763d791ad71228a52e7d7a90adf11 linux-buildinfo-4.4.0-275-tuxcare.els46-lowlatency_4.4.0-275.309_amd64.deb 0981758950ee85fbc098c865b4e782d622a5a444 linux-cloud-tools-4.4.0-275-tuxcare.els46_4.4.0-275.309_amd64.deb 2ce55246349d11ab9956a4e85e912fe2a7a5b7e7 linux-cloud-tools-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb 61acd8b9b69c6b1cc9d4d2871fb369b7350fc065 linux-cloud-tools-4.4.0-275-tuxcare.els46-lowlatency_4.4.0-275.309_amd64.deb f5a6377bea4e306d94c67b82b26a8414944aaefa linux-cloud-tools-common_4.4.0-275.309_all.deb 2244550261e8d8cb380402dd6e4549dde5f3c131 linux-doc_4.4.0-275.309_all.deb cfe0db2c43d89f5dda30eb9f7f6b371234510be9 linux-headers-4.4.0-275-tuxcare.els46_4.4.0-275.309_all.deb dbe6b6f3dd9374c7893c3c146ef9fcca05aac206 linux-headers-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb 170f386aaf962f4de7d80ed0aaabdb46a4bcec86 linux-headers-4.4.0-275-tuxcare.els46-lowlatency_4.4.0-275.309_amd64.deb 7cd116e083da8115f2208619eecfef89bf2b6406 linux-image-unsigned-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb 1899f5b2f0b823d9c7076c62bed6b32b7bc21911 linux-image-unsigned-4.4.0-275-tuxcare.els46-lowlatency_4.4.0-275.309_amd64.deb 0bdba2b85c8bf3e5b2b401a3ab0b5fe828c597d8 linux-libc-dev_4.4.0-275.309_amd64.deb 10c74b5c16803d36f6d2f69143d8dbf85420fec0 linux-modules-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb 4a8ced50572f6600db16621f0bb5458dc6808599 linux-modules-4.4.0-275-tuxcare.els46-lowlatency_4.4.0-275.309_amd64.deb 63c4668b7c3c0978f7df1c4b6b59798e11b12c49 linux-modules-extra-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb ba86a97f6f9abff38fd11b8e377efbd8f1880d9d linux-source-4.4.0_4.4.0-275.309_all.deb 4f81433fb35f8344ff9ae5f626ca573b05044c3a linux-tools-4.4.0-275-tuxcare.els46_4.4.0-275.309_amd64.deb ec7eb97489904837fa8743d9a59321da747e0c32 linux-tools-4.4.0-275-tuxcare.els46-generic_4.4.0-275.309_amd64.deb c4013b3534209088159bdd13da6e1b73d8a6d208 linux-tools-4.4.0-275-tuxcare.els46-lowlatency_4.4.0-275.309_amd64.deb 22b29f5bf817ef860d982762c3702ad4d3b9a384 linux-tools-common_4.4.0-275.309_all.deb aaa3d6acb1102e44ec3c5ac4da2e091c31b414f8 linux-tools-host_4.4.0-275.309_all.deb 86cca6c3b7614e268128bd7105832da0afac7118 CLSA-2025:1749548339 TuxCare License Agreement 0 * Bump ABI 4.4.0-275 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-275

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.275.309_amd64.deb 380b5db68be39848ca1f43bd24e70bdea2153330 linux-cloud-tools-lowlatency_4.4.0.275.309_amd64.deb 3b504cc15c04e86f8eb2f72bc52e7f0523a0d657 linux-crashdump_4.4.0.275.309_amd64.deb 8fa0bbb55dbd249673bc9cb56d7b92b836e9411b linux-generic_4.4.0.275.309_amd64.deb 568f1b59186e3deb9ac3ef974f95b76dc22778ad linux-headers-generic_4.4.0.275.309_amd64.deb fedebba60c539e5c8de62b13f925ef759d87f06e linux-headers-lowlatency_4.4.0.275.309_amd64.deb f279970479d7b4ca5dd808583d9404ed03cb0ff6 linux-image-generic_4.4.0.275.309_amd64.deb 0597bbaeb883a96d1dcb9dd74e79ef3fce17f106 linux-image-lowlatency_4.4.0.275.309_amd64.deb 589e5a5a7ad2e8f755b04cfd8c778c1ebdc49587 linux-lowlatency_4.4.0.275.309_amd64.deb c73dd2ab29565fcb1c158e23629f1e6779c28ab5 linux-source_4.4.0.275.309_all.deb 758df16be570457ef48493114ba2793a2ca2058e linux-tools-generic_4.4.0.275.309_amd64.deb 797be67d1d87b9a5dbe8a03f45ead8810e784844 linux-tools-lowlatency_4.4.0.275.309_amd64.deb 05b1328174509f959ef68cb90a83a143546bbbc1 CLSA-2025:1751040804 TuxCare License Agreement 0 * New upstream 2025b version: - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V names are now obsolescent. - The main data form now uses %z. - The code now conforms to RFC 8536 for early timestamps. - Support POSIX.1-2024, which removes asctime_r and ctime_r. - Assume POSIX.2-1992 or later for shell scripts. - SUPPORT_C89 now defaults to 1. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New upstream 2025b version: - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V names are now obsolescent. - The main data form now uses %z. - The code now conforms to RFC 8536 for early timestamps. - Support POSIX.1-2024, which removes asctime_r and ctime_r. - Assume POSIX.2-1992 or later for shell scripts. - SUPPORT_C89 now defaults to 1.

0 tuxcare-ubuntu16.04-els tzdata_2025b-0ubuntu0.16.04+tuxcare.els1_all.deb 660e22a710521286a1e4ffafb3f6213756ad3c6a CLSA-2025:1751133420 TuxCare License Agreement 0 * Update to 8u452-ga fixing a number of CVEs - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-April/019989.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update to 8u452-ga fixing a number of CVEs - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-April/019989.html

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb f43e4b62a87407720f9f5d556b962c3af1e0d600 openjdk-8-doc_8u452-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 6dbed60c342787c2f61cf4063f3a7df5d8b58ac8 openjdk-8-jdk_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb c6f04be6ad059be95e0e94b91f7c6451e42221c6 openjdk-8-jdk-headless_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb c3779ed3d2f3b8770c7defec378f40fd44456711 openjdk-8-jre_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 6a26f10364f3fd5d5c87cfe7109e84d1951d148b openjdk-8-jre-headless_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 2f919bfe31e5c8a82c2466d038c205dc39c95980 openjdk-8-jre-jamvm_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb ce01681e52e3eebf81473c6b5ae550de55a7dac7 openjdk-8-jre-zero_8u452-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 282b215d7feca720d4a43ea0ea2fbfb3d6cbe1c5 openjdk-8-source_8u452-ga-0ubuntu1~16.04+tuxcare.els1_all.deb 4b26acdd5e3e71de6294965edc2c095bafea87ec CLSA-2025:1752059553 TuxCare License Agreement 0 * Update ca-certificates database to 20250416: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "TWCA CYBER Root CA" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20250416: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "TWCA CYBER Root CA" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023"

0 tuxcare-ubuntu16.04-els ca-certificates_20250416~16.04.1ubuntu0.1+tuxcare.els1_all.deb 08770f38778394e70476936f67da724bf093a4f1 CLSA-2025:1753083094 TuxCare License Agreement 0 * Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53197 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49909 - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49530 - drm/amd/pm: fix double free in si_parse_power_table() * CVE-url: https://ubuntu.com/security/CVE-2025-39688 - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() * CVE-url: https://ubuntu.com/security/CVE-2024-50106 - nfsd: simplify nfs4_put_deleg_lease calls - nfsd: factor out common delegation-destruction code - nfsd: Fix race to FREE_STATEID and cl_revoked - nfsd: don't call functions with side-effecting inside WARN_ON() - nfsd: remove fault injection code - nfsd: avoid race after unhash_delegation_locked() - nfsd: split sc_status out of sc_type - nfsd: fix race between laundromat and free_stateid * CVE-url: https://ubuntu.com/security/CVE-2024-35937 - wifi: cfg80211: check A-MSDU format more carefully * CVE-url: https://ubuntu.com/security/CVE-2024-49966 - ocfs2: cancel dqi_sync_work before freeing oinfo * CVE-url: https://ubuntu.com/security/CVE-2023-52588 - f2fs: fix to tag gcing flag on page during block migration * CVE-url: https://ubuntu.com/security/CVE-2024-57798 - drm/dp-mst-helper: Remove hotplug callback - drm/dp_mst: Remove huge conditional in drm_dp_mst_handle_up_req() - drm/dp_mst: Refactor drm_dp_mst_handle_up_req() - drm/dp_mst: Rename drm_dp_add_port and drm_dp_update_port - drm/dp_mst: Handle UP requests asynchronously - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() * Miscellaneous Ubuntu changes - [Config] updateconfigs for NFSD_FAULT_INJECTION Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53197 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49909 - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49530 - drm/amd/pm: fix double free in si_parse_power_table() * CVE-url: https://ubuntu.com/security/CVE-2025-39688 - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() * CVE-url: https://ubuntu.com/security/CVE-2024-50106 - nfsd: simplify nfs4_put_deleg_lease calls - nfsd: factor out common delegation-destruction code - nfsd: Fix race to FREE_STATEID and cl_revoked - nfsd: don't call functions with side-effecting inside WARN_ON() - nfsd: remove fault injection code - nfsd: avoid race after unhash_delegation_locked() - nfsd: split sc_status out of sc_type - nfsd: fix race between laundromat and free_stateid * CVE-url: https://ubuntu.com/security/CVE-2024-35937 - wifi: cfg80211: check A-MSDU format more carefully * CVE-url: https://ubuntu.com/security/CVE-2024-49966 - ocfs2: cancel dqi_sync_work before freeing oinfo * CVE-url: https://ubuntu.com/security/CVE-2023-52588 - f2fs: fix to tag gcing flag on page during block migration * CVE-url: https://ubuntu.com/security/CVE-2024-57798 - drm/dp-mst-helper: Remove hotplug callback - drm/dp_mst: Remove huge conditional in drm_dp_mst_handle_up_req() - drm/dp_mst: Refactor drm_dp_mst_handle_up_req() - drm/dp_mst: Rename drm_dp_add_port and drm_dp_update_port - drm/dp_mst: Handle UP requests asynchronously - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() * Miscellaneous Ubuntu changes - [Config] updateconfigs for NFSD_FAULT_INJECTION

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb 66a05ef09b333e6f126bc32502ce644a32a07cfb linux-buildinfo-4.4.0-276-tuxcare.els47-lowlatency_4.4.0-276.310_amd64.deb 15242cbd6bb2a26180a0675f8560fa44b298b0f3 linux-cloud-tools-4.4.0-276-tuxcare.els47_4.4.0-276.310_amd64.deb 2063a343b9cfc2bdcf9f8f8827372a443b7cd02c linux-cloud-tools-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb d25acdfb243602595edbf7a7f0a92c07984f044b linux-cloud-tools-4.4.0-276-tuxcare.els47-lowlatency_4.4.0-276.310_amd64.deb ca600c0ca6080102b9fcec29ef99ed7a2cc99d24 linux-cloud-tools-common_4.4.0-276.310_all.deb 85c0d623c7b75aa6f7f8e6ffdfffca7e032b3482 linux-doc_4.4.0-276.310_all.deb 776119cb2852e4803f4473a1547afe4fbe432975 linux-headers-4.4.0-276-tuxcare.els47_4.4.0-276.310_all.deb c0973fad8112116d2092f191217cdd9e3850ea31 linux-headers-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb aeb96f238c52a1d88555e969b2968f9fcc1ca1ec linux-headers-4.4.0-276-tuxcare.els47-lowlatency_4.4.0-276.310_amd64.deb 17230af4b159624f41558cbfa3b4389fde2f8300 linux-image-unsigned-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb 6c80ae3f2cdbb4dffa4982036d8540f9f3ea8bb9 linux-image-unsigned-4.4.0-276-tuxcare.els47-lowlatency_4.4.0-276.310_amd64.deb 6f5b019a9229fb58e717890aeac8c2e0f7148a0c linux-libc-dev_4.4.0-276.310_amd64.deb 835d18c8ba072a5539d07e84307647ba4eccd6bc linux-modules-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb 289af07ef75564771d74756c528e3a9ee9eedd67 linux-modules-4.4.0-276-tuxcare.els47-lowlatency_4.4.0-276.310_amd64.deb 62bf012d533f8eb25c9f004db21500486fa667ec linux-modules-extra-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb c91e4ed5cd0fee037f485520a7f7032a52bbf025 linux-source-4.4.0_4.4.0-276.310_all.deb 7198fa5d18bd6c12d904a246b8027f43a01201b8 linux-tools-4.4.0-276-tuxcare.els47_4.4.0-276.310_amd64.deb 7282e953aece0ddc20770ed356394acb3a761369 linux-tools-4.4.0-276-tuxcare.els47-generic_4.4.0-276.310_amd64.deb 9968b01830e7b1b5e21a5b2574e88d96caa54632 linux-tools-4.4.0-276-tuxcare.els47-lowlatency_4.4.0-276.310_amd64.deb 47cbf25dba7748bd00ee0e7ee7a30d06a61cd8b4 linux-tools-common_4.4.0-276.310_all.deb ea9f6b4cb1da561142429cdbb464dd296201de35 linux-tools-host_4.4.0-276.310_all.deb 1da00e1db599a0455f5ce07ad471cb3f59bd53c6 CLSA-2025:1753083230 TuxCare License Agreement 0 * Bump ABI 4.4.0-276 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-276

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.276.310_amd64.deb eee4a36cf0bccb4952cdbd12bc876d3084d878e9 linux-cloud-tools-lowlatency_4.4.0.276.310_amd64.deb f4b70edf166eb64d668610b07229398c92a19955 linux-crashdump_4.4.0.276.310_amd64.deb 67008205d5c4bd086b3220030d1c22da4d5cbe87 linux-generic_4.4.0.276.310_amd64.deb 9dfe3d18bf5e1f1bc357d0e740a176329b9e2754 linux-headers-generic_4.4.0.276.310_amd64.deb 5ee15bdf2b8e32806a6ca0150bb805735278f608 linux-headers-lowlatency_4.4.0.276.310_amd64.deb 44d963a7573b4a3b3bef69e743fe7c943b498d01 linux-image-generic_4.4.0.276.310_amd64.deb 8c6e9408dd91821a02adcd959c8dc4ecaba88c25 linux-image-lowlatency_4.4.0.276.310_amd64.deb 80f29fb0ceeb414f7fff84d7e25c87dd45b28392 linux-lowlatency_4.4.0.276.310_amd64.deb 2f8a3b061b42945bf5146a70abf30382229fca0a linux-source_4.4.0.276.310_all.deb 25bd87a3938a4365d763cde6ccb8607a9c1e28cb linux-tools-generic_4.4.0.276.310_amd64.deb 553c1bebfb1ef4e00a20a33404df53b107f58302 linux-tools-lowlatency_4.4.0.276.310_amd64.deb 789ebe6ccea0b4eb0806a6ca1422b440fa3a0305 CLSA-2025:1753121050 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability addressed - debian/patches/CVE-2025-48384.patch: quote values containing CR character to prevent unintended behavior - CVE-2025-48384 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability addressed - debian/patches/CVE-2025-48384.patch: quote values containing CR character to prevent unintended behavior - CVE-2025-48384

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els8_amd64.deb 5dcb6f03515eea6d8b7eaf5ce5e479dfb97d64e2 git-all_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 18fb2cb34218dfacaa126599279db25fce4da5cb git-arch_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 3ebb0e4cef2aa92ff91e7dfdb1ee6c97a8079ff8 git-core_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 15bf1fd129c2c2b451aaa653dd49bd22d22cfa01 git-cvs_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 3380e3833081876e4d16e1598582e9affb0e2382 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb a4faa1f7df9c6522270c25472f29c8b2b0d284cb git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 0736a0fee924e3debe5747bbdb5a82542220ff84 git-doc_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 24c33a113264d62c667abc710ea7f4a8bd17285b git-el_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 06ba10e6bb96cb1daff9bfac4079669d4edbdea1 git-email_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb b2f87d59e487a2060e803525a6b3e9a1fb9e3e6b git-gui_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 32bc7ab28d8ab128bdadedd417240003d2ee1b2a git-man_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb d5849e5a570617d48604b8a8df6bbcb1b698bff2 git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 7f49794010b171056a6951c471740c9ad45027d6 git-svn_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb a2417f4c84b3ed2f1416f1a495dbc890b10f91e6 gitk_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb 737f261a1a190b5119103e9ed6ab21d96389962d gitweb_2.7.4-0ubuntu1.10+tuxcare.els8_all.deb f493e5f7bacc01e0b909b0a796884c86acb77cbd CLSA-2025:1753729667 TuxCare License Agreement 0 * SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794_CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 - CVE-2025-49796 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794_CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 - CVE-2025-49796

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb 9db7d340beec12f1b2bbefeba68c4ebac175d1b9 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb a0e05e2ea1af743d07960002cf62cba352ccdc90 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_all.deb ab25475db36899d4e749bc5d3d04d2cddb4155bb libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb f57e9df1f7dec3d4ba84f72ea897b5a0d6299306 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb cc90078c37e2e51396f087d0e6263a3edf5fa481 CLSA-2025:1753799801 TuxCare License Agreement 0 * SECURITY UPDATE: unauthorized command execution on remote hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: unauthorized command execution on remote hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462

0 tuxcare-ubuntu16.04-els sudo_1.8.16-0ubuntu1.11+tuxcare.els3_amd64.deb ae7fff02975e77d3aaf859a9b453e074928a9a77 sudo-ldap_1.8.16-0ubuntu1.11+tuxcare.els3_amd64.deb 8b2688e437020b676cd02eed2bdabbd7b3eac932 CLSA-2025:1754037187 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length * CVE-url: https://ubuntu.com/security/CVE-2024-46771 - can: bcm: Remove proc entry when dev is unregistered. * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49842 - ASoC: core: Fix use-after-free in snd_soc_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47336 - smackfs: restrict bytes count in smk_set_cipso() * CVE-url: https://ubuntu.com/security/CVE-2025-21993 - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() * CVE-url: https://ubuntu.com/security/CVE-2022-49541 - cifs: fix potential double free during failed mount * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Protect the whole snd_timer_close() with open race - ALSA: timer: Follow standard EXPORT_SYMBOL() declarations - ALSA: timer: Limit max instances per timer - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * Bionic update: upstream stable patchset 2020-01-14 (LP: #1859712) // CVE- url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Limit max amount of slave instances * Bionic update: upstream stable patchset 2019-11-13 (LP: #1852492) // CVE- url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: timer: Simplify error path in snd_timer_open() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length * CVE-url: https://ubuntu.com/security/CVE-2024-46771 - can: bcm: Remove proc entry when dev is unregistered. * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE- url: https://ubuntu.com/security/CVE-2022-49842 - ASoC: core: Fix use-after-free in snd_soc_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47336 - smackfs: restrict bytes count in smk_set_cipso() * CVE-url: https://ubuntu.com/security/CVE-2025-21993 - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() * CVE-url: https://ubuntu.com/security/CVE-2022-49541 - cifs: fix potential double free during failed mount * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Protect the whole snd_timer_close() with open race - ALSA: timer: Follow standard EXPORT_SYMBOL() declarations - ALSA: timer: Limit max instances per timer - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * Bionic update: upstream stable patchset 2020-01-14 (LP: #1859712) // CVE- url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Limit max amount of slave instances * Bionic update: upstream stable patchset 2019-11-13 (LP: #1852492) // CVE- url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix mutex deadlock at releasing card - ALSA: timer: Simplify error path in snd_timer_open()

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb 40a43ca93730a0757fae543a058de9917670949e linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency_4.4.0-277.311_amd64.deb 1bc6093b140c3c8335bdfa22625eba3194c4d6ad linux-cloud-tools-4.4.0-277-tuxcare.els48_4.4.0-277.311_amd64.deb 14cd9cabd3d9904e2ea3439b78d7fd84caa5fe7d linux-cloud-tools-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb 8f2dfae98d231b33aa2e4564c2d9247fda3f4c42 linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency_4.4.0-277.311_amd64.deb 9c69e85e7edf7d98a9a80b047b4a0db7be1cf34e linux-cloud-tools-common_4.4.0-277.311_all.deb d0d325a1ec757825a012586a0d3e55cdf402797c linux-doc_4.4.0-277.311_all.deb 6017dfcf425b4ef2b8eea8254af1812143410626 linux-headers-4.4.0-277-tuxcare.els48_4.4.0-277.311_all.deb 9196aa32ce8f60ebabe1ec0719365f23f2abf6d0 linux-headers-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb d670b7aa81fe229f0b78c145863f98499b96bd3a linux-headers-4.4.0-277-tuxcare.els48-lowlatency_4.4.0-277.311_amd64.deb f492157970f93a4547226c60ed02ebe3adb02748 linux-image-unsigned-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb 78279b25e152c34239f0841cd8b7a211bc4b3ce3 linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency_4.4.0-277.311_amd64.deb 7e120912cbdd85fce527f48c44f88ca5dff8fb9d linux-libc-dev_4.4.0-277.311_amd64.deb e86327faae4d98e10b5d56533180d1940d1bf8e1 linux-modules-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb 009e6724814d116ed2d105a94ef13ece0936ee7c linux-modules-4.4.0-277-tuxcare.els48-lowlatency_4.4.0-277.311_amd64.deb 7724504465c08c7ac81ebe4ffad39a51e52a2e82 linux-modules-extra-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb bb472c4cb68fc0bd916a8defc83b659ceb99e8fb linux-source-4.4.0_4.4.0-277.311_all.deb f0e25d80f40ff1faef860269c0b7160024ecfbc6 linux-tools-4.4.0-277-tuxcare.els48_4.4.0-277.311_amd64.deb 4a4212ac444fa126ad18bc164042980704d17d81 linux-tools-4.4.0-277-tuxcare.els48-generic_4.4.0-277.311_amd64.deb 8484453d99078f7f79ab8416d765d366c45cf41f linux-tools-4.4.0-277-tuxcare.els48-lowlatency_4.4.0-277.311_amd64.deb 58e93689e61a377f72d0cf577206ccdee7c2337d linux-tools-common_4.4.0-277.311_all.deb f9f08cb78a39cb371011f0b91192d843598c3d16 linux-tools-host_4.4.0-277.311_all.deb b75ea7c00432fd89c4ad4b1e3ef826f133ae092c CLSA-2025:1754037378 TuxCare License Agreement 0 * Bump ABI 4.4.0-277 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-277

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.277.311_amd64.deb a127ae7a218e37a942d430f5d24e1f247f515195 linux-cloud-tools-lowlatency_4.4.0.277.311_amd64.deb be1708c567f50c2774cd45a3d63f5e8cd4363262 linux-crashdump_4.4.0.277.311_amd64.deb be39d0cbef72c00063ea948cf7fade95ad2ecdbc linux-generic_4.4.0.277.311_amd64.deb b33107dafb77ab5f68a9b0d224c4d40002a04ab3 linux-headers-generic_4.4.0.277.311_amd64.deb ad4c3ec572f6a7a6d24467f5aec743b3141083f1 linux-headers-lowlatency_4.4.0.277.311_amd64.deb dc4489d7e599573e737cb16c1cd35443fa069d71 linux-image-generic_4.4.0.277.311_amd64.deb 7f920e67bd129df765b535db41c95eb8df92e844 linux-image-lowlatency_4.4.0.277.311_amd64.deb 319375413594d41ae1f4dd28fff2131d1e86b576 linux-lowlatency_4.4.0.277.311_amd64.deb 870fea2dd7878129f9cb14c618151338ce37b0a3 linux-source_4.4.0.277.311_all.deb 10cbc01d42df239c3716f0de9b95c1e030fb0418 linux-tools-generic_4.4.0.277.311_amd64.deb 7c082b69c89f142da03ee9cf7b033b6d7038588a linux-tools-lowlatency_4.4.0.277.311_amd64.deb 66b035e01ebf50507d435ac2640e4af5ab70825f CLSA-2025:1754338599 TuxCare License Agreement 0 * SECURITY UPDATE: aggregate term exceeding column count vulnerability - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: aggregate term exceeding column count vulnerability - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965

0 tuxcare-ubuntu16.04-els lemon_3.11.0-1ubuntu1.5+tuxcare.els4_amd64.deb 7d8e0abc59e64229f057b12706e40cdd2a35557f libsqlite3-0_3.11.0-1ubuntu1.5+tuxcare.els4_amd64.deb 3354922de7ae90c276256d0918d7ac06e2ef226f libsqlite3-dev_3.11.0-1ubuntu1.5+tuxcare.els4_amd64.deb ad082379cf3ed496a84f06c7ad4bd8d728d04a15 libsqlite3-tcl_3.11.0-1ubuntu1.5+tuxcare.els4_amd64.deb 83a31ed6b3b695b96d958de26cc76aaa30655bd3 sqlite3_3.11.0-1ubuntu1.5+tuxcare.els4_amd64.deb 65824fe6525627685274af070091402d90851bdf sqlite3-doc_3.11.0-1ubuntu1.5+tuxcare.els4_all.deb 5bae397f1c7c2538dcf83728b3cbfa8053747935 CLSA-2025:1754381695 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-05-12: - New microcodes: sig 0x000a06d1, pf_mask 0x20, 2025-02-07, rev 0xa0000d1, size 1635328 sig 0x000a06d1, pf_mask 0x95, 2025-02-07, rev 0x10003a2, size 1664000 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b06d1, pf_mask 0x80, 2025-03-18, rev 0x011f, size 79872 sig 0x000c0652, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x000606a6, pf_mask 0x87, 2025-01-07, rev 0xd000404, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-01-07, rev 0x10002d0, size 300032 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x000806f4, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f4, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f5, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f5, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f6, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f6, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f7, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f8, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f8, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x00090672, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x00090675, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000906a3, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906a4, pf_mask 0x40, 2024-12-06, rev 0x000a, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2025-02-13, rev 0x0024, size 140288 sig 0x000a06f3, pf_mask 0x01, 2025-02-10, rev 0x3000341, size 1542144 sig 0x000b0671, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06e0, pf_mask 0x19, 2024-12-06, rev 0x001d, size 139264 sig 0x000b06f2, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f5, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f6, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f7, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 sig 0x000c06f2, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 3891 * SECURITY UPDATE: - CVE-2024-28956, INTEL-SA-01153 - CVE-2025-20054, INTEL-SA-01244 - CVE-2025-20103, INTEL-SA-01244 - CVE-2024-43420, INTEL-SA-01247 - CVE-2024-45332, INTEL-SA-01247 - CVE-2025-20623, INTEL-SA-01247 - CVE-2025-20012, INTEL-SA-01322 - CVE-2025-24495, INTEL-SA-01322 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-05-12: - New microcodes: sig 0x000a06d1, pf_mask 0x20, 2025-02-07, rev 0xa0000d1, size 1635328 sig 0x000a06d1, pf_mask 0x95, 2025-02-07, rev 0x10003a2, size 1664000 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b06d1, pf_mask 0x80, 2025-03-18, rev 0x011f, size 79872 sig 0x000c0652, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x000606a6, pf_mask 0x87, 2025-01-07, rev 0xd000404, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-01-07, rev 0x10002d0, size 300032 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x000806f4, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f4, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f5, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f5, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f6, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f6, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f7, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f8, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f8, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x00090672, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x00090675, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000906a3, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906a4, pf_mask 0x40, 2024-12-06, rev 0x000a, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2025-02-13, rev 0x0024, size 140288 sig 0x000a06f3, pf_mask 0x01, 2025-02-10, rev 0x3000341, size 1542144 sig 0x000b0671, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06e0, pf_mask 0x19, 2024-12-06, rev 0x001d, size 139264 sig 0x000b06f2, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f5, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f6, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f7, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 sig 0x000c06f2, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 3891 * SECURITY UPDATE: - CVE-2024-28956, INTEL-SA-01153 - CVE-2025-20054, INTEL-SA-01244 - CVE-2025-20103, INTEL-SA-01244 - CVE-2024-43420, INTEL-SA-01247 - CVE-2024-45332, INTEL-SA-01247 - CVE-2025-20623, INTEL-SA-01247 - CVE-2025-20012, INTEL-SA-01322 - CVE-2025-24495, INTEL-SA-01322

0 tuxcare-ubuntu16.04-els intel-microcode_3.20250512.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb f33fff6f076cf0b5652e2e37814f9b6d2a800c07 CLSA-2025:1754382436 TuxCare License Agreement 0 * Update ca-certificates database to 20250418: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20250418: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023"

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els9_amd64.deb 28630153cf7ba957a68518113a530029d0dbd36d libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els9_amd64.deb 590acd37d2cf351ca2555048d1b0d0dc1c6b54d9 libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els9_amd64.deb 3244553e0e416bd1828e67209596650dd9548239 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els9_all.deb 9d32c469db3048efc1d5c9d6876d07654243c10a libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els9_amd64.deb cf06ab5e2282556550099b1db63222b2af00ce2f CLSA-2025:1754648405 TuxCare License Agreement 0 * SECURITY UPDATE: potential file creation/truncation when cloning untrusted repository in gitk - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: improve dark mode support, remove hard-coded colors in ttext calls and use colors from the theme for text widgets via Text.Background and Text.Foreground - CVE-2025-27613 * SECURITY UPDATE: security vulnerability allowing arbitrary script execution - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: Fix hard-coded colors in ttext widgets to use theme colors - CVE-2025-27614 * SECURITY UPDATE: security issue with untrusted repository cloning and file editing - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: validate directory names to prevent file overwrite attacks - CVE-2025-46835 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: potential file creation/truncation when cloning untrusted repository in gitk - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: improve dark mode support, remove hard-coded colors in ttext calls and use colors from the theme for text widgets via Text.Background and Text.Foreground - CVE-2025-27613 * SECURITY UPDATE: security vulnerability allowing arbitrary script execution - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: Fix hard-coded colors in ttext widgets to use theme colors - CVE-2025-27614 * SECURITY UPDATE: security issue with untrusted repository cloning and file editing - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: validate directory names to prevent file overwrite attacks - CVE-2025-46835

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els9_amd64.deb 7fc151b69e3933252dab8da37d505e6334cefe5a git-all_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 109a03cea13d7a5871ceccbb9229ae322eec6190 git-arch_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 55252a87ad6c4fde18298e44e38cb872d439d940 git-core_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 67fddeb983407c8716d994de52a8322a662efe5f git-cvs_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb a7f566c5ce6006eea0e8a4953c389f04f5903925 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 94935ac6b4867643c4f438d62ec1d32fa9d6a928 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 3a7605f28c94e8aacdf195e8e06b26c07e23c234 git-doc_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb e1e6f63311854e9fe3e30ad63ce92871fed69b6c git-el_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb b6d5fbfe76ae87879adfb6dc67580cd6456093ee git-email_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb cce1b00e6deb8a8bb3b4dfa42944c2c431ee9bce git-gui_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 4c338e4730294c45a0e09424011bb028e923f345 git-man_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb e927311c25fe0f6f0fee2f863b71d18ad1d861de git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 54b5753935254e6317420cc07799afaae438a9f2 git-svn_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 0473bcba5ebcb2837febe58df8bab4aeb30de807 gitk_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 0ea60588a81e58f7e2cdbb831fda9dfdbf89d736 gitweb_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb 88262db8c7f990f4c3889fbb4c9e6a3a5ab8a2f9 CLSA-2025:1754939966 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2025-48386.patch: fix buffer overflow in wcsncat() caused by off-by-one error and length not accounted for in wcsncat() calls - CVE-2025-48386 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2025-48386.patch: fix buffer overflow in wcsncat() caused by off-by-one error and length not accounted for in wcsncat() calls - CVE-2025-48386

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els10_amd64.deb b4e91812735d62e201e0b41f9c73bdc97731329f git-all_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 477ee44d83673949a00fa6661257b040d1bcfd47 git-arch_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 477b509d629f6e074b56f12fd7fe34268154a186 git-core_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 7b2c85c180891e674947928ba693abee21c6e78a git-cvs_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 3334df13e14b42de8080d38733627f9a20f0f7d0 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb d7040671b7b8144c578895c829f5c59c275205d7 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 98ef69dc39c3d837a49406bf71220e2794b89575 git-doc_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb c9ac85a69e4a6e309f0b1c2860f785c3d62c7f33 git-el_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb cea3a82ad75d1aa165fb1552b234aef7eb7d5458 git-email_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 25d4e552d87f0266ea5589acad7d78ef8eff037c git-gui_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb a4d437549085deab9383d2281e675741a703b506 git-man_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb f4eb84d1e61ccb0bc0740a4f4c910e094a216e3e git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb c1993a088fb6dc25b95dede039a919c9098b7b98 git-svn_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 34fbbce5d25f0bc657c41511f96f6b754802e559 gitk_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 9166d3d668bfd72072bc17ad80b93e5c54838e37 gitweb_2.7.4-0ubuntu1.10+tuxcare.els10_all.deb 507ee48930cfde73815f1600ab3f270143a8071c CLSA-2025:1754940262 TuxCare License Agreement 0 * SECURITY UPDATE: Insufficient validation of filenames against control characters in repositories served via mod_dav_svn - debian/patches/CVE-2024-46901.patch: fix mod_dav_svn denial-of-service via control characters in paths Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Insufficient validation of filenames against control characters in repositories served via mod_dav_svn - debian/patches/CVE-2024-46901.patch: fix mod_dav_svn denial-of-service via control characters in paths

0 tuxcare-ubuntu16.04-els libapache2-mod-svn_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb 40c6e8c3786d30cd117462ccc12fada056a170d8 libapache2-svn_1.9.3-2ubuntu1.3+tuxcare.els2_all.deb 5ad5266c49ded118f20d31060f70a99f51cc4288 libsvn-dev_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb bcadd093699f78eefe32616fd21f7c850792a0a6 libsvn-doc_1.9.3-2ubuntu1.3+tuxcare.els2_all.deb 26909b3b27cde74ce3622439bd06fca6965299b7 libsvn-java_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb a9131978f091e4e515ed3cf06ab15c457a006df3 libsvn-perl_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb 96069bfbf60e1d46de99c731862e5c320ed4b0d6 libsvn-ruby1.8_1.9.3-2ubuntu1.3+tuxcare.els2_all.deb 18d44c9bb3bcd56dab4db16197d43fa0105b6876 libsvn1_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb a6192a4727dd297f6023649dabd627e4cfb4d283 python-subversion_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb e08cbb0dd8dbe667c9005bc8cdc85143d40dd792 ruby-svn_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb 2207b251d6e6d69e1d161b2f7c00127f53409e5c subversion_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb b53c8f7028b32e9b967bd977a821bdedeefb1f3b subversion-tools_1.9.3-2ubuntu1.3+tuxcare.els2_amd64.deb 08e7d6f71e289ea9c5ad7295a30842558d204d08 CLSA-2025:1755603149 TuxCare License Agreement 0 * OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-July/020263.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-July/020263.html

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 91e712fb8d33fd3bdb0ec0e1b9af9b2852687db2 openjdk-8-doc_8u462-ga-0ubuntu1~16.04+tuxcare.els1_all.deb fa99dd8d40b539b05719a3da78bf67b60c14d7da openjdk-8-jdk_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb ac9f1e8debe6f061e0ee5dfb41e040cf502813ff openjdk-8-jdk-headless_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb b094580a08ea58b41ca2c9c32012f93561c5d171 openjdk-8-jre_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb dbe3f9aff91196785e04b7db4a14c3cd2e7f2d74 openjdk-8-jre-headless_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 65646d3b44840f6e515fd931e47819964aa7bdfb openjdk-8-jre-jamvm_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 0f0fa5df4da66798d715a1193603462553cc8d13 openjdk-8-jre-zero_8u462-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 49ca037cf4a559d22d13ad84bb9ff9c896a04b6a openjdk-8-source_8u462-ga-0ubuntu1~16.04+tuxcare.els1_all.deb f63b822c4229ac48ee693c7ea36ac7814627e593 CLSA-2025:1755603427 TuxCare License Agreement 0 * SECURITY UPDATE: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - debian/patches/CVE-2025-3576: don't issue session keys with deprecated enctypes. Updates tests. - CVE-2025-3576 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - debian/patches/CVE-2025-3576: don't issue session keys with deprecated enctypes. Updates tests. - CVE-2025-3576

0 tuxcare-ubuntu16.04-els krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb e24f9e382b92ad3da03327facd7c5d3fdb19dbb2 krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_all.deb 5255cbddf7330dd4cb5e89e3014c256ade0137b5 krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 3eb7c2e3d066353daa137d8c77bf558f29ef670c krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb c9ef329a9a51b1ad3ed0447c7491b1643ce04a61 krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb cf89611569d4dedd175de3090495e7121eed0890 krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 1650eda75ba400233634f351905d34d4438ac56f krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_all.deb 8b07c2f2ef76b64e85e9457c6c1485fd5fe8893f krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb a0ca953462969c6b8b4aa19910331b05cbeda995 krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb e4f9255da35573f88a3139ab24f735b4d8c98fea krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb cd389effe1061765d590765bb2ade17d87597fa3 krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 72d53d76c7becba4a048a0274ceaa471106279df libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb a208d3b58753b2508032c752802a16bfcd4b6951 libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 0046d002ed8b20be403102a2bb57593d073e13c1 libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb c03a94c9bd73c8c5b4bde29ce3608d529124f5cc libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb f4fe4f337a036da5dd234018486a163295b89fd3 libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb d6c161f934d8d7805f4606918e8d83aa4d0cfaa5 libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 39855396003edac375de043db5d2f2352cc58a8e libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb ee4a8b0adc9f6cbc0a36ea88fb76dffa70293dcf libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb d3763c160770beaf7c48c6bf6ca586b3f8667ef6 libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 019c851a5759c1b9cf36dfe66a1e686ed3508008 libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 16ba8145aac3842dd1498891d814d24421d2b051 libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els6_amd64.deb 44ef0ab4c104e287e678ef2ddccb1951fb3dc85d CLSA-2025:1755885175 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service via sqlite3_db_config argument values - debian/patches/CVE-2025-29088.patch: harden the SQLITE_DBCONFIG_LOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation - CVE-2025-29088 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service via sqlite3_db_config argument values - debian/patches/CVE-2025-29088.patch: harden the SQLITE_DBCONFIG_LOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation - CVE-2025-29088

0 tuxcare-ubuntu16.04-els lemon_3.11.0-1ubuntu1.5+tuxcare.els5_amd64.deb 28414ce3c0336b26fe9c12964abaa8e4203dba49 libsqlite3-0_3.11.0-1ubuntu1.5+tuxcare.els5_amd64.deb 578d20db4a3052287fbafc8584477a89ffa428e9 libsqlite3-dev_3.11.0-1ubuntu1.5+tuxcare.els5_amd64.deb 14a9aa507e1cd92401ed3c4cf1e63c1efd2dd1fc libsqlite3-tcl_3.11.0-1ubuntu1.5+tuxcare.els5_amd64.deb 628d95805d9d00b619122e479891c1e6b5e13d33 sqlite3_3.11.0-1ubuntu1.5+tuxcare.els5_amd64.deb 2671e211941a30af142eaa2a5ee1aa42fd724955 sqlite3-doc_3.11.0-1ubuntu1.5+tuxcare.els5_all.deb 2c677a658a3e077e84406235ff06298a7de44470 CLSA-2025:1756928197 TuxCare License Agreement 0 * SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2025-26603.patch: Fix heap use-after-free in str_to_reg() - CVE-2025-26603 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2025-26603.patch: Fix heap use-after-free in str_to_reg() - CVE-2025-26603

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 14045de46a55c1d42079a7cfa089954a37ef8ad9 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 6d4ed5aee496cf1e00b336d9eab4eaccb2d9036a vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb b6943555f27d3a12bf8674665e58c22bf364290c vim-common_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb a776c35baf169e5df0842c83d79602d65712bc65 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els54_all.deb 7427e36430e0ba31974aa4dc526f6fa70de62e62 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb f6b6b18aa945356dc76de7bd8aedad820dad5c29 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 80cea48b90b74d77245743747391e51d42823b30 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb f80b8732abdd6981200fd73dc54d872ac8ff96c3 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 8c82ba1a37ba628c91c1c81c79ae52a2ea13a803 vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 3dd3d2c71291f15b018da5237759be980079af81 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb d7ffdb2c3f09cf4c0bf9a33d45f539f6d0f027ac vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els54_all.deb c3cf11e6e482b1fff72624f318e9507c430ed606 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 3ca0744a7d9b4d1ca3569fcd350e5e2396285039 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 7aa475f1f27c15c3a19849d59cc5328acd8a4201 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els54_all.deb d22e2cf5c495fca1399b844d0cb3b87422cbbec1 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els54_amd64.deb 8afcb28b22ff3af4defc757f19373b62015606d1 CLSA-2025:1757014860 TuxCare License Agreement 0 * SECURITY UPDATE: mod_ssl TLS upgrade attack - debian/patches/CVE-2025-49812.patch: remove antiquated 'SSLEngine optional' TLS upgrade in modules/ssl/ssl_engine_config.c, modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h. - CVE-2025-49812 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_ssl TLS upgrade attack - debian/patches/CVE-2025-49812.patch: remove antiquated 'SSLEngine optional' TLS upgrade in modules/ssl/ssl_engine_config.c, modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h. - CVE-2025-49812

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb 705d68f6859fe469a6b64b8134588c6fa25a6e1e apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb f7b6db14e76c484215263212f400c8e4e6688f58 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els18_all.deb 61bb397760f604de6ee18383a34f4425862315b3 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb 4e45dcb216c130525c1ca733234ee743ad4dd56e apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els18_all.deb 052589c5db8249ba434f464c8a4a2198e40b0aba apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb fe46d261db3a49d48a13982058d027b1b0ad6b3e apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb 28db6b3dc1a2d24cd41ccd26cb427b27cf8c15f3 apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els18_amd64.deb cd6a5de15a09c7ea2defb14aba53ce84ac1c3fcb CLSA-2025:1757015069 TuxCare License Agreement 0 * SECURITY UPDATE: stack-based buffer overflow via integer overflows in buffer size calculations in xmlBuildQName function - debian/patches/CVE-2025-6021.patch: Fix integer overflow in xmlBuildQName that affects memory safety - CVE-2025-6021 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack-based buffer overflow via integer overflows in buffer size calculations in xmlBuildQName function - debian/patches/CVE-2025-6021.patch: Fix integer overflow in xmlBuildQName that affects memory safety - CVE-2025-6021

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11_amd64.deb 5b7bf7d766dcf546be7a0d4166e7a77389b34780 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11_amd64.deb 46abb93c8029222dbced493f651820c7536bb609 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11_all.deb 23f301390fa3446e83c5ca8069ec80ee130cf7f3 libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11_amd64.deb ae68818ebbfa6cfa1a45e1219b862e3f0ef67c56 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els11_amd64.deb 56abf4caf3adb283c0a8eea678a114fafeb1fbd0 CLSA-2025:1757015268 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow in copy_section function - debian/patches/CVE-2025-7545.patch: Don't extend output section size beyond input section size to fix section contents from being copied - CVE-2025-7545 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow in copy_section function - debian/patches/CVE-2025-7545.patch: Don't extend output section size beyond input section size to fix section contents from being copied - CVE-2025-7545

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 69f74e89a782116839cb7ff19a0feb74c6cbacd7 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb a5f8faa329a7c7a711233f5f4a9efe2fb3e1f97f binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 0caf5054e4c539e7ea7c1f3026334d2b0e411db3 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb dc66c393052c7d4edc2eb994c87de71a0698ca01 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb da5c1b887f73fa3925ffae5a6775473b5959473a binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 77d579b9538195012947fe9393fe4fc94266e92a binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_all.deb 7c78aa67869565409c6df31d491c8ef0a11e5fbd binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 6548cde21c4c83658d2267130bc51d4920a96d1e binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 20b6d388e954989f9c371ef64502ead40eb75271 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb e1e0cafd9cf80be6e4787c3d7f5d46063845c512 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 8de9e26fd9bd1a7dade3049037abbf69a3954595 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 8be2e995603af4efa56d885b3c5727feb3c1d013 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb bc43183f205525955029293e67058a21e83f3c38 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 2d62ae4f02aa2f564843460a4fb6399e4f161691 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 1913a8ff7a79ceabc01d1c8bc750473c7c48388d binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb b399dc2b628a646e8eba8f54aa4c949f9117594f binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb b0a2e71149c6767d7b7252f21b833b56ad48cf9f binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 545ed2e188c0875a4c8153f702af3a42c2a6a584 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 3ba3cf4e7e36a67c32208f4b256258d27493b151 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 38d045dc7413abb103571aace5fadf501a8532d1 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 915e0a21719e27d64f6ae87845d18c63795ad49a binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb 63f5e3c131b338cc8d0a4e787b5377e3ba70e5c7 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_all.deb 5199beba46465a4156caef58877ccf5b55c3313e binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els14_amd64.deb ab37ff28e32361e8aa5329740383bee91d6ac162 CLSA-2025:1757016160 TuxCare License Agreement 0 * SECURITY UPDATE: misinterpretation of HTTP response headers - debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1217 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1734.patch: adds logic to fail invalid HTTP headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1734 * SECURITY UPDATE: http redirect location truncation - debian/patches/CVE-2025-1861.patch: converts the allocation of location to be on heap instead of stack and errors if the location length is greater than 8086 bytes in ext/standard/http_fopen_wrapper.c - CVE-2025-1861 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1736.patch: updates the http user header check for crlf in ext/standard/http_fopen_wrapper.c - CVE-2025-1736 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: misinterpretation of HTTP response headers - debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1217 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1734.patch: adds logic to fail invalid HTTP headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1734 * SECURITY UPDATE: http redirect location truncation - debian/patches/CVE-2025-1861.patch: converts the allocation of location to be on heap instead of stack and errors if the location length is greater than 8086 bytes in ext/standard/http_fopen_wrapper.c - CVE-2025-1861 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1736.patch: updates the http user header check for crlf in ext/standard/http_fopen_wrapper.c - CVE-2025-1736

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 6810920649bece2375ff1eb70a4b68ab356d3dd1 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 9ea24733052d530a1f014395fd57ecf4fc581e14 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_all.deb 22fc44f0138ab044e0d542704eca54867e7d0b0a php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 1f15e1cd36b4cf3b35d5fbb71b4f418a4f0d4373 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 7d4c44263ceb3993971c567ce0e79a39974bce73 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb fda11f921411ea46bd158792f37f1dfef4b2edc2 php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 83ca23562634b950ede63d2bc4e0d9bf27499df1 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb a4c2e5889abf857f3e3fb0dafb0ac748b43710f0 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 168a1fc9b95e659caae8856174c2c371f65a6165 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb a8b1a5b14c115e9d4cfba30de1492eb9dff8c5be php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb f22b18df6661d727ebdeddf8fc59d6b584b616e4 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 31d3ef71471f80e42b0f01c67c31e1916a8c4109 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 12b1dac6efdb37a02c9397ea00bbe317381849a4 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 39c2bd85cdfd3a0454a5d356059561af4cb80616 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 783b2e74de5e2d9c31569a92423cc615c1d5fd01 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 809a6009562babbaeadfe2b2374bd77e13adf81d php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 1995f3729e03ae0da403e35d45307b3b1606c42e php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 2e55c023e74d8b056d6e386ddd5908649f2cb6ad php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb a8ff1cad561ef30dd24dbdf547437f21cbfc03ce php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb ff6e9fb4106b54f6aedf21d59938d153916324d9 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 00a036f61764378d2335667956b5268111c36f36 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 2bb5bdf9655f090e3ad9feb0d233c6926a2ca4f9 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 4344165717688c09d615de7cb665a811f70614e9 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 4bf52be2e8cc05a6b09389d7980ed19432af799a php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 76f5ee78bb173db69dfb08fce3708761ceed412f php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 0de19f090891cea2169ebc3711d9c23f7223ed06 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 46130e65b0b01a854612c1aa843f6bb61ff62e52 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb b0f4d086193a6e539ac952348d05a7ab1da2371c php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 7aadd30187091b40eef821500f8ee72bbc969b0d php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 80219c2db6b2659847763c16ec33d2195b82a347 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 80dbf4b506f41754680134201344b7a46da9ed17 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 5e2aca1c749487c0dbe13193b2be7d069afc2567 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 92609af37ad8a6348931114f7bd0c9a2f6b6bde8 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 531049605b1ff69620b5debad1ca6c40bce0f3f3 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 54246e59bfe253c81d41f410930f9c35bd3647ea php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 337ed012be39f49f031bd12c6469e3077bd58b94 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb 767c7b7e94652751033ffec871b14fa11419bb10 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_all.deb 047beb1722204b7541a008572004b690dc3f5dad php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els15_amd64.deb d961420062c507a382e59ccee22c9aed699372bd CLSA-2025:1757076677 TuxCare License Agreement 0 * SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els11_amd64.deb aa6246c82617af97fac9f3df7220cbd7282c9cd1 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els11_amd64.deb 3c34a6052321eb4c8f6410515ce09463a233dbc7 squid-common_3.5.12-1ubuntu7.17+tuxcare.els11_all.deb aa1a305fa46d20b2db62bf9a1e7947282a71f1c0 squid-purge_3.5.12-1ubuntu7.17+tuxcare.els11_amd64.deb df29bf3d43bf6c39df0b93b9764d9994bb5eb7c8 squid3_3.5.12-1ubuntu7.17+tuxcare.els11_all.deb 8ca7dab296a8395b2f7cf9a505bd39d0f0d61be1 squidclient_3.5.12-1ubuntu7.17+tuxcare.els11_amd64.deb 9ff78aa4e355bbc9d5eefe89b52660b62566da42 CLSA-2025:1757411402 TuxCare License Agreement 0 * SECURITY UPDATE: heap buffer overflow in InterpretImageFilename function - debian/patches/CVE-2025-53014.patch: Correct out of bounds read of a single byte in InterpretImageFilename function - CVE-2025-53014 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap buffer overflow in InterpretImageFilename function - debian/patches/CVE-2025-53014.patch: Correct out of bounds read of a single byte in InterpretImageFilename function - CVE-2025-53014

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb 734bdf9b77c0562a21b969294588dd9987699706 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb fea84ebaf32d96bab67bb5ef4965489c85d69259 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb dfa5ea84365b6b2c6ae5621874c24d523cc6bf1c imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 929ed62a59992cfded02e4ff0f300aa35f7906d4 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 614935a6bb96c3803b25f80ae053dad5237b8823 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb f280ccaf0e64116c31c8168fbd7d845845da685c libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 3ed292727f356e1de633b5497591479b27b9dd17 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb dddf987f0915f10da220b5521beeb43667fabaa8 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb 603c85b4cb0095d7c2a32d8787774fe7ed5ae377 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 5647cdfcfcb116675a46408c1f9846f84697f2d6 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb 323c255fc646e860125d4291641ee52ad577d3e8 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 86c414c0d31c1ac22dd2bba6803aa1ef24b4badc libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb b61d7c73e451422b432effc483af4f74781d4b86 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb c95ceb3bdb88d3342ec338b059814a0f31c23a66 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb f2b865f33edefcfb3fe3cf67953dca5fde494728 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb df3fd2e00689c71752d48ae37b52abbdbec32da5 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 216800b0812d2f3df7827fc596a4efb5aec8da0d libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb 91bf4427c7e733ae5f3561fb787b35d7ed0067d9 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els21_amd64.deb 0c12a398ae34c64efb75b21f92c1a5e54f49862b libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb e3d1f8509329dd25e167997aeee99b7863f81af1 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els21_all.deb 45f78f6c6c90e694af796b42261ca53a3f3ed578 CLSA-2025:1757428404 TuxCare License Agreement 0 * SECURITY UPDATE: access control bypass by trusted clients via TLS 1.3 session resumption - debian/patches/CVE-2025-23048.patch: update SNI validation to fix compatibility issue - CVE-2025-23048 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: access control bypass by trusted clients via TLS 1.3 session resumption - debian/patches/CVE-2025-23048.patch: update SNI validation to fix compatibility issue - CVE-2025-23048

0 tuxcare-ubuntu16.04-els apache2_2.4.18-2ubuntu3.17+tuxcare.els16_amd64.deb a04d0728f6076872b1816742af4d6f0327b557fb apache2-bin_2.4.18-2ubuntu3.17+tuxcare.els16_amd64.deb a0734d55748ca8654c896b31763f3475fd8509d1 apache2-data_2.4.18-2ubuntu3.17+tuxcare.els16_all.deb 4b1eaa4b7d3952db2b83ff7d47e4dfbea779ae31 apache2-dev_2.4.18-2ubuntu3.17+tuxcare.els16_amd64.deb 3f6c783787193419f799e5154069e76afb0e81a2 apache2-doc_2.4.18-2ubuntu3.17+tuxcare.els16_all.deb b270e91266f1838b2345c00b8b7b66fc60afc920 apache2-suexec-custom_2.4.18-2ubuntu3.17+tuxcare.els16_amd64.deb 9270b05627798fdcc3f70b40c9ea3b5e129da88a apache2-suexec-pristine_2.4.18-2ubuntu3.17+tuxcare.els16_amd64.deb f619ce8e118bbdfa523384c77a251ab49f23939f apache2-utils_2.4.18-2ubuntu3.17+tuxcare.els16_amd64.deb d7170340704e56a7be9a3464e1947c389cdbed3a CLSA-2025:1757490210 TuxCare License Agreement 0 * SECURITY UPDATE: inadequate validation in pgsql and pdo_pgsql functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdo_pgsql extensions to prevent potential security issues - CVE-2025-1735 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: inadequate validation in pgsql and pdo_pgsql functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdo_pgsql extensions to prevent potential security issues - CVE-2025-1735

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb b0c1154458b5cb6c426ae19d9deca4959202cc9b libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 0ab5bf8e9f54f9b8b2817e690cc23002b3f00a85 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_all.deb 2fc9ea5a77c163ecc3c35f0b0b5fa1622665b7eb php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 75819c7a17bd069f51887fb8cda80c7f9dd4daa9 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 453d3a629cb27fb8da3c90f5f0a1c521e382f196 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 9c0c2f1d5cff59bd2736f6f65af4514e18b7548d php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 1ec71251dbb979782679fac36ad5fee2f06a8488 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb c8201bdc270c54518c0c1a4712c1823461111a2a php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb c764c0b7e6ee1a1ad11524f9dd5068f7b666b128 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 3fcfe92aa94d849196daa45caecbec8e0d2704c9 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 0b66bed71d099be1950217a77c61d35dc6820e5f php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 66f5c3650d202bf142876fadc064717ca780d4d7 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb addbfd1b284f9d34d9e82c4b64558ed61b41aad9 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 966ae10a7f43dc1569187bd432b9366f6831bf08 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb a4136a17540275309192074f23e5444ea33c5321 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 838f38a923cbe26394f94569686b77de6161fbbe php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 6009a452ec6cee28477afe2c9aef7798b73aaf2f php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 4dc59d5d000d28543b3bb001ee3ca03692dfdccb php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 4306d77856582ae95150ec9ecefd62e5fa863c36 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb cdd91d690a004afacfc4a8411ce21f4075ba4e15 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 2ad64bf1c09de30f75628155e6ddd0e1f438dc0b php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 43cc3a39cc0285f5ac7a9875838e9b81f212690c php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 6924f74a866253f5d6c556e7050704142b3db985 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 4df277ab7c7a24420bf20f06a5e3870ec1a361a2 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb a570a08eff88386a46cf2fffdf2281b86d745d71 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 0ea15222565f5d3faa8329c08f4f5160f9213554 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 84c2080796badbe854fa0a923d5de351bf9b7b83 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb da96b8c970149a02a981466276f82bcca999ed4d php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 68626b31d4ac3e80fed18b60e0a5866dba495628 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 41994f34ff2fa6dc14c2707dc0bbb2e4771ed0a2 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 61e2222d3b4bca95dc594cdd932d62820ba17baf php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 49b4923b728ca1bbd67816efa448d78ee9ce4d78 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 1f3cef4ac4ec104b5301c6d713b41cc212e19ae5 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 452400fbee3737eca39a2786235d5e1e28db8b57 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 4ccd06bad7598167e9dbec3b87df5b31794a121d php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb c0617f0544ce349e9a5c4a427ea088ee747431d7 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb 51b0ccc9c0463d9e455c4c140e4aee6e64badc15 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_all.deb 3557a315ed23a4f6d986473d06291a642ab6a08f php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els16_amd64.deb b8dfded4d23dc0d1621ffc97580b85e13150fb16 CLSA-2025:1758009836 TuxCare License Agreement 0 * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-34981 - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails * CVE-url: https://ubuntu.com/security/CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling * CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url: https://ubuntu.com/security/CVE-2025-37752 - net_sched: sch_sfq: move the limit validation * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50202 // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: propagate directory read errors from nilfs_find_entry() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: Remove check for PageError - nilfs2: return the mapped address from nilfs_get_page() * CVE-url: https://ubuntu.com/security/CVE-2024-50202 - make ext2_get_page() and friends work without external serialization * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47345 - RDMA/cma: Fix rdma_resolve_route() memory leak * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53131 - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53130 - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() * CVE-url: https://ubuntu.com/security/CVE-2025-21640 - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-57913 - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind * CVE-url: https://ubuntu.com/security/CVE-2025-21638 - sctp: sysctl: auth_enable: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-50195 - posix-clock: Fix missing timespec64 check in pc_clock_settime() * CVE-url: https://ubuntu.com/security/CVE-2024-50299 - sctp: properly validate chunk size in sctp_sf_ootb() * CVE-url: https://ubuntu.com/security/CVE-2024-41016 - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-50287 - media: v4l2-tpg: prevent the risk of a division by zero * CVE-url: https://ubuntu.com/security/CVE-2024-49965 - ocfs2: remove unreasonable unlock in ocfs2_read_blocks * CVE-url: https://ubuntu.com/security/CVE-2024-50179 - ceph: remove the incorrect Fw reference check when dirtying pages * CVE-url: https://ubuntu.com/security/CVE-2024-40953 - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() * CVE-url: https://ubuntu.com/security/CVE-2024-50290 - media: cx24116: prevent overflows on SNR calculus * CVE-url: https://ubuntu.com/security/CVE-2024-49877 - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-50008 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() * CVE-url: https://ubuntu.com/security/CVE-2024-49959 - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error * CVE-url: https://ubuntu.com/security/CVE-2024-49963 - mailbox: bcm2835: Fix timeout during suspend mode * CVE-url: https://ubuntu.com/security/CVE-2024-47709 - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). * CVE-url: https://ubuntu.com/security/CVE-2025-21699 - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag * CVE-url: https://ubuntu.com/security/CVE-2025-21689 - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() * CVE-url: https://ubuntu.com/security/CVE-2024-53101 - fs: Fix uninitialized value issue in from_kuid and from_kgid Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-34981 - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails * CVE-url: https://ubuntu.com/security/CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling * CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url: https://ubuntu.com/security/CVE-2025-37752 - net_sched: sch_sfq: move the limit validation * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50202 // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: propagate directory read errors from nilfs_find_entry() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: Remove check for PageError - nilfs2: return the mapped address from nilfs_get_page() * CVE-url: https://ubuntu.com/security/CVE-2024-50202 - make ext2_get_page() and friends work without external serialization * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47345 - RDMA/cma: Fix rdma_resolve_route() memory leak * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53131 - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53130 - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() * CVE-url: https://ubuntu.com/security/CVE-2025-21640 - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-57913 - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind * CVE-url: https://ubuntu.com/security/CVE-2025-21638 - sctp: sysctl: auth_enable: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-50195 - posix-clock: Fix missing timespec64 check in pc_clock_settime() * CVE-url: https://ubuntu.com/security/CVE-2024-50299 - sctp: properly validate chunk size in sctp_sf_ootb() * CVE-url: https://ubuntu.com/security/CVE-2024-41016 - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-50287 - media: v4l2-tpg: prevent the risk of a division by zero * CVE-url: https://ubuntu.com/security/CVE-2024-49965 - ocfs2: remove unreasonable unlock in ocfs2_read_blocks * CVE-url: https://ubuntu.com/security/CVE-2024-50179 - ceph: remove the incorrect Fw reference check when dirtying pages * CVE-url: https://ubuntu.com/security/CVE-2024-40953 - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() * CVE-url: https://ubuntu.com/security/CVE-2024-50290 - media: cx24116: prevent overflows on SNR calculus * CVE-url: https://ubuntu.com/security/CVE-2024-49877 - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-50008 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() * CVE-url: https://ubuntu.com/security/CVE-2024-49959 - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error * CVE-url: https://ubuntu.com/security/CVE-2024-49963 - mailbox: bcm2835: Fix timeout during suspend mode * CVE-url: https://ubuntu.com/security/CVE-2024-47709 - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). * CVE-url: https://ubuntu.com/security/CVE-2025-21699 - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag * CVE-url: https://ubuntu.com/security/CVE-2025-21689 - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() * CVE-url: https://ubuntu.com/security/CVE-2024-53101 - fs: Fix uninitialized value issue in from_kuid and from_kgid

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 1b8c75c749cd6ad9a4a750919eabfcad30102d60 linux-buildinfo-4.4.0-278-tuxcare.els49-lowlatency_4.4.0-278.312_amd64.deb b80a1dbfe5535e278bc88649e7f7ae4897d416f4 linux-cloud-tools-4.4.0-278-tuxcare.els49_4.4.0-278.312_amd64.deb 07cc4a508af1fb9865c0af7f037c01f95074a93c linux-cloud-tools-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 8416ccbe2eee479e2d3e2cbf8130df245009f04f linux-cloud-tools-4.4.0-278-tuxcare.els49-lowlatency_4.4.0-278.312_amd64.deb f612a3c28991b332b2fad0eadcbd52508ecfc7a4 linux-cloud-tools-common_4.4.0-278.312_all.deb d79cce0c0a53b3ef088254db9b7f965a0cbcdc0b linux-doc_4.4.0-278.312_all.deb 01d1970c372dbf84bbe5e47e5183233c904e9d7d linux-headers-4.4.0-278-tuxcare.els49_4.4.0-278.312_all.deb 050580ea704fa49249652298796c781f3eee5ca7 linux-headers-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 384cd4b6948e08c0bb6a7e8cf54ac14d3b3a0d51 linux-headers-4.4.0-278-tuxcare.els49-lowlatency_4.4.0-278.312_amd64.deb 68d6ec7fb8bca3ae5b205e686291d35374a19257 linux-image-unsigned-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 65406a7885d58bfed43f48ae631b5915c4b98e45 linux-image-unsigned-4.4.0-278-tuxcare.els49-lowlatency_4.4.0-278.312_amd64.deb a9924df4a1ca89c2cc178b18478ed5659d9f4aaf linux-libc-dev_4.4.0-278.312_amd64.deb 8d8bc53e8081018494c9d961f20ec2e9a17d3089 linux-modules-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 764c0c62a51aaa99a0f3158a227e7be2ac4bd624 linux-modules-4.4.0-278-tuxcare.els49-lowlatency_4.4.0-278.312_amd64.deb bf713df713c2b07c424a64ea4ca66a015ab98e6d linux-modules-extra-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 505ea488c34e264a36a61355834343e87cad39de linux-source-4.4.0_4.4.0-278.312_all.deb 3bfb59be4f8dac1073ff85bd397e176b054f79a5 linux-tools-4.4.0-278-tuxcare.els49_4.4.0-278.312_amd64.deb 3a4412d4a52c81b3e889610dd7ab261a577c6412 linux-tools-4.4.0-278-tuxcare.els49-generic_4.4.0-278.312_amd64.deb 2e35d04b8d3a757ffef85ede0467577a5f742b3b linux-tools-4.4.0-278-tuxcare.els49-lowlatency_4.4.0-278.312_amd64.deb 55f19404a58123b7d90513fb6ecd05e5440bd31c linux-tools-common_4.4.0-278.312_all.deb 53c2e779596727682ce47d354162397abba24c59 linux-tools-host_4.4.0-278.312_all.deb 6e8fcacafa328f3e89b9d8b126ef64c7b67b31d1 CLSA-2025:1758010124 TuxCare License Agreement 0 * Bump ABI 4.4.0-278 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-278

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.278.312_amd64.deb fe5d624b9be540f171976fd421f0b2b049f85a52 linux-cloud-tools-lowlatency_4.4.0.278.312_amd64.deb 24e2eb4d12c062ba6350f01a5bd4e029d1ccc653 linux-crashdump_4.4.0.278.312_amd64.deb a52e1056d61db4ef660d1a00052852f8e62b29eb linux-generic_4.4.0.278.312_amd64.deb 6ebd48d1df3efcb92f2c6dbcddd3163f699a29de linux-headers-generic_4.4.0.278.312_amd64.deb 1e0a109e0d605652a63ce5f4fd5413ef965042e0 linux-headers-lowlatency_4.4.0.278.312_amd64.deb 6272d828f89726f4e1f9420c601ea7e7952ebd72 linux-image-generic_4.4.0.278.312_amd64.deb 424bd34b7aa3fbdad764bf253a5ff5ff50c72603 linux-image-lowlatency_4.4.0.278.312_amd64.deb 54d8fe0ad9b6a0f7b1a4e22cbf5cd528dc79d223 linux-lowlatency_4.4.0.278.312_amd64.deb a2055d2da174d80390473db709b4a0d329b2bb95 linux-source_4.4.0.278.312_all.deb 20808a564273efe0e281ea6c4dfe2c3a8b5e3d7a linux-tools-generic_4.4.0.278.312_amd64.deb 67fcc93b01e6869155c69986b9d26b7d00f70130 linux-tools-lowlatency_4.4.0.278.312_amd64.deb b391dc3187e4445ee6b7f635c41ad8642d593a63 CLSA-2025:1758101854 TuxCare License Agreement 0 * SECURITY UPDATE: defect in TarFile module leading to infinite loop and deadlock - debian/patches/CVE-2025-8194.patch: Validate archives to ensure member offsets are non-negative - CVE-2025-8194 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: defect in TarFile module leading to infinite loop and deadlock - debian/patches/CVE-2025-8194.patch: Validate archives to ensure member offsets are non-negative - CVE-2025-8194

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_all.deb aef1baf70ada7d5c393da9ad9d1ad7daea2d340d libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 722fbc2d8a502cd8ff7ce34c0b5fdcc65d86e820 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 95bcded1ea1cb81516abec72f0d86cb535f50f2b libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 94f714cbe2361f6d8b37f8805d8e450f5fec61cb libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 0db7a0ac8e463bcc70dfa1343eb46273b9af62d0 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_all.deb 5ef821abb1cd8d29b4ea9682d9db08f0e9f22753 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 0e2f224372f8f1b3567c41f71afb0b0c4fe3ab54 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 96ba748b8f3bb0d5ba1b1140733eb31d1ef750c6 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_all.deb de3a82c1630c6445620a77e72fc6e965cbcdcdbb python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_all.deb 316f5c31b01d888bf480a4a99e75ecd8ea63a8ac python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb 27217a58a57df864e00de4d5bdb4ffe54eeca789 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els21_amd64.deb b7b96bfa21462ed366feb175ea7e72fb6ea58078 CLSA-2025:1758228143 TuxCare License Agreement 0 * SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630

0 tuxcare-ubuntu16.04-els dmidecode_3.0-2ubuntu0.2+tuxcare.els1_amd64.deb 551d512ad7fdc6c4111a9b89a52e87354da71d16 CLSA-2025:1758228293 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption vulnerability in attribute type flags - debian/patches/CVE-2025-7425.patch: fix heap-use-after-free in xmlFreeID caused by `atype` corruption - CVE-2025-7425 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption vulnerability in attribute type flags - debian/patches/CVE-2025-7425.patch: fix heap-use-after-free in xmlFreeID caused by `atype` corruption - CVE-2025-7425

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12_amd64.deb 3d644bc30868fd5070ecd3b2133fffe60b108825 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12_amd64.deb 3611a4a0c6e332ed0e4843137938b6e9783e164a libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12_all.deb ac85c3e798c0315bcd9c07a6f6dd80161675d54c libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12_amd64.deb 8d57cdcaa37ab851bd1037b8342d7c0a68cff602 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els12_amd64.deb e3c1e9b15b8cbec73751fb8d68a530336b195113 CLSA-2025:1758289815 TuxCare License Agreement 0 * SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix InterpretImageFilename function by adjusting the offset to prevent potential buffer overflow - CVE-2025-53101 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix InterpretImageFilename function by adjusting the offset to prevent potential buffer overflow - CVE-2025-53101

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 8e057e19fae0faaba37f42c710ab9028a2032f24 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb b980bcdb91eb39c83a5b5cf0adf2492f49f76912 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb 641f4278f2c102fd99397c5e89a036c21561a0f2 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb 12d443e0c555cb293ab24ed5d95163d8b4b6cc45 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb cc72def116669ce3065e0212873562152525776b libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 39a1972d8ad72ce16efa4bc495166bf3de6108da libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb 97659a9bae0e945d5982c0f942936e690e9a66a0 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb e7c5308e06e740b52b602459deffb7dfcfb87880 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb d9c56b3b81a88b7e21fbfd32fa09714b96b74969 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb 3bfcf4fe7053c2f1612024d3a77eb04eadb3ef88 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 80928f3075051c6f679b7c5ef785d1540d3324c2 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb 3b5312b8fe8783fcddd47e06fed834929a51f2ef libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 62372fd4be826d23f81b314f075dfa220bdc02fb libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 0f39cf39bd9b8fe0519efa2136b849c9841e25a7 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 7fa7f26c72c526f24de6f0b70bda4f5d88605e88 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb dde929072fabee30794cab1bafac312daf31993e libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb ce202316b6ae1a2a7ee7e988490924fb9c3177c8 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb d1da28ba9cb64f5d2b8653c464b6adf0b1c3300f libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els22_amd64.deb 86c06ca032a83fe4f17a5cc358d0a264491a1272 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb 7cbf02bc6423dbfa3d7a438638849a760196c127 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els22_all.deb bd88a6435a0ff89d9cb6e587f36c3bd85ac157bc CLSA-2025:1758705355 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds read in sftp_handle function - debian/patches/CVE-2025-5318.patch: fix possible buffer overrun issue in sftpserver.c by changing conditional from val > SFTP_HANDLES to val >= SFTP_HANDLES - CVE-2025-5318 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds read in sftp_handle function - debian/patches/CVE-2025-5318.patch: fix possible buffer overrun issue in sftpserver.c by changing conditional from val > SFTP_HANDLES to val >= SFTP_HANDLES - CVE-2025-5318

0 tuxcare-ubuntu16.04-els libssh-4_0.6.3-4.3ubuntu0.6+tuxcare.els2_amd64.deb 09265fb960981a81e39cdaef03521f912426a3e7 libssh-dev_0.6.3-4.3ubuntu0.6+tuxcare.els2_amd64.deb ded71b235fcf31ff311d07744d16e16ec80104ab libssh-doc_0.6.3-4.3ubuntu0.6+tuxcare.els2_all.deb 29622ae57d3c14763382c2ec680f9e5d7459cd09 libssh-gcrypt-4_0.6.3-4.3ubuntu0.6+tuxcare.els2_amd64.deb cbdd1a13e1d78ca22cc0297bb98ae9e57748c396 libssh-gcrypt-dev_0.6.3-4.3ubuntu0.6+tuxcare.els2_amd64.deb 3c12463fa386c70adc4f128b95c14149984b2cc2 CLSA-2025:1758705954 TuxCare License Agreement 0 * SECURITY UPDATE: heap out-of-bounds write in BlobStream (WriteBlob) - debian/patches/CVE-2025-57807.patch: enforce extent ≥ offset + length when forward-seeking before writes in MagickCore/blob.c - CVE-2025-57807 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap out-of-bounds write in BlobStream (WriteBlob) - debian/patches/CVE-2025-57807.patch: enforce extent ≥ offset + length when forward-seeking before writes in MagickCore/blob.c - CVE-2025-57807

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb 31d3059a9e3f3aa6106be77871e3472db3a2f618 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb e212bb711c12fd8bdf218a291d07373df8fa1bd1 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb 65ce54a4bf200501e659732a5d42295f36aed831 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb ebb72ca17fdb76ab431791e989b3dd930cbcbfb8 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb bef5af2f2ff9c4eeec21ed64068add5c96462136 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb 81a3a662b1bffc2132cbaf770ef1d426404e81a0 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb 2a29c8249a890a6e2dbcc06bf67b04c46e3ba8d8 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb c801dd9bb05409dc21e892ebcbd92cc81bddcf39 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb 14b9946e488fbfcb491f42b0b0bee26b1c00ad33 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb a635f9a0023d7cd3e27c2ccca3096cf62ae20de4 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb b6abe34d29a86e4dd3fd75b26b370af845850a06 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb be9f98ce97f186a9988847ee72066b5f9e8b5a9f libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb 28e2e7407ec04ee9a77c62551f193ef08a33866c libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb 5e58c34e4ac5a1d919a1446d6f49fc5f591ad1d9 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb b301df3c87313c6d21d5e45fbfbe67c7e74d2cb1 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb 24e7ed5f623b60d9415b215c8daf06714f9f5ec5 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb 2aaa5a6bf2168f26e4131760713f0b1576f18333 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb a2a7a2e1b704ce16bb8500a0d4c88aa37a25b83e libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els23_amd64.deb 155fa682d6f3e17f62cd4fb85bf253bf284369ff libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb 883b07a6d48ef44a1ff9ff324c2ef381b721415d perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els23_all.deb 73c1d8e61f19437b39254d00e058a735a3c16e54 CLSA-2025:1758824905 TuxCare License Agreement 0 * SECURITY UPDATE: disable kpasswd port to mitigate vulnerabilities - debian/patches/CVE-2022-2031_CVE-2022-32744.patch: add kpasswd port = 0 to disable kpasswd service as a workaround for CVE-2022-32744 and CVE-2022-2031 - kpasswd is not a critical protocol for AD DC in most installations - CVE-2022-32744, CVE-2022-2031 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: disable kpasswd port to mitigate vulnerabilities - debian/patches/CVE-2022-2031_CVE-2022-32744.patch: add kpasswd port = 0 to disable kpasswd service as a workaround for CVE-2022-32744 and CVE-2022-2031 - kpasswd is not a critical protocol for AD DC in most installations - CVE-2022-32744, CVE-2022-2031

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb a4cd3e2f3f843d2a43914d062cf7159aa07750a9 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 3b68f709823e50bf53812fccb40dab74771d5610 libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 18d3b6054b9eba244aee6ec07e852004cde2c165 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 20f8143e534b674dd301c176a579b5c2edcd5ccb libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 23c209a3fbe010c3b87f5dd2d8c4de3fe0bea53a libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb e4bcc71a701e3d92b6c397379d55d3ea22d14333 libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 5d53775269ab67b6d947e3c71eb53c82a2d3c835 libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 6e6f2e987c887ccf54bef75976c77563eddb0d35 python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb cb3152ded9d0b2f9629776d26f46c8037a6e6a23 registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 8119fc29ec6008396a73a24871258df4309ec60e samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 64a6016c3dc8acc165d328703c40cd1057073d40 samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_all.deb ca8bbd22ee877bdf2c897e1653402ae1e7128a9e samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb e0d6baf6462e8e42a31fa7a7f72d8b99b8b4102e samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb f7a221aa8e1e9577f320b16e95ce81f799777462 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 1e62fff2a84de382c1139eb75645e6ec79e3cb2d samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 15e53fc8776c5e43ff876013f5df14f93ebfb621 samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb c66651b685d26d0416e3d4a04b7e9537f2cc041b samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb e15087b549d88e34b2fbdbd70a78700d934f1608 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb 5726a97859c3d60cd5dd970c426386f0fd9c584f winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els7_amd64.deb b0beba89348409e02f52870bcd601f4eb9d9c055 CLSA-2025:1758915545 TuxCare License Agreement 0 * SECURITY UPDATE: double-free when exporting SAN otherName - debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries. - CVE-2025-32988 * SECURITY UPDATE: 1-byte heap write in certtool template parsing - debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused by malformed certificate template input in certtool. - CVE-2025-32990 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: double-free when exporting SAN otherName - debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries. - CVE-2025-32988 * SECURITY UPDATE: 1-byte heap write in certtool template parsing - debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused by malformed certificate template input in certtool. - CVE-2025-32990

0 tuxcare-ubuntu16.04-els gnutls-bin_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb e6f90ed56b21328ac31715a8451789bd1df0f79b gnutls-doc_3.4.10-4ubuntu1.9+tuxcare.els1_all.deb 68d06def009d39e4d61a987b9fefc57c42ced60d guile-gnutls_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb b82a4d3b22fccc6bab267a17d873cd4e42a15abd libgnutls-dev_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb a75a297102e52893c311dbc02eaca27a8a3cfc57 libgnutls-openssl27_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb 727f4f4571d329ef3c6c6786812accdec9835ae8 libgnutls28-dev_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb 7d653320082683269c589f775674e4be1132a4a5 libgnutls30_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb 70b6b569a1281d0cb53a463e6b98010dce1be510 libgnutlsxx28_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb 6df701e2ae32c786d728f970a2263728dc1dbe9b CLSA-2025:1758916535 TuxCare License Agreement 0 * SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2025-58060.patch: block authentication using alternate method in scheduler/auth.c - CVE-2025-58060 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2025-58060.patch: block authentication using alternate method in scheduler/auth.c - CVE-2025-58060

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb c3f4a31f93c1d3d9f080e2afd0e3410bec1a1b9c cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 89b8002e43d71983e824d639a1e5530501243311 cups-client_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb f1f06d249cf68c7e5d879f625c68253d00f65f20 cups-common_2.1.3-4ubuntu0.11+tuxcare.els8_all.deb 91407c9d6cb017f84bbd6142c00b64c38b0d8f5d cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 3815d7bc595ce40cd8403eee95a783af1b8bbfba cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb d4a08ec286f51fa785ac83ae202709e63e262774 cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb af1cc987bbb82e6de5fda13a1ca6ebad3fe5e1e0 cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 57fbd69e28f3cc21ddfa33f4a8e453af7981d1df cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els8_all.deb b7685e79e8e79883afc2ff261f22bd071c7a232e libcups2_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 0faf6357fc642b11bf85ee4f06078123dad194c8 libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 7e1c270720fea5bc466bf040e08dce695c41e6b3 libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb c2c4aecb96447b736a89f01e0ad0586442e0b8de libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb beae31332233ae1dc6d6111f889d1946b82eecde libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb ca85239e71c64656cbb0b1296eb21206de116302 libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb dd841646b7e151a18f1468e19305dd4c84b1bef0 libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 0dedc5eca63ee84765b0d10e5cd1fa6076332ba8 libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb 72a0155b8562937bb19bfaa9aacf4f889dcfd7d7 libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb df6631aff443a8d284c129478c33110f22a13bb9 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els8_amd64.deb d825c4bc2b99d9cf1c6fbcdcb8c218bc4c57be7d CLSA-2025:1759145639 TuxCare License Agreement 0 * SECURITY UPDATE: memory leak when specifying multiple %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory leak when specifying multiple %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb 30f88fbba8cb87aa34c01306b3a849bdb1d62d7b imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb 31037f0abc38931a2e0749cc5cee7f27b533f409 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb a7cca358cf7e5008e681d65515f0db86af71a6eb imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb f2b3c114916a16de7fc49de63c5d059ffa755263 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb 8783baa3d3ea9cb338347dcd91c0f28f8b2e94de libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb 7bce075a13a7c0302c794908c76680e6633cc0f1 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb 52aebab41799cd4fba951b8e12132c5564996052 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb b35af1562e8f9093e78911575f12e8fd0d122315 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb e9e5437571f3b8f112f6b6cea7586fa146532be7 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb 567955fc782067b6e5916d67f419abee651d5590 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb b1821e930eaee16824ba5066913be6117ba9d02f libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb 8d4f4e2d4aa160d1dd0b8d06446abde144cdd3b1 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb 8daa80aae0dbd464933afa1fd6efc0a92863c1a5 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb c08de4b1146eeb1b5ab1fea130d57369c22dadc4 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb d1ad6f4b3c4dfb01744a9e379ee91771da2ec28b libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb cd809ec79637140b76354ba5cad776242f63211b libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb 886d8b018604403b0c5247fdec9dde8479041a06 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb 59300d70bf5f37d8e49587e3354520377863906b libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els24_amd64.deb ce563239918aa8e52293b5c079a4fcda4f63f9f4 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb 110c98f6f315494cf374a1a034fac1fac0c6b65b perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els24_all.deb cfe6e0751e0c31f5cd99735291a2740c185ab9cc CLSA-2025:1759409921 TuxCare License Agreement 0 * SECURITY UPDATE: IPP extension tag parsing vulnerability - debian/patches/CVE-2025-58364.patch: fix handling of extension tag in ipp_read_io() - CVE-2025-58364 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: IPP extension tag parsing vulnerability - debian/patches/CVE-2025-58364.patch: fix handling of extension tag in ipp_read_io() - CVE-2025-58364

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb ca560b34b7bdaaa83726d6f7267a6f6093af71a9 cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb b44eb0320eccb1c8768ca15a16f7f09fcf9b8c51 cups-client_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 888deac11684eca4a705e2bf387be11026d8bba8 cups-common_2.1.3-4ubuntu0.11+tuxcare.els9_all.deb f7d6dc8298f99a73de92c3d37bb939190f564233 cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb ce61deaa9dfa8d0c082883eac31f74bf2d5c8fe1 cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb c7def224276e939e18446b6e2f45d5829e064cf2 cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 778af0b400ec22449c4b6041da863ee4991f3dea cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb c072e411c767766c1f72db17dca692a9c15f6d40 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els9_all.deb de65628c7cbd840fb7e6f85061fba24f45927abe libcups2_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 2511e5b0fcd7522b5a5353af4acd1b7450659ad8 libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb c387a3c69bd67a22d9a50c49b9ff61124d3183b3 libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 3437998e394005a1714921a84d94e11f013722e6 libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 532a0c7b3fe84a82d2fb89c58e0671a32ac557b4 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb b6784e8587c35a7b4c53d3a9c4c1e6e9b8d56817 libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb b74f6b3028113fcb29494eb320da004ec3c21345 libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb b26d24d35731b4e9c1646abc3ca6538b764be38e libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 03746b206c6655a4cfddd0b1cbd892bc8ab96ddf libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb 6207dd4f676713142acf48d70948301e73e7b5c8 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els9_amd64.deb dd51a4e829474fc10ab1878200ab492baa98477e CLSA-2025:1759420123 TuxCare License Agreement 0 * SECURITY UPDATE: geometry string with only ":" triggers crash leading to denial of service - debian/patches/CVE-2025-55212.patch: Fix invalid width and height checks in ThumbnailImage by adding MagickSafeReciprocal method - CVE-2025-55212 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: geometry string with only ":" triggers crash leading to denial of service - debian/patches/CVE-2025-55212.patch: Fix invalid width and height checks in ThumbnailImage by adding MagickSafeReciprocal method - CVE-2025-55212

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 6a8ecfd3ef09ad6ab23c46ad0a64c503c5e90988 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 6a5f3b9062d5a47424f6aa00faae7b4514a32e13 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 771290b0763c8b484a535e8e06fa368b532adbe7 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb e75864dd8970df541c65657d74ff01c23820f3db libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb edb60375e8a396aab1f273214ad5761a4fe896c8 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 05fa73c10b9d58a88db43f48ab23aaa8c999048b libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 8e991bf69011181203a1fc4fe6915f3f70ed336a libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 38b47410264c5eb0a86d81e55c0bc1a4fbe87cdf libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 93be64c4057ee8e1258e44e4f7316fd0459a9f98 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 5526812b20c996879ff2dc6b41622436bccea47d libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 66af01604041a57862d1af9d96893a4fd14e3c30 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 7a404db302aaf9ee7769a39e89e267c5ef10ec76 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 03cd7c1ce8cded34cc0ff987167df123594ecada libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 0af503209392e83a57a46db3dd93584e6f1bc5d3 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 1ccdd9101dd02f71198e9dfb179d26ba899f24bb libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 7b147ba09d056aab9420a7ac32e32576b10bc3d4 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb d68dd53a08702121090a4d4b128e7bcde7c7489c libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb e361bd0240de3b29bb291c2594b1bc56d320e709 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els25_amd64.deb 76b8408a8d2a4593581974f4bcb69e4e33328c6b libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 08094c2f69c533b37471020de7bfab3027b41f37 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els25_all.deb 6cb63a7d5be13396db66e4ac5a35db7c5f4d1181 CLSA-2025:1759864776 TuxCare License Agreement 0 * SECURITY UPDATE: fix privilege escalation in pam_namespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix privilege escalation in pam_namespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020

0 tuxcare-ubuntu16.04-els libpam-cracklib_1.1.8-3.2ubuntu2.3+tuxcare.els3_amd64.deb cb34cc04237aca9199d2eb1ac5cea4977adbe32b libpam-doc_1.1.8-3.2ubuntu2.3+tuxcare.els3_all.deb 821f491ee60d039bf60c1ff1f402702d7d7dbaea libpam-modules_1.1.8-3.2ubuntu2.3+tuxcare.els3_amd64.deb ea97b37d74610c5903331e0417803a16a44d112c libpam-modules-bin_1.1.8-3.2ubuntu2.3+tuxcare.els3_amd64.deb f2f2467e58d782146ffc98c3d38232dbe1b25181 libpam-runtime_1.1.8-3.2ubuntu2.3+tuxcare.els3_all.deb 4704e1ec0d2d5b8b48ef66f359ae1d4dbd71370d libpam0g_1.1.8-3.2ubuntu2.3+tuxcare.els3_amd64.deb 13e793bc07ccbded9cc13a28b5062fec2c4f9008 libpam0g-dev_1.1.8-3.2ubuntu2.3+tuxcare.els3_amd64.deb 9f0e71a09dcd92be8ca7cec2c2dc2a6a955d8ffc CLSA-2025:1760017744 TuxCare License Agreement 0 * SECURITY UPDATE: fix NULL pointer dereference in SOAP with huge QName - debian/patches/CVE-2025-6491.patch: Add safeguard in ext/soap/soap.c to handle invalid XML node names produced by libxml2 with extremely large namespace prefixes - CVE-2025-6491 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix NULL pointer dereference in SOAP with huge QName - debian/patches/CVE-2025-6491.patch: Add safeguard in ext/soap/soap.c to handle invalid XML node names produced by libxml2 with extremely large namespace prefixes - CVE-2025-6491

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 62cd811ed1f529cf29b3669da7f211bee65e3425 libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 8a3162c6162824f178ec1fe7b166dc0c74f8f6b7 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_all.deb 438e0b5193ea1b103c6bdea3b8bf0fb90905d5f8 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb a572f1a34e324d7e9080d84393e8c4d34944e754 php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 5b61c126eb4e88762c79c3f18be0c4c1f907a860 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 74f373d7ef0a9dcd217057f30779f6c784e5e61b php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb d614b693540ade0784a454ade6a651d412e2f623 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 94e0b2556a1c6c1fb8bb37b3b2b0d566c9080ff1 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 2b1d8e99c6d48dd9368bf0d2a221720f95f5f696 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb a0aa1ef7213ce514084230abec05d12d94bc8f7e php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 2766c7919b714e9315248fb4c532037056b6ec4a php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 63e0564543ad6ee7e569ff5dce5ad284139f24a8 php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 985cfb5956aedc9198029c8b470e55e7194b9c20 php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 5fdf8a5e02cf2d955c34a8d3cda995f6daad22b7 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 4aae6fea06aeb201d1497cb9228bdebb236cab61 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb fa67d84053abeea25e2e10798c84ef61ac1d3fee php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb cd821ebc6ee68825955c03b6ebed04c436dea6af php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb c97e8199be41e29c4025b5551858013bc740b8e8 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb c0e608253be0209f73b591a63080976bb746832d php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb e7775cef38683633e9a322a00eb83d817f2f424e php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 45443f28333b3980eb2e4980c3521eac90cf2649 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 32be7c34ec7038fc9d53d99b432d40dd73bab677 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 5bd418f598083472986f8d7300a8f99bc1abe422 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 3ab11038146bd645fca9ace8275714185c4a3620 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 870931edf9fe2e406ae8f4456befbf914760a42a php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb ad3f127cbc50af8f712d02befabf39420ac63024 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 58d41e0e5fd531bf427b57aa6c0a9bd712c1f299 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb a647cdf3c14ce36b18bd3d07cfd968bd216c2735 php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb bc66705e1b5fc11a1f598974b31ec85ba018634c php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 23d6846295b497752b6ca2fd90b1b68937740389 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 65a022c176bcc6ae5655546fff17eb3fd222c502 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 37b611764d9be66a22ffba2cb0a228c790582d91 php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 2296d63239a20eb307530bdf420fedb7fa6231e0 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb c2f5736f2ef467c72277906decd70591117811c9 php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb dd4ff7c4c2b44b460e09155922c90dbee8d25a0c php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 350b9100fe721eef543b5765c41b44b2191559cf php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb 4d7878fabf4bd80cdfbb6c640e1ca89710ce078f php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_all.deb 78e2156f20ae5ccbf777e50a6ff2fc569e745e65 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els17_amd64.deb a256f3414d730c59bf281c8a79b37ea47d946354 CLSA-2025:1760020147 TuxCare License Agreement 0 * SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714-*.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows and resource exhaustion - CVE-2025-9714 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714-*.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows and resource exhaustion - CVE-2025-9714

0 tuxcare-ubuntu16.04-els libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13_amd64.deb 8a89fab163eebb0b1e768136bdb1c9287e7bbe83 libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13_amd64.deb 7d3b949ac4796bfa6be780ee24e5cb1917960249 libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13_all.deb 7087599efde27f5b9c1b53b6cf3163e7c9de544f libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13_amd64.deb b43aaba7e890042897ba81bc434642f1066c0374 python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els13_amd64.deb 8fa20807d93b3ee52a4d9d0914a39015c54e043b CLSA-2025:1760023587 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow in function _bfd_elf_gc_mark_rsec - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the sym_hashes array of the elf bfd cookie structure - CVE-2025-1176 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow in function _bfd_elf_gc_mark_rsec - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the sym_hashes array of the elf bfd cookie structure - CVE-2025-1176

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb fb3d5d200fcbfa0ceb0bda2bc55e696586ed0a98 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 97ccb75370177190821148d555f7836b315784a1 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb d057f83167fbb92622c3b16a712e84f2d60b56b4 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 7d98e347ad56a8a153d9ac383bdd821b56853678 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 5b98531954103dd849b9ed162ce30db3aced345f binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 8f52dd5539aff41fe41f129bb1c049a8e324fb4b binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_all.deb 82e99fe2f6728592c4f7cbdef0769df508cdc6d1 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 9dfb512432e9b0a72169cfaff2a1627b0d90f3ae binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb a0ecd926f5f401095d3822676155bdbe3a91434b binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 39f3bd9d5b0718f45d5147b68237d46272d7f87e binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb da584f9519425fba1d35c7d59f461c581e2efa69 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 799e233c87f6d39e6c4eee5fd17deb707ecb7ff2 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 0fe86588f9e0577956ea54d46d99860757e3b859 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 4d501e577c444872b2f58e0746405cb7ccdf8a36 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 1d70e35ee2cddaabb603774902d2990a525e0806 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 978d1fc11a55430f25544d489ae51bbf7956f67a binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 66ee8fe06b301b532519f425aeb964ef684a61bb binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb aa0f86d7af5cbf3464907c30454be77eca5e11b4 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb ef4447d5b2db8f8491edef02e54e4361ffa00a3b binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 94e1ad7d3877fc1053cbc71e3e3df99d5912edad binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb acdc8d1b6940dcc3acc3fd7dee147be71f6c8f8f binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb bf67a938276ff631a327dd556afde34f0ccbdc83 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_all.deb f5b61c8d43243902f9645de68ae8692a07e66278 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els15_amd64.deb 552ea06ae66fb2bbc5b4b06516eebbfe86e1ab13 CLSA-2025:1760023801 TuxCare License Agreement 0 * SECURITY UPDATE: 32-bit integer overflow in BMP encoder allows attacker- controlled heap corruption - debian/patches/CVE-2025-57803.patch: Fix buffer overflow issue in BMP decoder caused by insufficient memory allocation - CVE-2025-57803 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: 32-bit integer overflow in BMP encoder allows attacker- controlled heap corruption - debian/patches/CVE-2025-57803.patch: Fix buffer overflow issue in BMP decoder caused by insufficient memory allocation - CVE-2025-57803

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb e4fa29db5ec0eaeed937baaae5d1b6c6199298e1 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 8d7af795ae114db17f95faa6c33c26c0a5add3a0 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb cf314eb3119b6010cac78bd13456a7a2e647a277 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 5560915376019a58b86bff1756241e0ab63169d8 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb d9b1fa09cfdade4bec9abdfb5e2e52de2688a00c libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb fb39a3129a4919fe3ca451186f55b5deecef4a65 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 909a0576fb8d4bad855f189a2e484ea0d30cfca4 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb d71c35ada4e2024deff398910affd1f5ff14e0fe libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 670101681e5a84c9fb5d9eea3a4e7bc3595458ae libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 34a68f944dd94c5412d834212a33fbd1178fda81 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 8028c079819b2e07026f7deba3635aa1bc75f2c2 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 01b053ee5e9312501746e825e9bf37461e32c986 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 663e444fb431c0ba046782fa52fb2f5ceac9ac4a libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 8206b36ec5414bc97ac43187b1aacd603f8d4720 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 5549745cef4e91a55e17ec44416f1f5f8ed2b245 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 7c8954985a04701a64c4c02140ec895e19cdcc95 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb d6564970a5be292ca22838b8ee518f6e8fca72ec libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb fb03fa9e9da5de6a47960b4c7d9ddaf54b060fb2 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els28_amd64.deb 1715e58f51c05a69970cf94ce9abb6db8d62a16c libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 3c959190437f9bb8d27773e8844d2b6584935f8e perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els28_all.deb 3ac1b711e1c765d2b5614af1958f9f23826dd145 CLSA-2025:1760370936 TuxCare License Agreement 0 * SECURITY UPDATE: improper handling of association groups can lead to use- after-free vulnerability - debian/patches/CVE-2021-3738.patch: Fix routines for preparing service before handling CVE-2021-3738 - debian/patches/CVE-2021-3738-1.patch: Fix DsBindAssocGroupAdmin to use admin credentials for DsBind - CVE-2021-3738 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper handling of association groups can lead to use- after-free vulnerability - debian/patches/CVE-2021-3738.patch: Fix routines for preparing service before handling CVE-2021-3738 - debian/patches/CVE-2021-3738-1.patch: Fix DsBindAssocGroupAdmin to use admin credentials for DsBind - CVE-2021-3738

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 6f71b9e69ca5ee9f122deda253ae8678ea6abdb8 libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb e2b5baaae1e6565dfffe89fa04775572c5665941 libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 0f8253552314725401f053c2dd5ab3b4509b6b81 libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 62fb6bb50e5ecaec5835170bb3c1e9a62497e0cd libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb dc8c1f679478b344b7dae598e3f9bc174845afe8 libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 7f41b16c3f4455794ca8734b56e848b416f22a08 libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 67d5510f1e8985c932a66e74430da16edf9cad8d libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb bb52cff41b83af511759cd626978fee41650a535 python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 01b8628e54f32e56450eb60e92893be5abd2201d registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 1fdbe81b7c0f61313b0bc96ed4d4a7e4fa1b0d0a samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 3ab0ddbbffe0c96f489f1be4e44744e1e670113c samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_all.deb a4f60fef7bf41270a3f21c51a6f5e498a893f912 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb b256e622418936eae89e0823bc5f1b69b883296d samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb f419dd1364c584610a051ca73ba99ad946c0c6c0 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 43e08e2b764421382645bd7709bdb73f57ae90bf samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 6378cdce02fd539dc8ec3151411f9dc4036dedf5 samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 71b088a5b2c66eda950d97cd3ba6d99c4de8c923 samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 6f11c42548e3ed35f54191d9447bef789ee33485 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb b55282ed6b46d5df619b3e0283004a1d34f0a93a winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els8_amd64.deb 86295c19e8ecc3bf0a3162eecf49f7908dd345f3 CLSA-2025:1760983231 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47149 - net: fujitsu: fix potential null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47319 - virtio-blk: Fix memory leak among suspend/resume procedure * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48737 - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47633 - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47475 - comedi: vmk80xx: fix transfer-buffer overflows - comedi: vmk80xx: fix bulk-buffer overflow - comedi: vmk80xx: fix bulk and interrupt message timeouts * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-47497 - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49407 - dlm: fix plock invalid read * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-21704 - cdc-acm: reassemble fragmented notifications * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_drr: make drr_qlen_notify() idempotent - sch_htb: make htb_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_qfq: make qfq_qlen_notify() idempotent Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47149 - net: fujitsu: fix potential null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47319 - virtio-blk: Fix memory leak among suspend/resume procedure * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48737 - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47633 - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47475 - comedi: vmk80xx: fix transfer-buffer overflows - comedi: vmk80xx: fix bulk-buffer overflow - comedi: vmk80xx: fix bulk and interrupt message timeouts * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-47497 - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49407 - dlm: fix plock invalid read * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-21704 - cdc-acm: reassemble fragmented notifications * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_drr: make drr_qlen_notify() idempotent - sch_htb: make htb_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_qfq: make qfq_qlen_notify() idempotent

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb e5ff42fd08ed64596ca3992b52ce8d06c3852a11 linux-buildinfo-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb 6b411013f9d962906430b9ea0490ad7373701e92 linux-cloud-tools-4.4.0-279-tuxcare.els50_4.4.0-279.313_amd64.deb cfbc40b58129e2e895ae82ce2ef8eff785aacdf2 linux-cloud-tools-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb 2b2856fc6e3c963a23b0e5e0f17f2255f0f885a1 linux-cloud-tools-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb ace067095900f6fddb4d9e59a74bba88fd545126 linux-cloud-tools-common_4.4.0-279.313_all.deb d1285118653fd61a35d56aa4105be76aeb7e16ac linux-cloud-tools-generic_4.4.0.279.313_amd64.deb 63fbeed75619b2a3bc92b7f8b4beb78121277d26 linux-cloud-tools-lowlatency_4.4.0.279.313_amd64.deb bc8405f8babf00d5c6efcd1363680c290a40d106 linux-crashdump_4.4.0.279.313_amd64.deb 86b36d150b2bf58bb8af9912e885b7d4f19bd8b7 linux-doc_4.4.0-279.313_all.deb 1532a29d84359f09221bf98efb5382a6dafc0b14 linux-generic_4.4.0.279.313_amd64.deb 425ad7a1fa3ab09e9f9d1b883ecb21c4b4b13c88 linux-headers-4.4.0-279-tuxcare.els50_4.4.0-279.313_all.deb 71644ec738e537b029edc0f2e208a656c97a22c7 linux-headers-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb 4018d57941ccf5337f5116b30f99ea2ae0a824a7 linux-headers-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb a136b786ce7643d3c636070b4fd350c5594d06a3 linux-headers-generic_4.4.0.279.313_amd64.deb 4c38ee599a51990ba252ffe296da011d4158524f linux-headers-lowlatency_4.4.0.279.313_amd64.deb 01bff5971cc19efff61bc2056a9854c2953f5aa6 linux-image-generic_4.4.0.279.313_amd64.deb cfc7e3aecb33e2c0ee35f8b18936223903b7689e linux-image-lowlatency_4.4.0.279.313_amd64.deb ceaf9238c9ef1680f4c7d89cc31ac74525954099 linux-image-unsigned-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb 5e4c4ec72331bee155f36d85c1d0c11869ca6fd3 linux-image-unsigned-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb 683670e1f6ad0fefa35935002704018143878ce1 linux-libc-dev_4.4.0-279.313_amd64.deb 50dce930c59863df5eedbd1dd7443d054aed2982 linux-lowlatency_4.4.0.279.313_amd64.deb a974c293eac1afadded50233af99060d1ecdc663 linux-modules-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb eb220628a98c84e7935a00200066547492bac107 linux-modules-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb ee2b3402f41d04e778b9f74891e68398ec88e72c linux-modules-extra-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb 8878ab0c64808324d5549783f8aaf659ee2030f3 linux-source_4.4.0.279.313_all.deb 0e9f42e4151453302c69748da08cf0e4bd3276ae linux-source-4.4.0_4.4.0-279.313_all.deb 2f7ecbc107282a88d38fcafa3547ad449b15399a linux-tools-4.4.0-279-tuxcare.els50_4.4.0-279.313_amd64.deb f0daaf48f8ecbbd882bccf2c10c94f6caa895492 linux-tools-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb 606448fad687a009467d08ca560c4629ac4ab787 linux-tools-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb 51c345a5725897095e003db141d13e64781ab611 linux-tools-common_4.4.0-279.313_all.deb 00ea72caf6f5b0b5362c46dd373d6cd0898fa79d linux-tools-generic_4.4.0.279.313_amd64.deb b8e1a6ea7ad5066bc4cc6a73f261f1b9354da40f linux-tools-host_4.4.0-279.313_all.deb 3dceabf40af3d702fb3e51d456c1bbd2cf9e0ab0 linux-tools-lowlatency_4.4.0.279.313_amd64.deb f119028a1b2882c7942bdd6403764fb4e5f98e21 CLSA-2025:1761140674 TuxCare License Agreement 0 * Bump ABI 4.4.0-279 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.4.0-279

0 tuxcare-ubuntu16.04-els linux-cloud-tools-generic_4.4.0.279.313_amd64.deb 63fbeed75619b2a3bc92b7f8b4beb78121277d26 linux-cloud-tools-lowlatency_4.4.0.279.313_amd64.deb bc8405f8babf00d5c6efcd1363680c290a40d106 linux-crashdump_4.4.0.279.313_amd64.deb 86b36d150b2bf58bb8af9912e885b7d4f19bd8b7 linux-generic_4.4.0.279.313_amd64.deb 425ad7a1fa3ab09e9f9d1b883ecb21c4b4b13c88 linux-headers-generic_4.4.0.279.313_amd64.deb 4c38ee599a51990ba252ffe296da011d4158524f linux-headers-lowlatency_4.4.0.279.313_amd64.deb 01bff5971cc19efff61bc2056a9854c2953f5aa6 linux-image-generic_4.4.0.279.313_amd64.deb cfc7e3aecb33e2c0ee35f8b18936223903b7689e linux-image-lowlatency_4.4.0.279.313_amd64.deb ceaf9238c9ef1680f4c7d89cc31ac74525954099 linux-lowlatency_4.4.0.279.313_amd64.deb a974c293eac1afadded50233af99060d1ecdc663 linux-source_4.4.0.279.313_all.deb 0e9f42e4151453302c69748da08cf0e4bd3276ae linux-tools-generic_4.4.0.279.313_amd64.deb b8e1a6ea7ad5066bc4cc6a73f261f1b9354da40f linux-tools-lowlatency_4.4.0.279.313_amd64.deb f119028a1b2882c7942bdd6403764fb4e5f98e21 CLSA-2025:1761143521 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption in bfd_set_format function - debian/patches/CVE-2025-1153.patch: Fix heap/memory corruption in bfd_set_format of format.c - CVE-2025-1153 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption in bfd_set_format function - debian/patches/CVE-2025-1153.patch: Fix heap/memory corruption in bfd_set_format of format.c - CVE-2025-1153

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 93f04e155dbcc2906e64d041e3551ed108b9eb50 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 7802c5f2dce3e258ccb273328e3392a9c3839f0a binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 70af16acf357a92740399f684e3da4ce98a42853 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb f20f5f49ac19159e2c28e7984d69521c4ab742da binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 228b88946aa74169fcedae847351e3d720359a69 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb c923beeb5d6a6a47bf82d451512c5a975abeffe6 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_all.deb 8d78672cd51ac269b2a8f6e33b52d1fa35b2deee binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb b60810db7bcb1468feb64b792bec75ec22a22b8d binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 63cc51a3736f7ea56de1f261b6ceeab3eb36724e binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 718e676cb263ada55681354081bde2656faa9287 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 6991a26532e062a9fd7d3c29bbdf51164539ebdc binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 5ed957be95828844ffc147415b71b5b35bb0e0e2 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 79e479ba9c3f71319acfca438d732287ecfb10ce binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb bf1d8cd44a360f8b9c2c9af03a47ea8e4409e85a binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 779b8e2c27011ceaa856a3b9e28cd2e793372587 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb e51b67bc41a603711eb530fa156f3663f8e0b5d6 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 3b856e5ba2875d409d2477634afdceccb7e28a0b binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb b60061541ef6b84cf116e2e1bec76cc5f06f651a binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb e81c3f656ef009162f50aef7725615d1d6492eeb binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 508e5e5c59011210863124be2d9e670545ab5878 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 69bab24b357fb9351a5f91543a15f38b3235ac47 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 9131aed2ca34cfec5a044fd69d40bb38ce9b7939 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_all.deb cb2457febb01b7f97fa25be34057318307d2ba06 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els16_amd64.deb 7e23cc3e200ba9fe782b6bea3bcc8f87a50141e1 CLSA-2025:1761320397 TuxCare License Agreement 0 * SECURITY UPDATE: fix backport compatibility issue in CVE-2025-1735 patch - debian/patches/CVE-2025-1735.patch: fix incompatible function call zend_string_efree replaced with zend_string_free for PHP 7.0.33 compatibility in ext/pgsql/pgsql.c - CVE-2025-1735 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix backport compatibility issue in CVE-2025-1735 patch - debian/patches/CVE-2025-1735.patch: fix incompatible function call zend_string_efree replaced with zend_string_free for PHP 7.0.33 compatibility in ext/pgsql/pgsql.c - CVE-2025-1735

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 97cf0050a64ed954d98dfeeae743b055cbd46cbf libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 08fdca5fd9f1da5dbff1d2293be8b8f0bcdd1409 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_all.deb 1adb5d066c899f3a4c41de83f664e589cb997025 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb d9558551f860fddb3eb7988963a60c91207de2ef php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 8a28f3decdc7ef4d4c8eddb24da144ed12b2bdef php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 4b061eed471d2e568b63c8b750a328a6e1f721ac php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 4b8731580cb20e55fd45fa60a125396a97e888a1 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 2a3c1efb58fe304a70f5c9d8c9ca5e06bf87fc93 php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 609949f0f0af8cd1155cc1fb4767a127c9087a91 php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb c27f3e658e7305091092695e5dc517eec41a12b4 php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 462869fc2c46ca44ebe348b505172796277cd278 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb bb49a7a09454b6985ffd3234629ce923c7f6590a php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 46749bc26c621c2cc86412bb46317180aa9e0b4d php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 4e4dab713ef4b065d22eebfea2b675d48efd6a30 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb e048d837c09e1cc5dbf2d6678cd83dbcf25e2b1f php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb cdea176f6b472356cdaa84d6c6c9106de07df7ca php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb ac3a1d968ce98d6e2e39b56b3cee47533f13a3b5 php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 527c79730c4086767e147707147b6bef585adb30 php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 0d038a3982e5b5ca9d3710e0502878204dda40d3 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 64e53171f653560ec0b8c6721882e7141e7f4d90 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 9e63a4873b8e8f36354486486a6c15b28d75a44a php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 518aa6a27f8a28cf3e1ed7b0f567301a48026641 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 70201c1e37f8240bd8de42eefa40c71fd85861fa php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 7e9bc69b04fac60f60add3986d0ac5487da872dc php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 5f14b1d09c148467d310348f475f2c3898196e27 php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 7faad74abc657b7c10a28992d0c67dd3ef58e9b7 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb c0dadf10df5e6cc5a196e4c1797f054bcd84632d php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 2d5e9b9187a5b914c7de338bda72009fac7066ca php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb c298aa801f520a1945bebd73ce8b11a6c7b9af99 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 20806752194ee33915597b463c833046ec7da720 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 90532df23c35c9f43d309ba866cc8baabf65e9ee php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 769c565e273389be7c616815a97804adf94cab9d php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 46e99f53a3535afed6eb6a651443141deab782b8 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 1b376c2e6baed5879e36a90e8d4b7a4152a8a2bc php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb c895a0ea6768407006aef24539a10f9bca56f0e1 php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 7db2ffda1bd6646b26974763626ee38b7caa9d4d php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb 0cbd8eae9b7d5820458933b3a3e15aad0550d730 php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_all.deb 98cf64bbe6fecb0585c0a8d8945d8e204ea98689 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els18_amd64.deb ed0f1ebfaf8723a31181d2833cb287eb50c9dcd8 CLSA-2025:1762455549 TuxCare License Agreement 0 * SECURITY UPDATE: segmentation fault in silent Ex mode due to scrolling function vulnerability - debian/patches/CVE-2025-24014.patch: Fix segfault in win_line() by checking that ScreenLines is not NULL in gui_do_scroll() - CVE-2025-24014 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: segmentation fault in silent Ex mode due to scrolling function vulnerability - debian/patches/CVE-2025-24014.patch: Fix segfault in win_line() by checking that ScreenLines is not NULL in gui_do_scroll() - CVE-2025-24014

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 9d0857423da789b397f94320d6cffba7ed2a939b vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb b7b052314b2c350d3323f5078a32f68c0218616c vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 747ec2f5d9efaf3beac3eb25aece6c7135ea57e3 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 89b12fe329bdf0b089a5d063b391c73a54488c45 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els55_all.deb 0686445db2c6b6e8d062996b82a3ea74429f3d47 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 9d789e4501680dfda04e30472c291437bdf65a56 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb deb45a206296b91483470d6235c67382bdad594f vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 0157b0b04958398b2b966e182e3efa57269cac46 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 30d83b516fadcf46332ce7d731d730b595850e7f vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb ef71b80fbf4dba3096c454645dbc9bc214a91241 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb fb9db1fed69bcdad02e1803a8986bc619f09b469 vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els55_all.deb 956012bfedfeb9e8095daa80244a52bbda43fe68 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb e3722dcce278e129ac11e1f11699ef29cb0dc096 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb 9ac5b0992d4a99332fcb22022782534a755f11cb vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els55_all.deb 11f7636ca5fb69458c6925c115ec2cc380b3f517 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els55_amd64.deb fe7416caa9783e1a439a32faea938848b34b26f0 CLSA-2025:1763413374 TuxCare License Agreement 0 * SECURITY UPDATE: information disclosure in error handling - debian/patches/CVE-2025-62168.patch: Fix bug where proxy auth data was visible to scripts by redacting credentials from error page code expansion output and email links - CVE-2025-62168 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: information disclosure in error handling - debian/patches/CVE-2025-62168.patch: Fix bug where proxy auth data was visible to scripts by redacting credentials from error page code expansion output and email links - CVE-2025-62168

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els12_amd64.deb f55896126b76a36e5add86481723ef199c133da7 squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els12_amd64.deb 0e4ee507112710d688e24fe6e2e3eb9780616db3 squid-common_3.5.12-1ubuntu7.17+tuxcare.els12_all.deb 0ea9f2e5586f499d9d2936953d787f1be14a383a squid-purge_3.5.12-1ubuntu7.17+tuxcare.els12_amd64.deb 575eecdc23b9dfa273c9c872db401a1c316fefa0 squid3_3.5.12-1ubuntu7.17+tuxcare.els12_all.deb 8fb5da71a1e8e00e6855956cbdded65f492cd620 squidclient_3.5.12-1ubuntu7.17+tuxcare.els12_amd64.deb 4bb24fbe4f719b559ab164577d4cc1378a8753d6 CLSA-2025:1763991095 TuxCare License Agreement 0 * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2023-52804 - fs: jfs: fix shift-out-of-bounds in dbAllocAG * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47153 - i2c: i801: Don't generate an interrupt on bus reset * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48757 - net: fix information leakage in /proc/net/ptype * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48760 - USB: core: Fix hang in usb_kill_urb by adding memory barriers * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47383 - tty: Fix out-of-bound vmalloc access in imageblit * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49145 - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997) // CVE- url: https://ubuntu.com/security/CVE-2021-47458 - ocfs2: mount fails with buffer overflow in strlen * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47477 - comedi: dt9812: fix DMA buffers on stack * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47642 - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47565 - scsi: mpt3sas: Fix kernel panic during drive powercycle test * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47566 - proc/vmcore: fix clearing user buffer by properly using clear_user() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - net: ppp: Add bound checking for skb data on ppp_sync_txmung - wifi: at76c50x: fix use after free access in at76_disconnect Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2023-52804 - fs: jfs: fix shift-out-of-bounds in dbAllocAG * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47153 - i2c: i801: Don't generate an interrupt on bus reset * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48757 - net: fix information leakage in /proc/net/ptype * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48760 - USB: core: Fix hang in usb_kill_urb by adding memory barriers * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47383 - tty: Fix out-of-bound vmalloc access in imageblit * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49145 - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997) // CVE- url: https://ubuntu.com/security/CVE-2021-47458 - ocfs2: mount fails with buffer overflow in strlen * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47477 - comedi: dt9812: fix DMA buffers on stack * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47642 - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47565 - scsi: mpt3sas: Fix kernel panic during drive powercycle test * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47566 - proc/vmcore: fix clearing user buffer by properly using clear_user() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - net: ppp: Add bound checking for skb data on ppp_sync_txmung - wifi: at76c50x: fix use after free access in at76_disconnect

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb cbff734c0a62fec09d8cfe0fc9a59ddb1a86b0ef linux-buildinfo-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb 43e595e88946f50ee6165046ecdd49401d8e137b linux-cloud-tools-4.4.0-280-tuxcare.els51_4.4.0-280.314_amd64.deb 90eeeb84fcdda11c9199d5fd5c1d91725b7ecc45 linux-cloud-tools-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb 9ec4b9ce9a17be13d54813bae537e94ecfa10757 linux-cloud-tools-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb 453f1c2ee003fd6490c45c795fe84fb6d0ff52f2 linux-cloud-tools-common_4.4.0-280.314_all.deb 220a49c124c67da13db24657e792b9eba6a1b114 linux-doc_4.4.0-280.314_all.deb f3ae828861561c50e90a8f04f21cc84fa0ac8c21 linux-headers-4.4.0-280-tuxcare.els51_4.4.0-280.314_all.deb 38ec9758eb484d8fc28a9ac9ee8dad7f1eef86c6 linux-headers-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb f26b1151361b42e48632f143bad42157461f1d0f linux-headers-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb c8442a2571b8d1799fefe4cda53bbe74218788f0 linux-image-unsigned-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb abcc9bbaa622d7c6d4496b5502f1ad76ccd20e7f linux-image-unsigned-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb 3e9373e358ff368df5c49506c66dc84c6788ec54 linux-libc-dev_4.4.0-280.314_amd64.deb d5d13e63c4bc2db89db41b27de21ddfb96faa8ed linux-modules-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb a3c5e7c69dfc66c504ce0556af40f5498305da25 linux-modules-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb d5187aa9719e00302155867713c136d33a46854f linux-modules-extra-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb 2a41080256fceb1c1dee143efa42bec72dd2a42d linux-source-4.4.0_4.4.0-280.314_all.deb 222d3d13c4f5ea0f4c2bb0a6cd0a78b8fbf73a38 linux-tools-4.4.0-280-tuxcare.els51_4.4.0-280.314_amd64.deb cc0e352619d34ccccbdc88c77fdce7c79ab35a9d linux-tools-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb 3a613300566e8ceb407513cb30aae900a67baecb linux-tools-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb 64ea38e55ce81dec6e0e6cea6ccefeab91c442af linux-tools-common_4.4.0-280.314_all.deb 0a457b80da4f16db59dafaa08aece9fbecf28976 linux-tools-host_4.4.0-280.314_all.deb 00338dc40070a7f28a57b1248fe64893d0e5d5f8 CLSA-2025:1764324335 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to fix issue on 32-bit systems - CVE-2025-62171 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to fix issue on 32-bit systems - CVE-2025-62171

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb d81ffa9ccc602c6ad4877b96c50ca64e77a1dc86 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 1f2912e57997f1d354c966d61f820bf3711230e3 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 6423cfe94f545a40d83557e24d6db0ea896c2e5e imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 9a9f993d950f5701503cd1e5736429f6539bf355 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 287f441f898990edd6a213d725d9aa82340e5ca1 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb b284ca54668c481f4d1c9fecc13504c047b792f1 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 1e6ba22b2714cb94567179f2440d87e664f57656 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 6692278dfda2c23ace8f55c5c0723fac67e1fb4d libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 52eb516a4c10ae7abc29c919c53d15f24d313106 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb a0b1528e81e7898fd0e2f404a5afd24edb683281 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 09a7ad2573e08142e2bc9613a97841de03a8eef5 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 837cc78c7ba8c20e362fb764f417905ba87e6b4d libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 0889b66c2e73436b67ac6f25be2ecb32220f005b libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 859b999206c652d816182cb19da4b2c5243141d2 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb a4765906031ec37baf6637ec6dac5fa461192be5 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb eadace39275a3bf79b865557ec699ea548697c76 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 11ef5a0c2eb6a7d7940d4c90114ca24e12e9ab6b libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb 32884bc2672c94565a7d2e29c7c7146b07dc0f4c libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els29_amd64.deb b4d141ec325af3d1122801df15eb1abf5901037c libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 81bbfe9c5f8097b38e8810684138440110c3573c perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els29_all.deb 18be07d3333a6b982b94f3d0cf3b05ce73b7e41d CLSA-2025:1764324770 TuxCare License Agreement 0 * SECURITY UPDATE: insecure regex patterns for interpreter detection - debian/patches/CVE-2022-30688.patch: prevent local privilege escalation by anchoring interpreter regex patterns - CVE-2022-30688 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insecure regex patterns for interpreter detection - debian/patches/CVE-2022-30688.patch: prevent local privilege escalation by anchoring interpreter regex patterns - CVE-2022-30688

0 tuxcare-ubuntu16.04-els needrestart_2.6-1+tuxcare.els2_all.deb f5c9b5ed0c58f078198be0be075d1e371090859f CLSA-2025:1765289777 TuxCare License Agreement 0 * SECURITY UPDATE: remove abort call in debug format printing code - debian/patches/CVE-2025-11839.patch: remove call to abort in the debug format printing code, allowing display of fuzzed input files to complete without triggering an abort - CVE-2025-11839 * SECURITY UPDATE: fix SEGV in vfinfo - debian/patches/CVE-2025-11840.patch: prevent segmentation fault by checking for NULL name in reloc howto structure in coff_slurp_reloc_table - CVE-2025-11840 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: remove abort call in debug format printing code - debian/patches/CVE-2025-11839.patch: remove call to abort in the debug format printing code, allowing display of fuzzed input files to complete without triggering an abort - CVE-2025-11839 * SECURITY UPDATE: fix SEGV in vfinfo - debian/patches/CVE-2025-11840.patch: prevent segmentation fault by checking for NULL name in reloc howto structure in coff_slurp_reloc_table - CVE-2025-11840

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 89916560a8ffb57061d5f3c5807efd4b224810cd binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 13ff00faa3849628b90e88b60306d54fd9dac58e binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb bda094a922f51abe42ff27e7080294c7f5a86058 binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb ae7b51efd32cfe243f4c27494623d6790b73a0d6 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 5e2a5cb9d59e9afd6dc848e48aac4a5515aa6ae2 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb e916532a9268d1c4c91dca8446beac4447459d3c binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_all.deb 68f079536cf0625515ca5c03dc31ae3ed5853915 binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 6e7c686e3e87344a2c1e608248cbd74b44f99da6 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 36ecadd12e67eb8e9ed534901271f2ca4b96960c binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb c3c3d101bf8f6409d75eb882d8771ab66ee27b31 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb f41024d16fff3daa1e3f1385eab513575653cb3b binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 55f5de3c63b1e997549172e9429bdcb67c4b0177 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb b19fb6226a0bd84635cbc2fd1ebc2f8c50a18181 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 100578fb2f3fda6de7730ccdb53e1d898c909da5 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb e719b39017786d31426a8fc9cda671019c58a577 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb f86decc0b0f672fab704ae87ebcaad41673233a1 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 758d4bcc59d4a34d10ddc57a0129f1a7de0fff4e binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb e36f245bf0d6393d9dc49341820f6d0fc767d4a8 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 5e29adb36faf3b2a2cd08cd068ca7d2bb80b7785 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb d1ede6161308e89f43bbab5be3bdfc92ec38ff15 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb ff912722e7870a15980ec5f5ddd33689ecdd1b23 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 17559aea32df3ba1bf451f0fc81f4f15a12d8aa8 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_all.deb 498005e222c620d3aae12a59d07601a56d5723a9 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els17_amd64.deb 47d274e1e996d35e856774548b7eda6109f549d6 CLSA-2025:1765386044 TuxCare License Agreement 0 * OpenJDK 8u472 release - CVE-2025-53057: fix unauthorized remote data-modification - CVE-2025-53066: fix unauthorized remote data access - CVE-2025-61748: fix limited remote unauthorized data modification - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-October/thread.html Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u472 release - CVE-2025-53057: fix unauthorized remote data-modification - CVE-2025-53066: fix unauthorized remote data access - CVE-2025-61748: fix limited remote unauthorized data modification - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-October/thread.html

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 0107da20afeb3f74420a75455524eda5bd27d865 openjdk-8-doc_8u472-ga-0ubuntu1~16.04+tuxcare.els1_all.deb aa4928667c8c046f9bbb0cdd0ba0cd463ec79115 openjdk-8-jdk_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 4c2ec568c8d29e1fd2d9443181bf4f7c38dfcfb7 openjdk-8-jdk-headless_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 4a3e8c2dc742087a07b28abb2b9ad148bc000569 openjdk-8-jre_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 43e4b3ea11430844e534f1802e1aab9a7bfb3742 openjdk-8-jre-headless_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 33947d22dbc35ed7274034f99d31d9cac6d0c4d7 openjdk-8-jre-jamvm_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb be5745c0fa4223e883137d1f9238bc7a9ab8439b openjdk-8-jre-zero_8u472-ga-0ubuntu1~16.04+tuxcare.els1_amd64.deb 8c71fb7e6a25ed9cde1ec0dc53671fefe319d298 openjdk-8-source_8u472-ga-0ubuntu1~16.04+tuxcare.els1_all.deb ccbf3d499579d6b57b043fef053450286b6da333 CLSA-2025:1765802003 TuxCare License Agreement 0 * SECURITY UPDATE: debug_information memory leak in process_debug_info - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking alloc_num_debug_info_entries instead of num_debug_info_entries to determine whether debug_information has been allocated - CVE-2025-8225 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: debug_information memory leak in process_debug_info - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking alloc_num_debug_info_entries instead of num_debug_info_entries to determine whether debug_information has been allocated - CVE-2025-8225

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb b157415a0d3063210446efb3a94e076b07dd8b26 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 770fee0ad08def235b7c0cb0a5bb465aedce6d73 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 7d69b0b7bfaf257aaa5fb7f49b81afd6d6065d9b binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 169cdee2b15f8c7b06a53be21c5c7db208b15125 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 6653c24f5c38e669b9e52ca6363daada165c7e1d binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb c5199a4e568848a403b9c1b09d8ebab2d7e0f458 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_all.deb f2e23fb0afed7a438e8cb9bddefcb7ce1075994e binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 7e67856a79464fc241872f00fbaf125455290848 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb c9945bbbc0ccb9f89babe6989764244242a71cf4 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 49630937498eb39ed3c090675a052506a6842827 binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb e6c206af74b5e8ac419bfc34f65786e2db59472c binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 8b7d93b32935a195907512d3d28793f8a612a9ec binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 0a961309ea0c6bc384c0551c06b21f0b65679cce binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb fa979c9f161e46a6b55232e050ec6f70bacede3a binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb cc9120bd1d49dc88e273df60070869a2bb716abe binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb a583df8bc4080c40c43c4175e952bff29259192a binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb f060977af14e6eb27e4662219b7d31d12c5c5e6c binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb acede134cbe1e1789edc48d5f136a5f470cd8b5b binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 1e95143fe3d5f374b437e4e4829c0320d04aff05 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb 4d44d3f0790322f38d5b9c9c2eb3d288ae14c551 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb ab83a7b91aa6998aa4bd8f6a713ad6b916103d2f binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb aad6cbb1ed7be4474478813852838181775f81e7 binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_all.deb 72e8690e4a7afa2a8c7e8983d62c8d42d09f5be7 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els18_amd64.deb a8fe391769909940b380e0c0390bff5250d8e033 CLSA-2025:1766599555 TuxCare License Agreement 0 * SECURITY UPDATE: Heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HT_MAX_SIZE before allocation. - CVE-2025-14178 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HT_MAX_SIZE before allocation. - CVE-2025-14178

0 tuxcare-ubuntu16.04-els libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb bcf6249a262805fec4a6ee490386effc5bb07bfe libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 1d6984765b663c576c543297625bcd7e2c913800 php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_all.deb cd6954a448d94b9e48a39dffc8c63a4bd41bf1a5 php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb f267951f9476bd03c64d35a67aed634619c646cb php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 880a6831a43b8130895d0cb95e45b612f2d244a6 php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 22f659af6bebc90719c5b8e7cc0a46394fd1109f php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 5e1a73c8f5cac5169875aea86b24bf3f119f5b27 php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb ef575889db979fb37017299e4dba21cc69e8140c php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb c05c348ac19aa171ed20218d7cc2409e5d165ddb php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 5f251d7f01bc2d42447f9947fd7babcc6192c8df php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 447dbe579fcc4175503a4c05e110b64141cb2531 php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 5e140aa3da9db5b7b202eb07b8b9f0b6c14131ec php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb ceac631d183ca8d409a74414c8221b3c2515f36c php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb dc327c17ac05f153313183188c490425d11bd269 php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 8358afdd11328cf0d4bd2b0e38edd4564d3ae938 php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb f1fb3aa3df38a8f51b539ec6592df1e3c31f70b1 php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 7aef0623e385eed22a8fb6552403804ade48a9a2 php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 68ec9d18a2aa464d29246c49e8ca3ec3f407bbcd php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb a79003ee1540a9592a760c2b7dd7de91ae67f400 php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb e6c5f7c82bda7ae5ac65cb5b54d0eccaa0f005e0 php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 5544151154cb3a9f5dd6d97b83ff02ebced9e402 php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb b7c48d9a45b76c4c24685cb1d77161186136b3e7 php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 214f3f1edc15a28a7b120b7eccde587c69e25d44 php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 75041e9ae3eddaaf4121ce0ccc41f90aab7ce0b2 php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 4e620cbbf2c2b45f2bf00a8ffcd8ea120b8d005d php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 5e9a119be96b1992afab4f614eab59599f7c2458 php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 31383b4eced993205908d6df660c7c7420fd3f80 php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb cd4d846aad8643166c17a83833abc1a38e0694aa php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 7c142dbb0dd6cb58ef4cb2f39edf698a424fb9c8 php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 836bc82f99202427dbba4793ed04b52caa389246 php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb d5ab596a34b16179e7db829d0c2d080ac1921567 php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb fd9ac7a2bf6114679b4e8df5b98a52e6ff8d7d5b php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 0b6c723ab18808a69955afb565dcf3950c74bdb9 php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb dc1b076b7a557402372549459b59b444afbd4bed php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 7d94211a5bbeb0d4a0cf54b0f92f93e99babf38b php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb a58281b26b68008adfc0830df1b3b75a195fc743 php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb 88c3be44512dd4691c39acf76e0666b4aad8487f php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_all.deb e8807ad38fdb205f6d8247615dde79aa41d07e24 php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els19_amd64.deb dd43582c08b1461295ccd0beb648994c438a9453 CLSA-2026:1767697963 TuxCare License Agreement 0 * SECURITY UPDATE: Heap-based buffer overflow in elf_swap_shdr function - debian/patches/CVE-2025-11083.patch: Avoid a linker crash by rejecting corrupt section headers in linker input files. Changed elf_swap_shdr_in to return bfd_boolean and validate section sizes against file size to detect and reject corrupt headers - CVE-2025-11083 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based buffer overflow in elf_swap_shdr function - debian/patches/CVE-2025-11083.patch: Avoid a linker crash by rejecting corrupt section headers in linker input files. Changed elf_swap_shdr_in to return bfd_boolean and validate section sizes against file size to detect and reject corrupt headers - CVE-2025-11083

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 7d413d8f554e80b76b1f5c80f684979a65d7ad9b binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb dec2f289702ce87241c766eac430646a8c1e5b13 binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 9d219224668def2e109598117e67467c112e243d binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 5f0d6159ad2d21c0d977cae97a1d4ca1f8c897d7 binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 731af0b2eacf6dedf543731e3e7f228118c18600 binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 45c7cb560a779ac5d8f20aed92807fe702587f05 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_all.deb c1351df1eda8d1d1caab875b64b334adf6a4268e binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 0a46723f0b9464466a6ee0c4e5cc80a8bf42c2f7 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 79517a43e330465fa6439dadb7595cc3febd39f3 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 372df679c1a2abe51ae4c810356b3b3e0c81d36a binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 9f4e28fffb1be0f8999521533ac574887194eae7 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb d854ab25dda228da648596adb090649269f10cd7 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 564347fd4ee293db2a3e82368a563a8bae799ecb binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 7fd8c7a6cad3ef36312e7fc712367a61290ebf58 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 709bb66a6750c3c7203b00bc0b507621d335e2e7 binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 7b757af990390a2266eb7cfebe011d6a921af78e binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb a2e10e5d17c15a464e8df771f5260806b525adab binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 978285d25703b6e9b623e646fe1d1ecd1b658f0e binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 7b2f1791f17ef6a37818dd7d613d7bc485b88e5b binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 50cb6a64e51407ead3e72a8339f89a871f952070 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb 45a779903499e89e687319a7146f5958836e7369 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb f82520aa84d90f509fed117497032b481d8959ac binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_all.deb 3b19776210d45b6d824cbf81662ab1f9e7f112d6 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els19_amd64.deb abd11ef8fbf3f888e98b901ab15595faaad685b4 CLSA-2026:1768224866 TuxCare License Agreement 0 * SECURITY UPDATE: Possible DoS attack caused by a slow client communication - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client - CVE-2025-58436 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Possible DoS attack caused by a slow client communication - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client - CVE-2025-58436

0 tuxcare-ubuntu16.04-els cups_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 1471277aa9489278a6bf08fe9ec9f1a01863105c cups-bsd_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb ce3f2f2473644e996a942db30baf43863f302c92 cups-client_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 72d5772eee1e8336c11579cb05bec374caccce0c cups-common_2.1.3-4ubuntu0.11+tuxcare.els10_all.deb 5acdc3de27c6a2241d615d1cbd2c2d9f74d668a1 cups-core-drivers_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb db05cd11f1e7f7f9cd6d92fe69b664e0075f29a3 cups-daemon_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb e53294ac8fb56fb825dc5c8d06fa67dda81def75 cups-ipp-utils_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 29739937ca759ae5428e833cc1b750c4444d277e cups-ppdc_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 7c0e6d9abb4ecd3d23a65ec5ef40b2500dbea8a1 cups-server-common_2.1.3-4ubuntu0.11+tuxcare.els10_all.deb afd575c67bdb396c13fd1f2633f1a3b216a5d136 libcups2_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb fe371b7c29fc8864452a3bf2d2295393d1bd66a1 libcups2-dev_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 292260de1ceb34fbc953b15c1eeb0be4b71c087d libcupscgi1_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb b9adca9e490deec83698b130065918487178a1a5 libcupscgi1-dev_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 8b1d38e8e4fa01d5c45411bf4b83607c98a1c844 libcupsimage2_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 8b515e4b0e889be1c4bdc9f24d28c5674c785418 libcupsimage2-dev_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb bf9f68fa3ff5ca22af594b1710c1bc7fac68eaa8 libcupsmime1_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb 0440f4f06a552f610840e07db9446523cd62e780 libcupsmime1-dev_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb bfa02148ea9423a0b48b10ae78dbe268c451c150 libcupsppdc1_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb da92f83aca558f749cde3703ba498fd7d44111a6 libcupsppdc1-dev_2.1.3-4ubuntu0.11+tuxcare.els10_amd64.deb c6231e24513dab1595b0d65997730b390a0fd283 CLSA-2026:1768225263 TuxCare License Agreement 0 * SECURITY UPDATE: Carriage Return characters in credential protocol - debian/patches/CVE-2024-52006.patch: fix to disallow Carriage Return characters in the credential protocol by default to prevent vulnerabilities when credential helpers interpret bare Carriage Returns as newlines - CVE-2024-52006 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Carriage Return characters in credential protocol - debian/patches/CVE-2024-52006.patch: fix to disallow Carriage Return characters in the credential protocol by default to prevent vulnerabilities when credential helpers interpret bare Carriage Returns as newlines - CVE-2024-52006

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els11_amd64.deb 252c8acfd04d7d9e993fa9a9b60408a0541bc71e git-all_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 82efdf73025b22e783738b1f2217b0bc7969535e git-arch_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 343c73b8e0d5613cc701d8f752d0a99c83c1cf69 git-core_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 51b7b944368801124e41ff48b546cec72d9fbefa git-cvs_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 21de6967a576372f39affe64b2be5c4a8bf56c6f git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 619fdefa3366daa18f7b5412fc6b61ffa6702675 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb a3c44d312914a4244dc9ec599c04a3c253866508 git-doc_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb a8f6b9c179e43fd309977666aaabbb0b358ceafb git-el_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb b582ef51effef4a05c4f6408a93345fb1a580dc0 git-email_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 43fe89aa9d7f54857a0fd40cb039707f697b2602 git-gui_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb a65304ce0a6c79a1e52847ae537122727e733a7d git-man_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 2c6cb80081e31667c135274001a9e8f794821b3d git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 2b1422c7c8db78f5db1df1f3620d6acc9a58cf66 git-svn_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 762bcf824865bf579cbe143f66693da3f215a954 gitk_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 6f124487be029090663277d1565d9a81a68918ea gitweb_2.7.4-0ubuntu1.10+tuxcare.els11_all.deb 625b6f75bde4ecc424577c22a4bb4ea47c38614e CLSA-2026:1769507695 TuxCare License Agreement 0 * SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode <host>[:<port>] in credential_format(), sanitize the user prompt - CVE-2024-50349 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode <host>[:<port>] in credential_format(), sanitize the user prompt - CVE-2024-50349

0 tuxcare-ubuntu16.04-els git_2.7.4-0ubuntu1.10+tuxcare.els12_amd64.deb 9410f1de1b54791c4aa8fdfbd0bd287533df7110 git-all_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 9a52bb247dc23283139a568a3e1c1616116a7918 git-arch_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 54eeed9b3d46936c12ef464cea5ba4c72f8fa68b git-core_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 554507af644b1a8ed397cac7c7907bdfc358bb2a git-cvs_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 7aea86e398e33188f4bc33d27b37bf757e0ffe81 git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb ce0b0976939135096dec3802871d348c542dce76 git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb c7d30a66bfadc2f3bd587d25a446533da74a0d09 git-doc_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 194856468b146ea6f7aee9f035cc383ae5f3fa84 git-el_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 99885d870ccb5462596c28a6d36ae9c2791cd5e4 git-email_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 3efa843135f9ee37f3dc228b92263b30a305e6de git-gui_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 1a45f4386bd17b1169a2247cc5dd8c4ac84bd2e3 git-man_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 18cc5b99ab273adaf85053d19be362f9684419de git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 67f5f12f09d3bc43915fdee9350a9fd823a28f7c git-svn_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 699394e092c14f81a3d2549fa487568781bfdd90 gitk_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 89aeccdfea6907439887f216c1f984477cb20608 gitweb_2.7.4-0ubuntu1.10+tuxcare.els12_all.deb 7fba79cc2d46d978d0becec454eefbe31d2f152f CLSA-2026:1770040871 TuxCare License Agreement 0 * Fix CVE-2023-4781.patch - debian/patches/CVE-2023-4781.patch: patch win_exchange() instead of win_rotate() None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fix CVE-2023-4781.patch - debian/patches/CVE-2023-4781.patch: patch win_exchange() instead of win_rotate()

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb e30603e140197a49fe79c7c3d765ca921cf6311d vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb cbcae00c5e695aef73ce05ce727a22ed90666f42 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 06b874de36f3d42ef902b653bd91e2eee24726ce vim-common_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb d3076341872aa14b96e2f82b7cd7f86ca3b5bdff vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els56_all.deb 0cb4bb6e59486dfed55599034e78dfd8699dfcae vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 9b5d605f3c19011567e04f77d55a6f759ff98e30 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 6f0177b184025b66cabe5bb77c0cabb350a609b8 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 7d7fa598affe893d80827d1e3a8e08e62e62eb37 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 560411de4d9724fdaa6a667d10fb25b1f8861b1e vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 9747bacb1a8b9acf67043f8150c68083ff57528b vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb 401a89fc6a367204b99509ac4156f85a4b4396ff vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els56_all.deb 57f5874903b6d98be42a468849052949eefefec0 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb d4fdc957b0cc1004781883d6745a29021c983ec0 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb d1256a064e4cb27ffaab2d72b91f5f2b390f0b49 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els56_all.deb 86625475e30cf45f9c61e06ac21f4dae39ec7cac vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els56_amd64.deb ba410a12a5d1a7439dfb10213bfda4da7fbe199f CLSA-2026:1770136337 TuxCare License Agreement 0 * SECURITY UPDATE: DoS by providing specially crafted PKCS#7 data for signature verification - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use - CVE-2026-22796 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DoS by providing specially crafted PKCS#7 data for signature verification - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use - CVE-2026-22796

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els12_amd64.deb 7cb25cb3be073b5de4f481bd49756f74c57cd815 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els12_all.deb 773215c2cc42c22354bd586168b516c81dc8016e libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els12_amd64.deb 0b2c28a0180ee7ae7e434242ac0aa6660b1abf5c openssl_1.0.2g-1ubuntu4.21+tuxcare.els12_amd64.deb 682101338439aac5f27b27655667d4564eaa82ca CLSA-2026:1770216461 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-11-11: - New microcodes: sig 0x000a06e1, pf_mask 0x97, 2025-06-27, rev 0x1000273, size 1635328 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056 sig 0x000806f4, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f4, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f5, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f5, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f6, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f6, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f7, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f8, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f8, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x00090672, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x00090675, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000906a3, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906a4, pf_mask 0x40, 2025-06-13, rev 0x000b, size 119808 sig 0x000906a4, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000a06a4, pf_mask 0xe6, 2025-03-19, rev 0x0025, size 140288 sig 0x000a06d1, pf_mask 0x20, 2025-08-29, rev 0xa000124, size 1642496 sig 0x000a06d1, pf_mask 0x95, 2025-07-23, rev 0x10003f0, size 1670144 sig 0x000a06f3, pf_mask 0x01, 2025-07-30, rev 0x3000382, size 1534976 sig 0x000b0671, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06d1, pf_mask 0x80, 2025-08-28, rev 0x0125, size 80896 sig 0x000b06e0, pf_mask 0x19, 2025-05-16, rev 0x001e, size 139264 sig 0x000b06f2, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f5, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f6, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f7, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000c0652, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06f1, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 sig 0x000c06f2, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-11-11: - New microcodes: sig 0x000a06e1, pf_mask 0x97, 2025-06-27, rev 0x1000273, size 1635328 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056 sig 0x000806f4, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f4, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f5, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f5, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f6, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f6, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f7, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f8, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f8, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x00090672, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x00090675, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000906a3, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906a4, pf_mask 0x40, 2025-06-13, rev 0x000b, size 119808 sig 0x000906a4, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000a06a4, pf_mask 0xe6, 2025-03-19, rev 0x0025, size 140288 sig 0x000a06d1, pf_mask 0x20, 2025-08-29, rev 0xa000124, size 1642496 sig 0x000a06d1, pf_mask 0x95, 2025-07-23, rev 0x10003f0, size 1670144 sig 0x000a06f3, pf_mask 0x01, 2025-07-30, rev 0x3000382, size 1534976 sig 0x000b0671, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06d1, pf_mask 0x80, 2025-08-28, rev 0x0125, size 80896 sig 0x000b06e0, pf_mask 0x19, 2025-05-16, rev 0x001e, size 139264 sig 0x000b06f2, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f5, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f6, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f7, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000c0652, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06f1, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 sig 0x000c06f2, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912

0 tuxcare-ubuntu16.04-els intel-microcode_3.20251111.0ubuntu0.16.04.1+tuxcare.els1_amd64.deb 0657a2b8e93704fb11df55082bd68604f55008de CLSA-2026:1770899757 TuxCare License Agreement 0 * SECURITY UPDATE: XML_ExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference (CWE-476) from external entities that declare use of an unknown encoding. The expected impact is denial of service. - debian/patches/CVE-2026-24515.patch: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: XML_ExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference (CWE-476) from external entities that declare use of an unknown encoding. The expected impact is denial of service. - debian/patches/CVE-2026-24515.patch: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515

0 tuxcare-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els7_amd64.deb 3d6b5f78beb393e049457592b5bb6a50f50cb785 libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els7_amd64.deb a540f8637227cee9422613adc26e569b84a749c0 libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els7_amd64.deb 82c42a109bb2f327f6344fe6dbbb238cfb9204c2 CLSA-2026:1770903151 TuxCare License Agreement 0 * SECURITY UPDATE: out of bounds write vulnerability in XBM decoder - debian/patches/CVE-2026-23876.patch: add overflow checks to prevent out of bounds write in coders/xbm.c - CVE-2026-23876 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out of bounds write vulnerability in XBM decoder - debian/patches/CVE-2026-23876.patch: add overflow checks to prevent out of bounds write in coders/xbm.c - CVE-2026-23876

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 901482672a97eb5e4feaa2dc9bfdb699cd7ff33e imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 3fea58091ff05fc681034128382d2fd7eda0777e imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 6795a7dcbe9c1801ad3f06013f0a669271374f74 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb a3f9d3a3bee673cd753606b5daab7fd1f3003ab1 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb e5b9595d07bd93e558345ef95e1b2adbbe03d783 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 4a816a7170fadf4ed0b64d82f639028c854d4ce1 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb a8853a8c255695780473b19d9f3e81c257b1ee5c libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 395b5bd25340147f1994f0c0b56c3d10ed7a2d11 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 948c1937018940af55d109991fa0e180d45cabcf libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 44926e89053c9633714aab1824f32e158fa05638 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 699275f6a1148317b8280432f22eb98a8384509d libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 3bcb8880e27813fa5f0f1d62dc78a520f21d70e1 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 574ee62c3a64779ac7b529c949dc0b39d1bb287f libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb deec88e7a3c1503539308f75a53884743ff3f578 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 87e305c7eaf2643ff5d8028169034dd848966574 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 3e81735c2f3eb93676703b22c5d325f2d696e3d7 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 9eceeb92112aa57a4de88ba46365eee680966baa libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb 5f91699e754b85087969e8b96b6d4ed65400564e libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els30_amd64.deb a12be9f5f53755b562ae025612d2ef424cfe5777 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 7c485748d6786923ab89070e52bbbab44d91f217 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els30_all.deb 04ea3c04b7cf41f586fb3b8120c8287ea896ef52 CLSA-2026:1770917492 TuxCare License Agreement 0 * SECURITY UPDATE: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference - debian/patches/CVE-2025-69421.patch: Check oct argument for NULL - CVE-2025-69421 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference - debian/patches/CVE-2025-69421.patch: Check oct argument for NULL - CVE-2025-69421

0 tuxcare-ubuntu16.04-els libssl-dev_1.0.2g-1ubuntu4.21+tuxcare.els13_amd64.deb 702943afe3b652b21bc5f9ea1d99f81229612ca4 libssl-doc_1.0.2g-1ubuntu4.21+tuxcare.els13_all.deb 54b552304766df2815901587f97334c2558d669f libssl1.0.0_1.0.2g-1ubuntu4.21+tuxcare.els13_amd64.deb d48ce14545871229ca7acad71af2da4b7db063be openssl_1.0.2g-1ubuntu4.21+tuxcare.els13_amd64.deb 6b0d9d84c5ad041248c3ac67422446f282f8040c CLSA-2026:1770982328 TuxCare License Agreement 0 * SECURITY UPDATE: Possible memory corruption in the armor parser - debian/patches/CVE-2025-68973.patch: fix faulty double increment - CVE-2025-68973 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Possible memory corruption in the armor parser - debian/patches/CVE-2025-68973.patch: fix faulty double increment - CVE-2025-68973

0 tuxcare-ubuntu16.04-els gnupg_1.4.20-1ubuntu3.3+tuxcare.els2_amd64.deb f588adac94f74d0c4505a613fbe61c2ffb343609 gnupg-curl_1.4.20-1ubuntu3.3+tuxcare.els2_amd64.deb c380f7d6de8ebfe78cb23bce6ae955838c82b421 gpgv_1.4.20-1ubuntu3.3+tuxcare.els2_amd64.deb 02ff3f5486bee6034ebcde40db8f66b83aa3950a CLSA-2026:1771005847 TuxCare License Agreement 0 * Update ca-certificates database to 20260129: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "GlobalSign Root CA" # Certificate "Entrust.net Premium 2048 Secure Server CA" # Certificate "Comodo AAA Services root" # Certificate "XRamp Global CA Root" # Certificate "Go Daddy Class 2 CA" # Certificate "Starfield Class 2 CA" - The following certificates were added: # Certificate "TrustAsia SMIME ECC Root CA" # Certificate "TrustAsia SMIME RSA Root CA" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Client Root ECC G1" # Certificate "OISTE Client Root RSA G1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20260129: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "GlobalSign Root CA" # Certificate "Entrust.net Premium 2048 Secure Server CA" # Certificate "Comodo AAA Services root" # Certificate "XRamp Global CA Root" # Certificate "Go Daddy Class 2 CA" # Certificate "Starfield Class 2 CA" - The following certificates were added: # Certificate "TrustAsia SMIME ECC Root CA" # Certificate "TrustAsia SMIME RSA Root CA" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Client Root ECC G1" # Certificate "OISTE Client Root RSA G1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root"

0 tuxcare-ubuntu16.04-els libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els10_amd64.deb bf842a40b6f3532be2dc5815406a46839f70662c libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els10_amd64.deb 0af170268e0236ecf84e466001d0e0d5edacab8b libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els10_amd64.deb 480668ae59d61642e26c07339dae1b2acef0b4f6 libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els10_all.deb fd0f2d6aaf27f62a5e1d0d15dfb301924894053b libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els10_amd64.deb 41ffa09e23f9504eb3b3aa25cfd5cb0678a8c38b CLSA-2026:1771248733 TuxCare License Agreement 0 * SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 * SECURITY UPDATE: WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow and trigger a DoS attack - debian/patches/CVE-2025-69204.patch: fix DOS due to integer overflow during image processing of a specially crafted SVG image - CVE-2025-69204 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 * SECURITY UPDATE: WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow and trigger a DoS attack - debian/patches/CVE-2025-69204.patch: fix DOS due to integer overflow during image processing of a specially crafted SVG image - CVE-2025-69204

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb 92518ae38fc75c9242b063d3395421fda55626f8 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb dd323f9b337c98039eabba82bc122ce082beac93 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb e9bf51ede567f585d0a8def6e4815caa79cbd4df imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb cde8b164f755bca0bcdc8151e40dc725aabdf95c libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb d8cd3b2d0224abd923b0cbf4c307c88704214e65 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb 268b6f17a5899416139ba4aa82d7789ac309fba7 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb f9544dcf80e271e3262d50e8b2fa076c7ed1c5ad libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb ab8c5fc6948c4b9f2afbbd30cd47aee731641898 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb 968e75da7afa4521020dc477da7d14066114e7f6 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb f6cd63939e6445b0c3c3951203a7c452801335b0 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb ce02284fa3968e5f11102936fa925efe772507e5 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb 992f983b7abe92e71e6f45d4f8c6cc88a37e97bb libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb be7e575e2824410245299f26a6f228dde5f55e82 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb b353f8f6cebd8b9e5fb5593d5528487ce7e5e585 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb e262de55805f477ffa018798b26c686c82651ffe libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb a143bab48b56d182a6a1e1f496edab5d94d46f39 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb c068293cb23eb79073234b5d1e05abd37ef32545 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb f53ffe6a32b38b445005a615b5628e0647b4313f libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els31_amd64.deb 35651d2bf2eb7e34f932b48a41babbea70cf0f31 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb 5e0bce25085f6527f6bec66ecb30ca06a3aa20d4 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els31_all.deb b48e9569746c06e7b359dbd815e38fd97c668041 CLSA-2026:1771432562 TuxCare License Agreement 0 * SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_all.deb e9ea5a3a90532823ce8e39b7d0b4484cf88aff98 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb af90fb9d81ba6144ac9f4c85bf7d03ec03dd6a06 libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb a49c0ad8f254447a82d3aac943d0d4365f1a8897 libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb ffd790a3777ec45fb47d234c2c06539d6c892221 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb eae8071830192200c00969274bc4906e278c0e06 libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_all.deb 29611a57340059b448ee3fae7f61b56ed2c74bad python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb 22bb92d9296f85135bd0c0d4b2a26eae1f4afc76 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb c8f8784371dfbfeb0bb84c1f577956915ba60d81 python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_all.deb fcb8169be481f2ecdcdb36664f94faead28f4ae5 python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_all.deb 1ce0dae9f255d17b96b1dff16a8736c98fe01c17 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb 82c1bfc18efd6c085d294a19eb587cdd4f2af3c2 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els22_amd64.deb 990bc37bde6980a0e9727d918224bb089a8e6c56 CLSA-2026:1771597605 TuxCare License Agreement 0 * SECURITY UPDATE: defect in poplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15367.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15367 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: defect in poplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15367.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15367

0 tuxcare-ubuntu16.04-els idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_all.deb be5b966defe7831800e8f332431898e124f71ec6 libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb 9d4542a98840acdcf892673a29962fac57b52c5e libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb b63f4836775ba6fdba1d56078d13e3ca9ee18d7a libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb bb4ccbac07645b394d45824c930ad3a0ff2c4d75 libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb 2ad73523420c86622436fa9be935eea14a08575c libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_all.deb 2f161e2b3b98724744a46fb9e56bb8be09441419 python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb 0b3237a2b9871eb90aff8547e4fbb6707e273d02 python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb 779abccb9b92227ea031e5bd9c2073262518343d python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_all.deb 6e8ff68da1b9a447cd923d18a4bb8698941201bd python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_all.deb 9b8de081907ec83f281386909bd231df57f522a6 python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb dae6a7d26ee266eb2d1f472ed6d62266770d49e2 python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els23_amd64.deb b5a9b2a47fb6ea6cbc76520952ffffc0a7585747 CLSA-2026:1771601553 TuxCare License Agreement 0 * OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html * d/p/hotspot-libpath-*.diff: Refresh patches. * d/p/uabs-*.diff: Drop patches applied upstream. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html * d/p/hotspot-libpath-*.diff: Refresh patches. * d/p/uabs-*.diff: Drop patches applied upstream.

0 tuxcare-ubuntu16.04-els openjdk-8-demo_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb 19f1821aa9e17061813fb9cca661631c513ed738 openjdk-8-doc_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_all.deb 4e722918cd166d1f3f877a9bf8ba3c7dc7a8c7b4 openjdk-8-jdk_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb 6e458c016413a03d9c0d95e5a42138677fd5b415 openjdk-8-jdk-headless_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb b735944be8ce51d07822c8ee0891612df8510e72 openjdk-8-jre_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb 29724234885813d61f7209439981baa1acd04c6c openjdk-8-jre-headless_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb 4e6b7138961eed86adc9d194fc6d1d83ea5b19ac openjdk-8-jre-jamvm_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb 6fb87f7ad164e01ea9f4ea9fbb608036cc28b889 openjdk-8-jre-zero_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_amd64.deb 869148ac81992d1b678c560e0448aafb35b7f189 openjdk-8-source_8u482-ga~us1-0ubuntu1~16.04+tuxcare.els1_all.deb bf48cc3e11813804ca904b68220766f0e4d468ad CLSA-2026:1771857684 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer underflow in GVariant parser leads to heap corruption - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflows in GVariant text format parser when processing input longer than INT_MAX - CVE-2025-14087 * SECURITY UPDATE: Integer overflow in escape_byte_string() leads to heap buffer overflow - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflow in escape_byte_string() for byte strings with many invalid characters - CVE-2025-14512 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer underflow in GVariant parser leads to heap corruption - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflows in GVariant text format parser when processing input longer than INT_MAX - CVE-2025-14087 * SECURITY UPDATE: Integer overflow in escape_byte_string() leads to heap buffer overflow - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflow in escape_byte_string() for byte strings with many invalid characters - CVE-2025-14512

0 tuxcare-ubuntu16.04-els libglib2.0-0_2.48.2-0ubuntu4.8+tuxcare.els5_amd64.deb 12dfa91a47a72fc9cac568cc2e247c38a8debbf7 libglib2.0-0-refdbg_2.48.2-0ubuntu4.8+tuxcare.els5_amd64.deb 71b2cddca05f9a21b5d7c5d03b50769ae1cad602 libglib2.0-bin_2.48.2-0ubuntu4.8+tuxcare.els5_amd64.deb 04ca7a135524851fb9be32838b871a3d7f9553b0 libglib2.0-data_2.48.2-0ubuntu4.8+tuxcare.els5_all.deb 9bc7dfc302f6f1e01c398deff04c2f6aa42cfd15 libglib2.0-dev_2.48.2-0ubuntu4.8+tuxcare.els5_amd64.deb 757bbc95133c2bb603ef852e4f3bce0274e010df libglib2.0-doc_2.48.2-0ubuntu4.8+tuxcare.els5_all.deb 0039caa4d5bbc26b9d3e1c3413ad60289327c77f libglib2.0-tests_2.48.2-0ubuntu4.8+tuxcare.els5_amd64.deb cb2877adbf9e037cd05f0bc246b919859250a8f6 CLSA-2026:1772451135 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 * SECURITY UPDATE: out-of-bounds heap write on 32-bit systems - debian/patches/CVE-2026-25897.patch: Add size-calculating heap overflow sanity check and validate row padding addition to prevent out-of-bounds heap write on 32-bit systems caused by integer overflow in pixel buffer length computation. - CVE-2026-25897 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 * SECURITY UPDATE: out-of-bounds heap write on 32-bit systems - debian/patches/CVE-2026-25897.patch: Add size-calculating heap overflow sanity check and validate row padding addition to prevent out-of-bounds heap write on 32-bit systems caused by integer overflow in pixel buffer length computation. - CVE-2026-25897

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb d4b6694c8089bc2008f77d136b89d24884bb0237 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 1c8a71935690e99d025543c61608c2f1420fecf2 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb 2a8720925de7674522aff904ab217cb880565126 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb a13ae14b94af35b8dda62c225608ef5f11b0e660 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb 0708b75ecc6ecf01920abf401f6531f6d8755b27 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 5abe1eca4fbae10c278cf11cb812cfc26272589a libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb f7de02ddfe310bb5b74e59e7343c52a3c6515094 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 4cfa2faa0d680fa3c90e88cc5c7c14c48de9b7e3 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 85fb47b5bd5e20d41786d28e95720b06baa786bb libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb 7081d7d7b5b25f529de56c8bc1f23b0911ec0534 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 78cad341e5e97988b27c4b085945d7a7934ee57a libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb 057028a7f6239cbfa840390ade8bd95711d7afe9 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb a74405e2df8fb24befab64730191009dbac87a9f libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 838c10a7e28580674cb25c3c712c3e2f6b1e9c27 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 722838433833df60f048c3aac084173a89579b7c libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb b7890af276a5ddcaed580dfb4c5cbe76d4163406 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb bcf4fbc0456aeea735b0dcdaabbcd010a2369e3c libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb c83d862974d04b5a92e7d490c631099b4f5b7e43 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els32_amd64.deb 119f484abc7bd0f8e524c7979981a7e4f37d662f libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb d90ece8af54de1b9041b6418d0daf12897ff3842 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els32_all.deb f1f3c369910dd4b60df4d87e6ba010b5f5322d7d CLSA-2026:1772645765 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C);

0 tuxcare-ubuntu16.04-els amd64-microcode_3.20260221.1ubuntu0.16.04.2+tuxcare.els1_amd64.deb b74a2c1201ae6d5f4ca248de9b0dbb1a49e364f2 CLSA-2026:1772814085 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer overflow in netbeans special_keys() handling - debian/patches/CVE-2026-26269.patch: limit writing to max KEYBUFLEN bytes - CVE-2026-26269 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overflow in netbeans special_keys() handling - debian/patches/CVE-2026-26269.patch: limit writing to max KEYBUFLEN bytes - CVE-2026-26269

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 12ff10241d28587e2a37ad4b397665a10603a934 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb c80e6559e4481059dc219b3f7a33ff89edec4508 vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 7a4c115a4ca108537120d5f3635ad4a048abaac2 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 9028efcd68c8406fd5eaf4b4f805cf9f268df14b vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els58_all.deb 7d8da8df0eb92952655c8a16b098c275a92ce117 vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 160cae610e2c3fd7fcf1b71d66410d7ae29b3890 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 76e76423bf83c5ae70e740c66fb48f0fbdd99700 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 32bab6dc461e39c2e62b5f3f067ba8107067a278 vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 5234af57ff2b6e890aa762791cff6128c2332d2a vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 4889a9d7ccabee36dbffe64e50c5c5859ac4c302 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 53cd666d901af451614b41877e8f3cc6c018d29e vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els58_all.deb 980759a3fcb1c921b133fb6241572190e56dff73 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 744ef4b79f67edd95a1af46f428e057aadc81a2c vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 5279c1e53162e7ba732542bc8406f9087bd1c922 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els58_all.deb ae40a7817542df8c0fda727ed3b37f3daf0c0450 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els58_amd64.deb 4981f5b770d30837281f3453ea0dc62ceed811eb CLSA-2026:1769018042 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: Fix faulty double increment in armor_filter function. - CVE-2025-68973 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: Fix faulty double increment in armor_filter function. - CVE-2025-68973

0 tuxcare-ubuntu16.04-els dirmngr_2.1.11-6ubuntu2.1+tuxcare.els2_amd64.deb ed446284d4c3284c9292454f334231b2fe53c9fe gnupg-agent_2.1.11-6ubuntu2.1+tuxcare.els2_amd64.deb fd6117ab981ca5c2e742fb9cce015506ce8930e3 gnupg2_2.1.11-6ubuntu2.1+tuxcare.els2_amd64.deb c948ae884b3fb9db1442036ac9dbfd94d53c630c gpgsm_2.1.11-6ubuntu2.1+tuxcare.els2_amd64.deb d9717cf33a73b71e0f2f6868fa7f7b2ba3af667c gpgv2_2.1.11-6ubuntu2.1+tuxcare.els2_amd64.deb a19a87469750c72427cfbe173fa633ab4e03696c scdaemon_2.1.11-6ubuntu2.1+tuxcare.els2_amd64.deb 7bb33c86589c464c482f0362d2cbcd1bb72e5ced CLSA-2026:1773073974 TuxCare License Agreement 0 * SECURITY UPDATE: command injection via improper NetBIOS name validation in shell hook handling (CVE) - debian/patches/CVE-2025-10230-1.patch: Validate NetBIOS names before passing them to hook shell command, rejecting characters outside alphanumeric, dot, underscore, or hyphen. Prevent command injection caused by untrusted names containing shell metacharacters. - debian/patches/CVE-2025-10230-2.patch: Add selftest verifying WINS hook skip invocation for registered names containing shell metacharacters; issue stem from unsafe name handling allowing hook execution with untrusted, potentially command-injecting name strings. - CVE-2025-10230 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: command injection via improper NetBIOS name validation in shell hook handling (CVE) - debian/patches/CVE-2025-10230-1.patch: Validate NetBIOS names before passing them to hook shell command, rejecting characters outside alphanumeric, dot, underscore, or hyphen. Prevent command injection caused by untrusted names containing shell metacharacters. - debian/patches/CVE-2025-10230-2.patch: Add selftest verifying WINS hook skip invocation for registered names containing shell metacharacters; issue stem from unsafe name handling allowing hook execution with untrusted, potentially command-injecting name strings. - CVE-2025-10230

0 tuxcare-ubuntu16.04-els ctdb_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb a7bf4c8f954079367ba9f3d869d6bcd964cf19fd libnss-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 8aa55c23f82818fb32e3c251c529174daa35620a libpam-winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 0156811ec0c69ba7c290e23c4b91ee08ce68d0cd libparse-pidl-perl_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb a7fcd2a0212f3fe27aa0ca7b264674af655eeb4f libsmbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb e16f7bab0d84042ebc00b7d43ab440a149c60a5c libsmbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 3201ba927ee60e435aa94426482e4cd9bace746c libwbclient-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb f4a1060ba92fec92201e3ca22d98bd7848d8e624 libwbclient0_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb fa43cdf70f4e5f6ea780df71a89afd82a0164b05 python-samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 0804aaa59ce6e5930bd31ae94cbfe0daeaed48a9 registry-tools_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 6e34068d698fc1bb3161b7bbb352e28025053c3e samba_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb b3d48e453755a775d274f2413255b5ddba9a280b samba-common_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_all.deb 118f11b0ca30c570406575e32a421ab11dd50085 samba-common-bin_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 34382fcf3da57c00f176b313849a9841cc15ffb9 samba-dev_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 4183bafef8ac505c1e67e0449bb6663e0a2885a5 samba-dsdb-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 6ef652f6b754afeff32dbf73325e4482db6cb316 samba-libs_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 6823e4318876052690f2c584a8c7b8aea6002b7c samba-testsuite_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 57c341c9443d5ebe1d6bb2f521f0f974d3237f28 samba-vfs-modules_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 6417b5158a163e3b1f44f747a7300f5e1b2ae1b9 smbclient_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 1ff0662256b3f947c36f5c4c723438c84d582bde winbind_4.3.11+dfsg-0ubuntu0.16.04.34+tuxcare.els9_amd64.deb 0672d62de73045b4efc38e415faa3762291c8b0a CLSA-2026:1773308764 TuxCare License Agreement 0 * SECURITY UPDATE: denial-of-service via division-by-zero in image loading - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing incorrect AND with OR in horizontal/vertical axis checks and prevent acceptance of invalid sampling caused by flawed boolean logic. - CVE-2026-25799 * SECURITY UPDATE: Null pointer dereference in ClonePixelCacheRepository resulting in denial-of-service - debian/patches/CVE-2026-25798.patch: Add overflow sanity check in OpenPixelCache and reset cache storage class and length before throwing on allocation failure - CVE-2026-25798 * SECURITY UPDATE: memory leak in ReadSTEGANOImage that can be exploited for denial-of-service - debian/patches/CVE-2026-25796.patch: free watermark object on three early-return paths - CVE-2026-25796 * SECURITY UPDATE: a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT` - debian/patches/CVE-2026-26066.patch: replace `c=0` with `c=ReadBlobByte(ifile)` in formatIPTC so the loop advances past an unrecognised tag instead of spinning forever - CVE-2026-26066 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial-of-service via division-by-zero in image loading - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing incorrect AND with OR in horizontal/vertical axis checks and prevent acceptance of invalid sampling caused by flawed boolean logic. - CVE-2026-25799 * SECURITY UPDATE: Null pointer dereference in ClonePixelCacheRepository resulting in denial-of-service - debian/patches/CVE-2026-25798.patch: Add overflow sanity check in OpenPixelCache and reset cache storage class and length before throwing on allocation failure - CVE-2026-25798 * SECURITY UPDATE: memory leak in ReadSTEGANOImage that can be exploited for denial-of-service - debian/patches/CVE-2026-25796.patch: free watermark object on three early-return paths - CVE-2026-25796 * SECURITY UPDATE: a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT` - debian/patches/CVE-2026-26066.patch: replace `c=0` with `c=ReadBlobByte(ifile)` in formatIPTC so the loop advances past an unrecognised tag instead of spinning forever - CVE-2026-26066

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 84e83f733fbfeeef4151047a14e89a7abc582d7a imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb e86db102ea9a3490c8dc12c6fab42b92f6e030a0 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb 05dc260c35b791df3cbb645943fc1484b03c39e5 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb e6c026b0fe31d4281f47ee7e90746c323d417f5e libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb ee51fb0851f05f27f2a0fc9d246b29340a6b9ea5 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 3fd80679993326b50512151950eea573d0dbfd63 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb 5a0b99d05e690ab2eada692876174764f1320f4d libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 484c0448b4da6f31600369e46d1cc9a3b5acd5e5 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 6e0b3037e859eb8f074b98487532e92cc612e880 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb 14d19c8c916419a66943096fa72bb0a01495a9dc libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 3088badeaba7f79c431d2210fb9642c015e19681 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb ee32e184d0176a6d5776a3f42324185822f570a9 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb d0de6d40df01c80d0a93f64964f42be2a1bfe875 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 167e2063dd5c522f2ca53d4fec370c3b0b983bf0 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 99d6bc7acc3d54583554d5bb600198d4208f4b09 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb 214f32054378a5f536fe9ed2347bb14afd001dfd libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb 0abc09499153e16763e7b730e364c796850f3c1b libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb 36d6e7370d7cb5a2ce2874b47a37b364ed7957a9 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els33_amd64.deb b088394184db8dbe1f06f864df92844a88b49ba7 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb ca9894cb20966639f876a59772f3671f655fd68c perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els33_all.deb 1d5408b4a788a08da871632536c5f45350a8acb9 CLSA-2026:1773341470 TuxCare License Agreement 0 * Update ca-certificates database to 20260305: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.84. - The following certificates were added: # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Server Root ECC G1" # Certificate "OISTE Server Root RSA G1" # Certificate "e-Szigno TLS Root CA 2023" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20260305: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.84. - The following certificates were added: # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Server Root ECC G1" # Certificate "OISTE Server Root RSA G1" # Certificate "e-Szigno TLS Root CA 2023" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root"

0 tuxcare-ubuntu16.04-els ca-certificates_20260305~16.04.1ubuntu0.1+tuxcare.els1_all.deb 7d93eda24c4c3a53c729edeaaac77c83055e016d CLSA-2026:1773412800 TuxCare License Agreement 0 * SECURITY UPDATE: nULL pointer dereference and crash during image read when temporary file creation fails - debian/patches/CVE-2026-25795.patch: Destroy read_info after copying filename and avoid NULL pointer dereference in ReadSFWImage; cause: incorrect order of operations when temporary file creation fails. - CVE-2026-25795 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: nULL pointer dereference and crash during image read when temporary file creation fails - debian/patches/CVE-2026-25795.patch: Destroy read_info after copying filename and avoid NULL pointer dereference in ReadSFWImage; cause: incorrect order of operations when temporary file creation fails. - CVE-2026-25795

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb da5739d00b67a9e2f881afc862f0df8ab27a17f3 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb 9c7db9e7aa4f8ef683e9ab1db6b491274711a83b imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb c762cef61ac9c23cee3492e3a9b240afa30204ca imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb b838d09b1963e797c0716532c2a67aaaf206b1e7 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb a530df312f5142110a41d68e54229cc8845c90a7 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb ffccc65e8993e5d575e2ee13f23fd1dfad1cfc53 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb 1271c92e7f5e2bb66e9f5096d05679045ea84202 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb 2dbe9bb849af39033fe62ca8568cce8463f82523 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb aed5d2f1c1fa8be2f6fd199f0bc7c78c8f256ec5 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb cbdd0791dfbe295f428c3e13e8028c024ef87b08 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb 5be9f3a99bd2c645a85f3c64b9d41bf0d2b22ef8 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb ca19818972b1f45c4856bb5ce4f13ed296d042ad libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb 47693e32ce8dc2cf5c29c334f819b2b367ef5c7b libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb 051798cfe5b97786ec87bc7456e618f8235dbea6 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb b1cbbb509b4735efd4859af0d82cb3f89dd31a0d libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb 8c374007058b459c477a1296dc096f77c1208c1c libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb 7f90b9ac7e273502cc8f7bcf7bb07212620f8b19 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb e77f355d04fac00fbb83c78be4ba92be4e9d1b34 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els34_amd64.deb 4855362211739fd7abf2ffcd8623e0bf4a1f71d8 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb 75eefd12151268b03f9d1b3feaaba84576b4bbff perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els34_all.deb 35bc02ec884c08f5c0d1c9a9863940a9da109ae9 CLSA-2026:1773668222 TuxCare License Agreement 0 * SECURITY UPDATE: heap information disclosure in PSD handler - debian/patches/CVE-2026-24481.patch: zero-initialize pixel buffer in ReadPSDChannelZip to prevent heap info leak when ZIP-compressed layer data decompresses to fewer bytes than expected - CVE-2026-24481 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap information disclosure in PSD handler - debian/patches/CVE-2026-24481.patch: zero-initialize pixel buffer in ReadPSDChannelZip to prevent heap info leak when ZIP-compressed layer data decompresses to fewer bytes than expected - CVE-2026-24481

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb cae39e0295d0f56c9d462c7c3bdc43213e731736 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb c0314f5352622bead477951e9ce635b75fbb80f8 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 11df424581a8bdc34d6405849a4b8f6832454dd3 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 0cd1193c6a8986adc7f43753251ecd823f984965 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb d3ea475759aabd4888725bd9eeb85379c58986a4 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 9ce224f22c709270c28bc60f918a6ab07f40f935 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 4829a64ab0e014060182e4a7c92dafdd68771eed libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 1075a6de55c7181f99e4c35967d65f4578427e4f libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 9f88d7c15d50f6709bb28651e0ef20db146d0491 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 3cdcf4728d8d535da6d258874d00c13cc4285bd6 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 11e1eb15060ec2cd1d4eb071b3b4ace77c758e9b libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 25d07b402091db3f4cdeed47f3fc61f9ae6a3604 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 1154d89c2e877ef7c69352a27920345a075b53f8 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb e52c17acc49f3524cb688089b7c7f973279f8cf2 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 7f13a082ea787ca6ee5fcbb3f0e1a9fbf71cbb63 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 71e0b4d2699850a34981d1ff4bb9855617cffe7f libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb f5503ab4ca5ebb4e597e234cd2414eaa58320c36 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 9d589f404af944609d2bfc25a18217d1675c127e libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els35_amd64.deb 75bcbff38abe2e46c9ffbd1c0768dcef5e799039 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 889cb7f0574fb44e6f9d65424eb59743c9ac4dc2 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els35_all.deb 077baf4647e9cd136cf9efc66f843015aa2482af CLSA-2026:1773929316 TuxCare License Agreement 0 * SECURITY UPDATE: remote out-of-bounds read in SFTP extension name handler - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read from sftp extensions; correct index comparison from '>' to '>=' and prevent access past extension count. - CVE-2026-3731 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: remote out-of-bounds read in SFTP extension name handler - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read from sftp extensions; correct index comparison from '>' to '>=' and prevent access past extension count. - CVE-2026-3731

0 tuxcare-ubuntu16.04-els libssh-4_0.6.3-4.3ubuntu0.6+tuxcare.els3_amd64.deb 0aad5a6c2d569acd27931d47234372dfa532e592 libssh-dev_0.6.3-4.3ubuntu0.6+tuxcare.els3_amd64.deb f677d93406c7be7e6d851b5f0716d919b4c9eee1 libssh-doc_0.6.3-4.3ubuntu0.6+tuxcare.els3_all.deb bc54b93e4d5c4882494935d2287b69cf8d1f84f5 libssh-gcrypt-4_0.6.3-4.3ubuntu0.6+tuxcare.els3_amd64.deb 68601083498043294952d485e0aa4016070ea4db libssh-gcrypt-dev_0.6.3-4.3ubuntu0.6+tuxcare.els3_amd64.deb b4196b16f6aa3954add5e31cc19a9592173b602d CLSA-2026:1773930526 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210

0 tuxcare-ubuntu16.04-els expat_2.1.0-7ubuntu0.16.04.5+tuxcare.els8_amd64.deb c08a7cddb3f8dd00c27e3c222458ec21570a1f61 libexpat1_2.1.0-7ubuntu0.16.04.5+tuxcare.els8_amd64.deb e8c8bbd8444aad9562473864dc596de0bcfdc35b libexpat1-dev_2.1.0-7ubuntu0.16.04.5+tuxcare.els8_amd64.deb 1dc4db314f1377d74f965df031c26edbc397a46a CLSA-2026:1773999754 TuxCare License Agreement 0 * SECURITY UPDATE: global buffer overflow read via negative pixel index in UIL and XPM image encoders - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: global buffer overflow read via negative pixel index in UIL and XPM image encoders - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 6b6d11b50a1a3cb2c2d323fef6887cf231e20301 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 2dcf55978231e207d433460cacdd95c2f2905a87 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 1ea2a569f8957478581729f361a72a74bee4ef3b imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb a3a2a50562d8a12ebe4b7a2a67cdda17e1a7a016 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 674737ee44ba56ea3c8c33528928be94901f6744 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 45aca000c6754c5cead4a9eb1d82f7d84262cfa8 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 3d0e0a08ef873bca26b8bc747ac12ecd6681e0d6 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb b55074b96c6b20cd2633cb838b0c1daa5c6b1824 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb bea4e7061d39a09b084be19bcc3ed73845cd46b7 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 24ac3672fb099e98fea0bb13420f2ee582efabc7 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb f8c8dc8ab72f50384119cf79f842336ba46822d0 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 626b4b2d8f255aa233fcee55a7f151208c7f4244 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb d278f6d4b05da6a7769f379ac52eb1e29b68d553 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 73269f0b42f670c70aec85497a2ec3be060d98a2 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 1dd404b9107b53cedf2a3606df20a56b7240214d libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 65bcddd24ec778ac00c67eecfbf7e4ababf66e2f libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 1a782ce54cd418165d947f9095df216cdceae697 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 5f44a823c74f4689c275ba989f23000150786be3 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb 0b6cec1c18f16f773c0fd1617c87d5331c7fc91d libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb e7141cfb5d04943761697a4211467175043b39c8 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb 84486f700561a961c6003b004b4fbaa8102a3953 CLSA-2026:1774010344 TuxCare License Agreement 0 * SECURITY UPDATE: stack buffer overflow in msl.c (attribute handling), path traversal bypass of security policy, XSS in HTML coder output, and MSL attribute overflow - debian/patches/CVE-2026-25797_CVE-2026-25965_CVE-2026-25968_CVE-2026-25982.patch: Fix memory leaks, stack overflows, integer overflows and out‑of‑bounds reads; add bounds checks, validate DCM entry sizes, sanitize PostScript filenames, canonicalize paths and free resources; escape user-controlled strings written as raw HTML in the HTML coder; cause was unsafe header and filename parsing, incorrect assumptions about byte counts, path resolution, unnormalized path matching allowing policy bypass, and unescaped HTML output enabling cross-site scripting. - CVE-2026-25797 - CVE-2026-25965 - CVE-2026-25968 - CVE-2026-25982 * SECURITY UPDATE: null pointer dereference in msl.c (repage/roll handlers) - debian/patches/CVE-2026-25983.patch: move image null‑checks before accessing image attributes in the repage and roll MSL tag handlers; cause was dereferencing the image pointer for page geometry and dimensions before verifying the image was defined. - CVE-2026-25983 * SECURITY UPDATE: infinite recursion via crafted MSL/SVG/MVG files - debian/patches/CVE-2026-25971.patch: add global Splay tree guards in MSL and SVG coders to detect and reject recursive image references; block dangerous protocols (ftp, http, mvg, vid) in DrawPrimitive; cause was unbounded recursion through nested image reads. - CVE-2026-25971 * SECURITY UPDATE: null pointer dereference in msl.c (comment/label handlers) - debian/patches/CVE-2026-23952.patch: add image null-checks before accessing image properties in the comment and label MSL end-element handlers; cause was dereferencing the image pointer for DeleteImageProperty before verifying the image was defined. - CVE-2026-23952 * SECURITY UPDATE: MSLPushImage return value not captured - debian/patches/CVE-2026-25988.patch: change MSLPushImage to return the new image index and capture the return value in the MSL image tag handler; cause was the local index variable not being updated after pushing a new image onto the stack. - CVE-2026-25988 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack buffer overflow in msl.c (attribute handling), path traversal bypass of security policy, XSS in HTML coder output, and MSL attribute overflow - debian/patches/CVE-2026-25797_CVE-2026-25965_CVE-2026-25968_CVE-2026-25982.patch: Fix memory leaks, stack overflows, integer overflows and out‑of‑bounds reads; add bounds checks, validate DCM entry sizes, sanitize PostScript filenames, canonicalize paths and free resources; escape user-controlled strings written as raw HTML in the HTML coder; cause was unsafe header and filename parsing, incorrect assumptions about byte counts, path resolution, unnormalized path matching allowing policy bypass, and unescaped HTML output enabling cross-site scripting. - CVE-2026-25797 - CVE-2026-25965 - CVE-2026-25968 - CVE-2026-25982 * SECURITY UPDATE: null pointer dereference in msl.c (repage/roll handlers) - debian/patches/CVE-2026-25983.patch: move image null‑checks before accessing image attributes in the repage and roll MSL tag handlers; cause was dereferencing the image pointer for page geometry and dimensions before verifying the image was defined. - CVE-2026-25983 * SECURITY UPDATE: infinite recursion via crafted MSL/SVG/MVG files - debian/patches/CVE-2026-25971.patch: add global Splay tree guards in MSL and SVG coders to detect and reject recursive image references; block dangerous protocols (ftp, http, mvg, vid) in DrawPrimitive; cause was unbounded recursion through nested image reads. - CVE-2026-25971 * SECURITY UPDATE: null pointer dereference in msl.c (comment/label handlers) - debian/patches/CVE-2026-23952.patch: add image null-checks before accessing image properties in the comment and label MSL end-element handlers; cause was dereferencing the image pointer for DeleteImageProperty before verifying the image was defined. - CVE-2026-23952 * SECURITY UPDATE: MSLPushImage return value not captured - debian/patches/CVE-2026-25988.patch: change MSLPushImage to return the new image index and capture the return value in the MSL image tag handler; cause was the local index variable not being updated after pushing a new image onto the stack. - CVE-2026-25988

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 013061a6b5b86944c0a7f97a135e99fcc53f6b3e imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 1be21cdf3804638152ea9ede92ae20836d19a72f imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb e81e9da452f55362452cbf78ef4d8e279bf277c6 imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 2f0063f8ff56867db7d6f06d9dd8881a5f4e3149 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 5e229b3701e6acd93819fc7696f2973e89d02f6a libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 1d044e7d558651527630a3edab3a4bdd863ddf1b libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb f5fbf3641b6e222fa4f86ace94eafa5de28e590b libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 3b04f0154c4bd6125ac5c54ba827b39b3828ce95 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 50b66d662d70b3c15ffc3b38d2cf10078bcbd85f libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb a2139ada17adec81cd72916d94bff8421a884301 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 166f480a46abf969a3e3e0fbe57256a4e893dc60 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 63e0ae9cbf8e8b5ec4b982d27b4eb2764496d5b6 libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 7dfb4c1294f57959e5668261fb9b2f581d77b0e1 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 752f21294a79c9a9817d0b563376b174f2ad8830 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb c49c0ebf793b8089804349be268d9897a167c2ab libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 305f4d7080405e529aafdd708fe63e1b2c901d4c libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 5e3d472a1e5f5310d5f1ea6389e58a0d473478c7 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 4e9a20e032ef7c87a6e267256a7acb78cfeb214e libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els39_amd64.deb 4b98aaf77ace866d0df745806b22a97b3217e848 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 47d20abe600f5b6571ce9b508bc3f2e32b78dd2a perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els39_all.deb 85ad51f242e543cc474d5a22c758e9490bc56fa2 CLSA-2026:1774017921 TuxCare License Agreement 0 * SECURITY UPDATE: Heap buffer overflow in helpfile option handling - debian/patches/CVE-2026-25749.patch: use vim_strncpy with MAXPATHL bound instead of unbounded STRCPY in get_tagfname() - CVE-2026-25749 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap buffer overflow in helpfile option handling - debian/patches/CVE-2026-25749.patch: use vim_strncpy with MAXPATHL bound instead of unbounded STRCPY in get_tagfname() - CVE-2026-25749

0 tuxcare-ubuntu16.04-els vim_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb fb8a03c614acb45d5951dda044af975485fe46b8 vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb cae664356c788da6974ac280764f29a083b4b7da vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb cceee30823408e0f5ec2d83494ec0e8164424217 vim-common_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 058d7283cc93c5b6d9cca14bedc38d1de6fc7a05 vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els61_all.deb 06a977eba3e203d08f62e426a91684848ce02d8a vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 3f08f08bd4569d3cc0fc3f80a66a075626d30161 vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 84426c93e35231e79a7d76246a267b40fd798227 vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 521c04170f0be3b782878036170a9f91e1ee7fbd vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb aa5ac49eeb862bafe2a409d44efcece492d92cdd vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 40f510840f77716f577bf6f247652d7c317490c8 vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 8058c680b42c65f7f1c9c89322e01803679b061d vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els61_all.deb 3d148ebf513652b0a8e1fada02464fae29ac1c06 vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb 238100235c18aa1e16f1ab791dec7c950a054d69 vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb cf84bc3be46784f5d25a0ed4b617d722ca30ba70 vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els61_all.deb 0f6826b3c71e561b0977cc064ff78fc69ab4a0f2 vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els61_amd64.deb e92f93b83470c73680c2f6e14f9a179e516864fe CLSA-2026:1774027481 TuxCare License Agreement 0 * SECURITY UPDATE: heap overflow in PNG encoder from large profile - debian/patches/CVE-2026-30883.patch: add overflow check in Magick_png_write_raw_profile to reject profiles with length that would overflow allocated_length arithmetic - CVE-2026-30883 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap overflow in PNG encoder from large profile - debian/patches/CVE-2026-30883.patch: add overflow check in Magick_png_write_raw_profile to reject profiles with length that would overflow allocated_length arithmetic - CVE-2026-30883

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 0350ee06e99e6167c67fcc3b4676fbac03a12041 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 56968d705ddd185631b142e859fc5f100a7043b0 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb bf4d2aace1db27ea590cf3f19fa7e7bcabdd257f imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 98963bee5497e275b1325b55d9321aa27314f599 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 2eaed31995030159f72aab96f4a34be780bf878f libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 4dc77c655181ca089f3cbb73c12bddcb70b0d8ba libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 524c85eb9d3adc17f0ea64e3a84199354f569cb7 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb b57b82abbe614e98ff7faac52646251e28db7fba libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 5c46531e2f1604459fa78b5410d969f149a8e0cc libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 12f54a4189325a00ace84f7ae324c09e927e3222 libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 42cd660f8299a54045a443e1a9a0e53596a13686 libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 7217e41bb3760ef169bf4cefd5e45b0e3bcc8c9c libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 02cdea9c048827a2536ddaaad99244639743e29b libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb b753c386c496972a89fe485327510f49b9e3489f libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb 8e08f9f08b9a205aa8e6e5d2bfd387fec71f5e63 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb ef493b8a6a86527b1b79ed6e50dd866c092ff152 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb afea508a9670e905c37dd0e4f5856d038d887390 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb cda4a5758776a957f90adb01d2f3234c6e60abbe libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els40_amd64.deb a05f741f0b569ee8077f58c9c03b5fb07933b90f libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 93560d5907a3f5edf5e0799c14a77622dd7c593c perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els40_all.deb 77bae5f635309aa3e99638daf6b7929a66004f15 CLSA-2026:1774283917 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption and denial-of-service via malicious SIXEL images - debian/patches/CVE-2026-25970.patch: Correct misspelled position variables and adjust variable types; fix out-of-bounds write caused by incorrect bounds checks and signed/unsigned type misuse. - CVE-2026-25970 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption and denial-of-service via malicious SIXEL images - debian/patches/CVE-2026-25970.patch: Correct misspelled position variables and adjust variable types; fix out-of-bounds write caused by incorrect bounds checks and signed/unsigned type misuse. - CVE-2026-25970

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb 45ee9248863824090a1ab64acb06613b0e3f8f63 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb 7a8f3a9ee8f17732ce5a0495c72acc5b1ce7de9b imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb b1f3328586d98399819b17b6152ac9aa8a84ceab imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 9d889826a8a39e99b1f6cad8b3947e3554d07efa libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb c186a09726868c01fd54f79dc7f5f03a62573e94 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb 549bebe4670189332a6f42997256334e0f863fba libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb fa47dc150f332c6dc57a9af6cd5783b7b6c00533 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb b70b28bfae39243bfec74effd62c2ac61ea05d6b libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb c4a4dd4317e511e1352c3e3ca18b833e70f68b30 libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 054397d63224a51fa323be901010d7cea88df9df libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb b81d7acc29fa58e5da21a82477e584dd0a7019ee libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 0846d35273c3a7bca75e7f959c5a1be9596f3c1e libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb e84e47ca218aefb84b9628eb380daa9965de85c6 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb 920a2ccc96c9d56143afc4bb02866d505ca17726 libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb c45a4a2fef38b9435867930eb9248d531fc7e046 libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 65c48b024fbf1c1f4cfba46a6c8cb6053e97d1d8 libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 1fc12bc6f7fa8baecd297639447a410d91c38d5f libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb ead07c7f564e1d532899f682f14233bf4d09ad14 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els41_amd64.deb e8ad426ad5e92078d1577d66ce876ef927116b6f libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 25817205b46376f8612ce8fdc48fb7c9b3c3cf24 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els41_all.deb 767564ca957c5ac1a0b9b23169a50b29491318ff CLSA-2026:1774366791 TuxCare License Agreement 0 * SECURITY UPDATE: denial-of-service from nested multi-layer MVG-to-SVG conversions - debian/patches/CVE-2026-24484.patch: Throw VectorGraphicsNestedTooDeeply when vector-graphics nesting reaches MagickMaxRecursionDepth; fix crashes caused by unbounded nesting of graphic-context elements. - debian/patches/CVE-2026-24484-1.patch: Add recursion-depth check and throw exception for excessively nested vector graphics; mitigate crash/resource exhaustion caused by missing bounds check allowing unbounded nesting. - CVE-2026-24484 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial-of-service from nested multi-layer MVG-to-SVG conversions - debian/patches/CVE-2026-24484.patch: Throw VectorGraphicsNestedTooDeeply when vector-graphics nesting reaches MagickMaxRecursionDepth; fix crashes caused by unbounded nesting of graphic-context elements. - debian/patches/CVE-2026-24484-1.patch: Add recursion-depth check and throw exception for excessively nested vector graphics; mitigate crash/resource exhaustion caused by missing bounds check allowing unbounded nesting. - CVE-2026-24484

0 tuxcare-ubuntu16.04-els imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 4b8787346afcde8176349462a93a1cf9c4f0b676 imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb f30c25eec5e0e4d22e61d8dbbe0c12687f98c3c4 imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb c5db5532dbabe8a2c6cc9177e38504a28916b06f imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb b7a3eeed94b8c04452a06fe1e6890b3ba131a891 libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb b784d62f690e21a364b18245ff082dfff28bf3f0 libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 4206ffa1c3370f6de94c11345936b44543e72cd5 libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb 32cd65d50398bc1b58532403f81ac9b8e7e5ddd8 libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 3e7706978a0e61e818e6abca007028dced886d71 libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 14e791d39a6b53d92ec5057251a115dc1752ebbf libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb cfe1658df254e5f5c6b7b3076db1bcc254c436da libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 0ae44a2ecfc5d8040e955a0859db01aefa75369f libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb e8bd22d4c633952188b03328cf4a862da76efaef libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 6a07eef10848846203e37fc4b10a6ba704cbabc8 libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb bd2de13f01cbeabbf4cd1a9dbbf9a77f3415451d libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb 63df39b672315757fd38f65e9f30b98a616ad42b libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb 4b13c823400ab2ddbbf2e2e204cbf22c3e4d839c libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb 62edaeca39b9ecfaa60a7be056875feec0d025c9 libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb ed5cc000b299ed379074569d299ccba6f9f19767 libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els42_amd64.deb c7d538a4d71bfa5e87f08dee1415018f56f34561 libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb 553f6bd7c31b341a49c987a19993e1450e980a74 perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els42_all.deb 97b8b0f5a1e95157158d44940a86a35504bf9192 CLSA-2026:1775724625 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738_escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 * SECURITY UPDATE: denial of service via use-after-free in ICP request handling - debian/patches/CVE-2026-32748.patch: return HttpRequestPointer and move icpAccessAllowed into icpGetRequest to fix HttpRequest lifetime for ICP v3 queries - CVE-2026-32748 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738_escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 * SECURITY UPDATE: denial of service via use-after-free in ICP request handling - debian/patches/CVE-2026-32748.patch: return HttpRequestPointer and move icpAccessAllowed into icpGetRequest to fix HttpRequest lifetime for ICP v3 queries - CVE-2026-32748

0 tuxcare-ubuntu16.04-els squid_3.5.12-1ubuntu7.17+tuxcare.els13_amd64.deb ca69f1091932e333a1a741ce4826ba2871831b0f squid-cgi_3.5.12-1ubuntu7.17+tuxcare.els13_amd64.deb 9321a494594532f0e80fbfa35fbf27cab8ffcfa9 squid-common_3.5.12-1ubuntu7.17+tuxcare.els13_all.deb c6a040182501fc7266470165dcbfaf721b112fa7 squid-purge_3.5.12-1ubuntu7.17+tuxcare.els13_amd64.deb f21262e696662e1c11eba4d1fc5dcd8dbaa23f46 squid3_3.5.12-1ubuntu7.17+tuxcare.els13_all.deb b2ffe17295ba2cc0da5e2c8a700da59d7cf051d2 squidclient_3.5.12-1ubuntu7.17+tuxcare.els13_amd64.deb 56ff562ba66e3eb0d09827dda313d9bb3e927889 CLSA-2026:1775779453 TuxCare License Agreement 0 * CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743} * CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number {CVE-2025-39685} * CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-38713} * CVE-2025-38699 - scsi: bfa: Double-free fix {CVE-2025-38699} * CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697} * CVE-2025-38680 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} * CVE-2025-38677 - f2fs: fix to avoid out-of-boundary access in dnode page {CVE-2025-38677} * CVE-2025-38572 - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} * CVE-2025-38538 - dmaengine: nbpfaxi: Fix memory corruption in probe() {CVE-2025-38538} * CVE-2025-38530 - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530} * CVE-2025-38529 - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529} * CVE-2025-38494 - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} * CVE-2025-38482 - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482} * CVE-2025-38428 - Input: ims-pcu - check record size in ims_pcu_flash_firmware() {CVE-2025-38428} * CVE-2025-38416 - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416} * CVE-2025-38415 - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} * CVE-2025-38403 - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} * CVE-2025-38286 - pinctrl: at91: Fix possible out-of-boundary access {CVE-2025-38286} * CVE-2025-38245 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} * CVE-2025-38212 - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} * CVE-2025-38204 - jfs: fix array-index-out-of-bounds read in add_missing_indices {CVE-2025-38204} * CVE-2025-38157 - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} * CVE-2025-38079 - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} * CVE-2025-38051 - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} * CVE-2023-53676 - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() {CVE-2023-53676} * CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} * CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668} * CVE-2023-53622 - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} * CVE-2023-53616 - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount {CVE-2023-53616} * CVE-2023-53608 - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() {CVE-2023-53608} * CVE-2023-53587 - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} * CVE-2023-53569 - ext2: Check block size validity during mount {CVE-2023-53569} * CVE-2023-53559 - ip_vti: fix potential slab-use-after-free in decode_session6 {CVE-2023-53559} * CVE-2023-53541 - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write {CVE-2023-53541} * CVE-2023-53521 - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} * CVE-2023-53506 - udf: Do not bother merging very long extents {CVE-2023-53506} * CVE-2023-53485 - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev {CVE-2023-53485} * CVE-2023-53484 - lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484} * CVE-2023-53454 - HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454} * CVE-2023-53322 - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} * CVE-2023-53311 - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput {CVE-2023-53311} * CVE-2023-53259 - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} * CVE-2023-53219 - media: netup_unidvb: fix use-after-free at del_timer() {CVE-2023-53219} * CVE-2023-53138 - net: caif: Fix use-after-free in cfusbl_device_notify() {CVE-2023-53138} * CVE-2023-53075 - ftrace: Fix invalid address access in lookup_rec() when index is 0 {CVE-2023-53075} * CVE-2023-53035 - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() {CVE-2023-53035} * CVE-2022-50542 - media: si470x: Fix use-after-free in si470x_int_in_callback() {CVE-2022-50542} * CVE-2022-50496 - dm cache: Fix UAF in destroy() {CVE-2022-50496} * CVE-2022-50478 - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() {CVE-2022-50478} * CVE-2022-50470 - xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470} * CVE-2022-50432 - kernfs: fix use-after-free in __kernfs_remove {CVE-2022-50432} * CVE-2022-50423 - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() {CVE-2022-50423} * CVE-2022-50419 - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419} * CVE-2022-50411 - ACPICA: Fix error code path in acpi_ds_call_control_method() {CVE-2022-50411} * CVE-2022-50394 - i2c: ismt: Fix an out-of-bounds bug in ismt_access() {CVE-2022-50394} * CVE-2022-50384 - staging: vme_user: Fix possible UAF in tsi148_dma_list_add {CVE-2022-50384} * CVE-2022-50333 - fs: jfs: fix shift-out-of-bounds in dbDiscardAG {CVE-2022-50333} * CVE-2022-50301 - iommu/omap: Fix buffer overflow in debugfs {CVE-2022-50301} * CVE-2022-50094 - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions {CVE-2022-50094} * CVE-2022-50022 - drivers:md:fix a potential use-after-free bug {CVE-2022-50022} * CVE-2022-49945 - hwmon: (gpio-fan) Fix array out of bounds access {CVE-2022-49945} * CVE-2022-49865 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865} * CVE-2022-49775 - tcp: cdg: allow tcp_cdg_release() to be called multiple times {CVE-2022-49775} * CVE-2022-49581 - be2net: Fix buffer overflow in be_get_module_eeprom {CVE-2022-49581} * CVE-2022-49503 - ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix {CVE-2022-49503} * CVE-2021-47142 - drm/amdgpu: Fix a use-after-free {CVE-2021-47142} * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class * Focal update: v5.4.255 upstream stable release (LP: #2039440) - Bluetooth: L2CAP: Fix use-after-free * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) - Bluetooth: L2CAP: Fix user-after-free - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() * Focal update: v5.4.253 upstream stable release (LP: #2038652) - ip6mr: Fix skb_under_panic in ip6mr_cache_report() * Focal update: v5.4.224 upstream stable release (LP: #1999273) - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) - vt: Clear selection before changing the font * Focal update: v5.4.237 upstream stable release (LP: #2023420) - fs: prevent out-of-bounds array speculation when closing a file descriptor * Focal update: v5.4.231 upstream stable release (LP: #2011226) - netlink: prevent potential spectre v1 gadgets * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ALSA: bcd2000: Fix a UAF bug on the error path of probing - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - md-raid10: fix KASAN warning - selinux: Add boundary check in put_entry() - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) - igb: Do not free q_vector unless new one was allocated * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - net: mdio: fix undefined behavior in bit shift for __mdiobus_register * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Focal update: v5.4.225 upstream stable release (LP: #2002347) - ntfs: fix use-after-free in ntfs_attr_find() * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() * Miscellaneous upstream changes - debian: add control and changelog files - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint - f2fs: return error when accessing insane flie offset - f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks - f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() - usb: vhci-hcd: Do not drop references before new references are gained - tracing: Fix oob write in trace_seq_to_buffer() - mtd: inftlcore: Add error check for inftl_read_oob() - jbd2: remove wrong sb->s_sequence check - usb: dwc3: gadget: check that event count does not exceed event buffer length - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control - Bluetooth: hci_core: Fix use-after-free in vhci_flush() - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" - scsi: target: Fix WRITE_SAME No Data Buffer crash - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too - HID: core: Harden s32ton() against conversion to 0 bits - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - wifi: mac80211_hwsim: drop short frames - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743} * CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number {CVE-2025-39685} * CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-38713} * CVE-2025-38699 - scsi: bfa: Double-free fix {CVE-2025-38699} * CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697} * CVE-2025-38680 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} * CVE-2025-38677 - f2fs: fix to avoid out-of-boundary access in dnode page {CVE-2025-38677} * CVE-2025-38572 - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} * CVE-2025-38538 - dmaengine: nbpfaxi: Fix memory corruption in probe() {CVE-2025-38538} * CVE-2025-38530 - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530} * CVE-2025-38529 - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529} * CVE-2025-38494 - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} * CVE-2025-38482 - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482} * CVE-2025-38428 - Input: ims-pcu - check record size in ims_pcu_flash_firmware() {CVE-2025-38428} * CVE-2025-38416 - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416} * CVE-2025-38415 - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} * CVE-2025-38403 - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} * CVE-2025-38286 - pinctrl: at91: Fix possible out-of-boundary access {CVE-2025-38286} * CVE-2025-38245 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} * CVE-2025-38212 - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} * CVE-2025-38204 - jfs: fix array-index-out-of-bounds read in add_missing_indices {CVE-2025-38204} * CVE-2025-38157 - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} * CVE-2025-38079 - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} * CVE-2025-38051 - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} * CVE-2023-53676 - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() {CVE-2023-53676} * CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} * CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668} * CVE-2023-53622 - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} * CVE-2023-53616 - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount {CVE-2023-53616} * CVE-2023-53608 - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() {CVE-2023-53608} * CVE-2023-53587 - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} * CVE-2023-53569 - ext2: Check block size validity during mount {CVE-2023-53569} * CVE-2023-53559 - ip_vti: fix potential slab-use-after-free in decode_session6 {CVE-2023-53559} * CVE-2023-53541 - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write {CVE-2023-53541} * CVE-2023-53521 - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} * CVE-2023-53506 - udf: Do not bother merging very long extents {CVE-2023-53506} * CVE-2023-53485 - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev {CVE-2023-53485} * CVE-2023-53484 - lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484} * CVE-2023-53454 - HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454} * CVE-2023-53322 - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} * CVE-2023-53311 - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput {CVE-2023-53311} * CVE-2023-53259 - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} * CVE-2023-53219 - media: netup_unidvb: fix use-after-free at del_timer() {CVE-2023-53219} * CVE-2023-53138 - net: caif: Fix use-after-free in cfusbl_device_notify() {CVE-2023-53138} * CVE-2023-53075 - ftrace: Fix invalid address access in lookup_rec() when index is 0 {CVE-2023-53075} * CVE-2023-53035 - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() {CVE-2023-53035} * CVE-2022-50542 - media: si470x: Fix use-after-free in si470x_int_in_callback() {CVE-2022-50542} * CVE-2022-50496 - dm cache: Fix UAF in destroy() {CVE-2022-50496} * CVE-2022-50478 - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() {CVE-2022-50478} * CVE-2022-50470 - xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470} * CVE-2022-50432 - kernfs: fix use-after-free in __kernfs_remove {CVE-2022-50432} * CVE-2022-50423 - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() {CVE-2022-50423} * CVE-2022-50419 - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419} * CVE-2022-50411 - ACPICA: Fix error code path in acpi_ds_call_control_method() {CVE-2022-50411} * CVE-2022-50394 - i2c: ismt: Fix an out-of-bounds bug in ismt_access() {CVE-2022-50394} * CVE-2022-50384 - staging: vme_user: Fix possible UAF in tsi148_dma_list_add {CVE-2022-50384} * CVE-2022-50333 - fs: jfs: fix shift-out-of-bounds in dbDiscardAG {CVE-2022-50333} * CVE-2022-50301 - iommu/omap: Fix buffer overflow in debugfs {CVE-2022-50301} * CVE-2022-50094 - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions {CVE-2022-50094} * CVE-2022-50022 - drivers:md:fix a potential use-after-free bug {CVE-2022-50022} * CVE-2022-49945 - hwmon: (gpio-fan) Fix array out of bounds access {CVE-2022-49945} * CVE-2022-49865 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865} * CVE-2022-49775 - tcp: cdg: allow tcp_cdg_release() to be called multiple times {CVE-2022-49775} * CVE-2022-49581 - be2net: Fix buffer overflow in be_get_module_eeprom {CVE-2022-49581} * CVE-2022-49503 - ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix {CVE-2022-49503} * CVE-2021-47142 - drm/amdgpu: Fix a use-after-free {CVE-2021-47142} * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class * Focal update: v5.4.255 upstream stable release (LP: #2039440) - Bluetooth: L2CAP: Fix use-after-free * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) - Bluetooth: L2CAP: Fix user-after-free - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() * Focal update: v5.4.253 upstream stable release (LP: #2038652) - ip6mr: Fix skb_under_panic in ip6mr_cache_report() * Focal update: v5.4.224 upstream stable release (LP: #1999273) - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) - vt: Clear selection before changing the font * Focal update: v5.4.237 upstream stable release (LP: #2023420) - fs: prevent out-of-bounds array speculation when closing a file descriptor * Focal update: v5.4.231 upstream stable release (LP: #2011226) - netlink: prevent potential spectre v1 gadgets * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ALSA: bcd2000: Fix a UAF bug on the error path of probing - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - md-raid10: fix KASAN warning - selinux: Add boundary check in put_entry() - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) - igb: Do not free q_vector unless new one was allocated * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - net: mdio: fix undefined behavior in bit shift for __mdiobus_register * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Focal update: v5.4.225 upstream stable release (LP: #2002347) - ntfs: fix use-after-free in ntfs_attr_find() * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() * Miscellaneous upstream changes - debian: add control and changelog files - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - Merge branch 'master' into master-build - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint - f2fs: return error when accessing insane flie offset - f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks - f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() - usb: vhci-hcd: Do not drop references before new references are gained - tracing: Fix oob write in trace_seq_to_buffer() - mtd: inftlcore: Add error check for inftl_read_oob() - jbd2: remove wrong sb->s_sequence check - usb: dwc3: gadget: check that event count does not exceed event buffer length - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control - Bluetooth: hci_core: Fix use-after-free in vhci_flush() - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" - scsi: target: Fix WRITE_SAME No Data Buffer crash - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too - HID: core: Harden s32ton() against conversion to 0 bits - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - wifi: mac80211_hwsim: drop short frames - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write

0 tuxcare-ubuntu16.04-els linux-buildinfo-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb c8946039497c97676bdfa367904ac26ce79c61f4 linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency_4.4.0-281.315_amd64.deb 17ac46f0d36421bb0ca98393490cd3d41eb43152 linux-cloud-tools-4.4.0-281-tuxcare.els51_4.4.0-281.315_amd64.deb 63a21f3a19a1c5be06f18af3ef257d30fc03c4d7 linux-cloud-tools-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb fea96fc55fb44472c73a1bb9c82b3f779e1c1bd0 linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency_4.4.0-281.315_amd64.deb 14b24edb68dd978fc15ece0a39e3cc842097f5d8 linux-cloud-tools-common_4.4.0-281.315_all.deb 8b145214629963b2c7c2df361efa087c16e640fd linux-doc_4.4.0-281.315_all.deb e68758da15854412782e74e721c86a2639d44cdc linux-headers-4.4.0-281-tuxcare.els51_4.4.0-281.315_all.deb 312982db732565cf0b24410f3f4f627794561575 linux-headers-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb 24a175a8587b8e852872d6072deb312d1fb9010d linux-headers-4.4.0-281-tuxcare.els51-lowlatency_4.4.0-281.315_amd64.deb 501fecc7bb7114c7923f2d78e8ee0442dfb8347f linux-image-unsigned-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb d551d915ff11e98ec1ad3f026b5c67cd7c034489 linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency_4.4.0-281.315_amd64.deb 43e67219c9cb7af350678555178f803603759f50 linux-libc-dev_4.4.0-281.315_amd64.deb e47afd8e5cc9788b3ef6e8cde9044cc5a958df5c linux-modules-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb 53bfe8f75138d0a2ab8a9beb4972ebc9369d0658 linux-modules-4.4.0-281-tuxcare.els51-lowlatency_4.4.0-281.315_amd64.deb a5060a4bd1d20eaae471f4d474c5aab47bb8e051 linux-modules-extra-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb 6da2b24fce7b89cd8c57af9f4039032f99eb6932 linux-source-4.4.0_4.4.0-281.315_all.deb 7c03d39dc6b90cdc1ea33a7e31a54e4786ced68e linux-tools-4.4.0-281-tuxcare.els51_4.4.0-281.315_amd64.deb fea4c1aa247887b41cd3e10accf0e139283c1a84 linux-tools-4.4.0-281-tuxcare.els51-generic_4.4.0-281.315_amd64.deb 4c7532fcfa1e4c3b64b57bad0b2f5a92fed57404 linux-tools-4.4.0-281-tuxcare.els51-lowlatency_4.4.0-281.315_amd64.deb 999b002341bf6279e65a525f59c226bad59afb23 linux-tools-common_4.4.0-281.315_all.deb 7be4435871eadc0c7be85659c5bfa9cf3bb71a77 linux-tools-host_4.4.0-281.315_all.deb 4b6c70188fef62a0444c415edf1d8830da5df545 CLSA-2026:1776156481 TuxCare License Agreement 0 * SECURITY UPDATE: fix heap buffer overflow in _bfd_elf_parse_eh_frame - debian/patches/CVE-2025-11082.patch: fix heap buffer overflow in _bfd_elf_parse_eh_frame - CVE-2025-11082 * SECURITY UPDATE: fix NULL deref in elf_gc_sweep with empty groups - debian/patches/CVE-2025-5244.patch: fix NULL deref in elf_gc_sweep with empty groups - CVE-2025-5244 * SECURITY UPDATE: fix SEGV in debug_type_samep - debian/patches/CVE-2025-5245.patch: fix SEGV in debug_type_samep - CVE-2025-5245 * SECURITY UPDATE: fix out-of-bounds reads in xcoff_link_add_symbols - debian/patches/CVE-2026-3441.patch: properly bounds check XTY_LD x_scnlen index and sanity check r_symndx before using it to index sym hashes in xcoff_link_add_symbols - CVE-2026-3441 - CVE-2026-3442 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix heap buffer overflow in _bfd_elf_parse_eh_frame - debian/patches/CVE-2025-11082.patch: fix heap buffer overflow in _bfd_elf_parse_eh_frame - CVE-2025-11082 * SECURITY UPDATE: fix NULL deref in elf_gc_sweep with empty groups - debian/patches/CVE-2025-5244.patch: fix NULL deref in elf_gc_sweep with empty groups - CVE-2025-5244 * SECURITY UPDATE: fix SEGV in debug_type_samep - debian/patches/CVE-2025-5245.patch: fix SEGV in debug_type_samep - CVE-2025-5245 * SECURITY UPDATE: fix out-of-bounds reads in xcoff_link_add_symbols - debian/patches/CVE-2026-3441.patch: properly bounds check XTY_LD x_scnlen index and sanity check r_symndx before using it to index sym hashes in xcoff_link_add_symbols - CVE-2026-3441 - CVE-2026-3442

0 tuxcare-ubuntu16.04-els binutils_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb a858b390e8f2db5047b2ea971d0cedb26b911ed6 binutils-aarch64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 26656402a91b140c09375362bd640b96f4970b6d binutils-alpha-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 82efe054fb5fe1886415f2b88cf95dadbccddbaf binutils-arm-linux-gnueabi_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb f598cac8896ae33ce8b5f8b11f8daa229370db2a binutils-arm-linux-gnueabihf_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb dff3ebf13a6c04856bf17713e1cf0312977876fa binutils-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb eca38eb630b30ed10bd7c54d7ba39ea8b7447f38 binutils-doc_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_all.deb f91ab132e6a0c2667c897e59c5553453ed2be19b binutils-hppa-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb dfd2a3592780bae5bbe0c2df6ff45f6e7271b702 binutils-hppa64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 7623d353f97555e4ffb831f7d44b537784da6706 binutils-m68k-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb c78ac5bbd38a7bfeec88d3a679cfcd62c89d69ad binutils-mips-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb d17969ddff730b60905c3eec70e4ae4795f43da1 binutils-mips64-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb c0b8ab30344c42634489d945fcbdee6d8761c786 binutils-mips64el-linux-gnuabi64_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb e86489ac5654f8cd14f6c22dfb6fef477390e501 binutils-mipsel-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 79e567051c8eff72d22da9bf14b7dae9ddb43b82 binutils-multiarch_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb f63b396eaaf1e6bcb1dff5e7f850ca191b98607f binutils-multiarch-dev_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb adc610b2dfa7fa08c839d2960fcf626b54d16be4 binutils-powerpc-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 8e92068d943db219e7cf7367ee7da486133ece58 binutils-powerpc-linux-gnuspe_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 1643ffdb041b6055cc90efb6d271c3b4f3519b38 binutils-powerpc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 5f6dd5e9b5a87e1b154a8dba5d7319d712e953a8 binutils-powerpc64le-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb ad12a7a18278155e755fb290e21e1bd9b0883777 binutils-s390x-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb e8f58cdd898e50d8642bf8384312b08dc87e9bb1 binutils-sh4-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb b5c952879164aa167e9b3ac6119f5a90229ddefb binutils-source_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_all.deb adb1bb76a1f908cbbb0078ec1bd735c8b17063b5 binutils-sparc64-linux-gnu_2.26.1-1ubuntu1~16.04.10+tuxcare.els20_amd64.deb 1f15c48468d08972c736736bc0a79746b82e9ddb CLSA-2026:1776361748 TuxCare License Agreement 0 * SECURITY UPDATE: heap read past bounds in sftp_parse_longname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longname_field; bound string walks at NUL; fail if field not found - CVE-2026-0968 ('Low', ['ELSCVE-89203']) Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap read past bounds in sftp_parse_longname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longname_field; bound string walks at NUL; fail if field not found - CVE-2026-0968

0 tuxcare-ubuntu16.04-els libssh-4_0.6.3-4.3ubuntu0.6+tuxcare.els4_amd64.deb b97b1c8074ba4b88c97341c5c68dfc46f56e4e25 libssh-dev_0.6.3-4.3ubuntu0.6+tuxcare.els4_amd64.deb d4cd257aff563e5c4c1a56e6a1bd822369eff7ca libssh-doc_0.6.3-4.3ubuntu0.6+tuxcare.els4_all.deb 2be9e4850c59dcb2a1a58d79b83ae2d1a47f85df libssh-gcrypt-4_0.6.3-4.3ubuntu0.6+tuxcare.els4_amd64.deb 4c1637f99d6780380ff778465aad0ec63730e91c libssh-gcrypt-dev_0.6.3-4.3ubuntu0.6+tuxcare.els4_amd64.deb b5ffc5962b30f1e9c0d53a81fe80f7e617ed30bf