CLSA-2023:1675774889 TuxCare License Agreement 0 * Initial build for Ubuntu 18.04 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Initial build for Ubuntu 18.04

0 tuxcare-ubuntu18.04-els els-define_1-1.0.2_amd64.deb 03780c77ab2f1982126b78ab5454f7c0ff287162 CLSA-2023:1684824309 TuxCare License Agreement 0 * Universal build for Ubuntu/Debian None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Universal build for Ubuntu/Debian

0 tuxcare-ubuntu18.04-els els-define_1-1.0.3_amd64.deb a1663b2fe4a12814a0bf82ff20cb258a6ac4c5ca CLSA-2023:1685971623 TuxCare License Agreement 0 * SECURITY UPDATE: Samba AD DC using Heimdal can be forced to issue rc4-hmac encrypted Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix TGS ticket enc-part key selection and check-des - CVE-2022-45141 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Samba AD DC using Heimdal can be forced to issue rc4-hmac encrypted Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix TGS ticket enc-part key selection and check-des - CVE-2022-45141

0 tuxcare-ubuntu18.04-els ctdb_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 6b9aa882aa2ce38d7f28a348e1926998299a883a libnss-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 5d1b25914e4701023136cdaf9390194a62111c7b libpam-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 4a1fb4affa975150129b5ba7df8dc1b6a7c7e6f0 libparse-pidl-perl_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 0dfd7b0f0793240e7192680173f4eb3272cc3788 libsmbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 476f8bf91532437321f6c5d8711505640b5e1fd9 libsmbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 3093c4f6927189a8ab57cfc3e2e5457d022eb02c libwbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 10a3a7e5799bc0750162aca2cc0edd9c2c911c86 libwbclient0_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb a0f492a3f13e34c169c5e3f8363edaa8cda03402 python-samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb e3a3da943ebbfcb92c978fa74545b979ed6c0186 registry-tools_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 047d05966d69782106579bd216afe1192078142b samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 92298da5ceddd6956d53d4277f1af348423b4bfa samba-common_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_all.deb 63cad685d3d586bc207be43e8a4d0e8274261c8c samba-common-bin_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 1d613728a7dd27c49f0237b76093baaa78ec7bac samba-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb f275f9d4a5c07aaf649cdb44a9687a113ca25cd4 samba-dsdb-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 4736293443817efe91e925cb7f518df70a95c2a6 samba-libs_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 6d988cf920992d60c3a8f590ba9ebb7de8efcfd7 samba-testsuite_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb ff6b1790a056ce69a487e1d4800dec0b46ac375f samba-vfs-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 9fbc97cbe3e78ebe85c7c0c4578fe25196193c77 smbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 16c0560a60a9c2092ee9f234db57e9c00312d435 winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els1_amd64.deb 6fafe9f815e4837c4b2466c2b80ac7038ec2e04d CLSA-2023:1686586528 TuxCare License Agreement 0 * SECURITY UPDATE: Apache Tomcat request smuggling - debian/patches/CVE-2022-42252.patch: Requests with invalid content-length should always be rejected. - CVE-2022-42252 * SECURITY UPDATE: AJP Request Injection and potential Remote Code Execution - debian/patches/CVE-2020-1938.patch: Add new AJP attribute allowedRequestAttributesPattern. Rename requiredSecret to secret and add secretRequired. Change the default bind address for AJP to the loopback address. - CVE-2020-1938 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Apache Tomcat request smuggling - debian/patches/CVE-2022-42252.patch: Requests with invalid content-length should always be rejected. - CVE-2022-42252 * SECURITY UPDATE: AJP Request Injection and potential Remote Code Execution - debian/patches/CVE-2020-1938.patch: Add new AJP attribute allowedRequestAttributesPattern. Rename requiredSecret to secret and add secretRequired. Change the default bind address for AJP to the loopback address. - CVE-2020-1938

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 606bc263ec2532f472715131b83668d4b81e14f8 libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 50b362bd9d3914042ae66c2ad770cbe192f8f269 tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb c5d2ec8970343cf549f686a6fd0d84fd62e33c7c tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 9a27099fc984d8c9f4959d1afe0943a633d63120 tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 3954a4dd43221520a0c5c3f3c358601f01812634 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 9f28970bdd29f057f47bff8a5189b144c16c7be5 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 2f0ccb9879d0ee54c9cbcc1795715d0da9dff96c tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els1_all.deb 61b380b493c7361e5ef371b20740c491ecb25583 CLSA-2023:1686586672 TuxCare License Agreement 0 * SECURITY UPDATE: Apache Tomcat request smuggling - debian/patches/CVE-2022-42252.patch: Requests with invalid content-length should always be rejected. - CVE-2022-42252 * SECURITY UPDATE: AJP Request Injection and potential Remote Code Execution - debian/patches/CVE-2020-1938.patch: Add new AJP attribute allowedRequestAttributesPattern. Rename requiredSecret to secret and add secretRequired. Change the default bind address for AJP to the loopback address. - CVE-2020-1938 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Apache Tomcat request smuggling - debian/patches/CVE-2022-42252.patch: Requests with invalid content-length should always be rejected. - CVE-2022-42252 * SECURITY UPDATE: AJP Request Injection and potential Remote Code Execution - debian/patches/CVE-2020-1938.patch: Add new AJP attribute allowedRequestAttributesPattern. Rename requiredSecret to secret and add secretRequired. Change the default bind address for AJP to the loopback address. - CVE-2020-1938

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb a0879fd1d8138ccc3afd5bb896d27e2e34333347 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb 65cc901c1ec2497cb5438c9e540d1908dc071204 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb c1ed3040126532aaabaa4effdaf5e670de09435b tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb 97b7d836435e35cb19a5d1f79d976cd855953e97 tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb 1f6eac7296503d5714adcb8949bc92209e3eca75 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb cf6063e1b3d76bc51794a34db19366873b9fb14e tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb 3c25c0234a296c5637652c5d51c29c607ad7bd22 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els1_all.deb fc382ddcebf466a4a29274e5685717080236369e CLSA-2023:1687469528 TuxCare License Agreement 0 * SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_all.deb e3f3aad05e3ca58a84cdaf341126e39b851f22eb libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb fb3ac1c9d161b153bde0b7fd34098ee06643c542 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb b40fba47f450aead9c7305e0d7a39470ab3f24e7 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb 5bc8a50fc8657689a51142b456c9a68abcf5af5f libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb 3e87abb63ec180deca3f3a01f6d43a0306546cdc libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_all.deb 6ffc59e5c1dd79772fdca716085096a0575c68fe python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb 0f5bb14354c80fdb099efc693918f97194df6f9c python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb d03334fcb28a6fb5f3125f9ccd801ec78e10bc26 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_all.deb 32239f447670153178ac8c5074247c7db1b2a215 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_all.deb 95c78151035e301434ebcd93f92a364909cf60a6 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els1_amd64.deb 4357b5fc2fd3dc0222622f0d81376ed2503d7a58 CLSA-2023:1687469630 TuxCare License Agreement 0 * SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: start stripping C0 control and space chars in `urlsplit` - CVE-2023-24329

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_all.deb 686cf7ac8116f6e2eab6251ce321342f05ca48af libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb e3b25d4276b1422017ba56afee5dbc7004bd046f libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb 3ae1fd1d1c6af02070bd84e41888f4a7f90c4269 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb bb4e81d7aa5b6112b7e780c55bb49568c090c777 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb 783b880d2fd303b53e345f26498de66d36559104 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_all.deb 656c1f13b07e4467354441b3f32ac99e2b1b6306 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb 68e0349d6fc03697fd478d09d2dbdf1346927f55 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb ddb7b3b92b20228c366f233ffbb6664a435dba25 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_all.deb 7021c3d1804949b751acde8c067788a131b7f004 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_all.deb f6244f3c806cae9ed4b3b7ac81eea9690903df85 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb a72758bbf5736e07620a9f9f585ca80d9500292f python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els1_amd64.deb 1e3457e2284add9cac97ecc2607bcad65d23c49d CLSA-2023:1687469728 TuxCare License Agreement 0 * SECURITY UPDATE: a possible overflow because of an incomplete fix of CVE-2022-39377 - debian/patches/CVE-2023-33204.patch: check an overflow and exit if it be - CVE-2023-33204 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a possible overflow because of an incomplete fix of CVE-2022-39377 - debian/patches/CVE-2023-33204.patch: check an overflow and exit if it be - CVE-2023-33204

0 tuxcare-ubuntu18.04-els isag_11.6.1-1ubuntu0.2+tuxcare.els1_all.deb 88755da1475a0b69a970bdead2cee07da30e8897 sysstat_11.6.1-1ubuntu0.2+tuxcare.els1_amd64.deb 723e7c0dd40543fa177eac2bedeb24d47a744af5 CLSA-2023:1687469807 TuxCare License Agreement 0 * SECURITY UPDATE: Apache Tomcat h2c request mix-up - debian/patches/CVE-2021-25122.patch: Simplify the code and fix an edge case for BZ 64830 - CVE-2021-25122 * SECURITY UPDATE: Denial of Service for NIO+OpenSSL or NIO2+OpenSSL TLS configurations - debian/patches/CVE-2021-41079.patch: Improve robustness - CVE-2021-41079 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Apache Tomcat h2c request mix-up - debian/patches/CVE-2021-25122.patch: Simplify the code and fix an edge case for BZ 64830 - CVE-2021-25122 * SECURITY UPDATE: Denial of Service for NIO+OpenSSL or NIO2+OpenSSL TLS configurations - debian/patches/CVE-2021-41079.patch: Improve robustness - CVE-2021-41079

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb 6d83cc3f9c017e46f74c7d21020387409d7b7451 libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb 80348aec79fdcf3f286aa8ee83cb4c29991710fa tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb fab233ce6e0d6768a5aa1506194a82b4d68ec082 tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb 8012398492f94d291f17cb9cc68cb25d3253102a tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb 511199abe32c6a9bf6d7e3dc5566d991d5a3e6ae tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb be66ddb7784a9ece4a4eb65ac507308d20c600bb tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb 43ef847b460e85425f53dc33c86461aac4131572 tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els2_all.deb 91175cc151e278cb4e3208fb9eab400a1965ca5d CLSA-2023:1687795531 TuxCare License Agreement 0 * SECURITY UPDATE: Response injection (buffering) during MTA SMTP sending - debian/patches/CVE-2021-38371.patch: Enforce STARTTLS sync point, client side in src/transports/smtp.c - CVE-2021-38371 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Response injection (buffering) during MTA SMTP sending - debian/patches/CVE-2021-38371.patch: Enforce STARTTLS sync point, client side in src/transports/smtp.c - CVE-2021-38371

0 tuxcare-ubuntu18.04-els exim4_4.90.1-1ubuntu1.10+tuxcare.els1_all.deb fd3dce7a5795b5702109804122b032c796e4d293 exim4-base_4.90.1-1ubuntu1.10+tuxcare.els1_amd64.deb e03cf0a6af5496a74c33be91d2b60c2bc31537eb exim4-config_4.90.1-1ubuntu1.10+tuxcare.els1_all.deb 3c43536602c3bc9fda066b40e9ad57606810139e exim4-daemon-heavy_4.90.1-1ubuntu1.10+tuxcare.els1_amd64.deb ae72072ae3d3af41ca73cae85f3d8556162feed5 exim4-daemon-light_4.90.1-1ubuntu1.10+tuxcare.els1_amd64.deb 144f2d728e268ed5fbb387ad4aae33a4258e850b exim4-dev_4.90.1-1ubuntu1.10+tuxcare.els1_amd64.deb c57baeac6c3a7ae81ce9c4118daabb6e6fa10159 eximon4_4.90.1-1ubuntu1.10+tuxcare.els1_amd64.deb f0a6caa112e721cb6e763aade403516b56e298a6 CLSA-2023:1688070489 TuxCare License Agreement 0 * SECURITY UPDATE: some applets are vulnerable to escape sequence injection when used from an VT compatible terminal - debian/patches/CVE-2022-28391.patch: sockaddr2str: ensure only printable characters are returned for the hostname part - CVE-2022-28391 * Fix cpio.tests - debian/patches/fix-cpio-tests.patch: set a correct owner Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: some applets are vulnerable to escape sequence injection when used from an VT compatible terminal - debian/patches/CVE-2022-28391.patch: sockaddr2str: ensure only printable characters are returned for the hostname part - CVE-2022-28391 * Fix cpio.tests - debian/patches/fix-cpio-tests.patch: set a correct owner

0 tuxcare-ubuntu18.04-els busybox_1.27.2-2ubuntu3.4+tuxcare.els1_amd64.deb 72f4d736987bf150c9ab2c204375bf7705b1d2f5 busybox-initramfs_1.27.2-2ubuntu3.4+tuxcare.els1_amd64.deb 92b6b6bc0befaf025471746c28aee0516e4ae40f busybox-static_1.27.2-2ubuntu3.4+tuxcare.els1_amd64.deb 80bb1581c1d3d05608560e42f8a470c80d909008 busybox-syslogd_1.27.2-2ubuntu3.4+tuxcare.els1_all.deb d61201e59c2732edd84f430638d4a838ecdb00c0 udhcpc_1.27.2-2ubuntu3.4+tuxcare.els1_amd64.deb 16f91d877326586c67aab53ddbab3e5d47642a02 udhcpd_1.27.2-2ubuntu3.4+tuxcare.els1_amd64.deb 6b1661375c3f5f15f82edf071a5c0398606c1b0a CLSA-2023:1688070599 TuxCare License Agreement 0 * SECURITY UPDATE: More POST-after-PUT confusion - debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling - CVE-2023-28322 * SECURITY UPDATE: incorrect IDN wildcard match - debian/patches/CVE-2023-28321.patch: fix erroneous logic in wildcard handling, drop support for wildcards in the middle of domain name - CVE-2023-28321 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: More POST-after-PUT confusion - debian/patches/CVE-2023-28322.patch: fix mess in upload/method handling - CVE-2023-28322 * SECURITY UPDATE: incorrect IDN wildcard match - debian/patches/CVE-2023-28321.patch: fix erroneous logic in wildcard handling, drop support for wildcards in the middle of domain name - CVE-2023-28321

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb 53abb078965df7bb5ac337d5f723bb86ae698d2c libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb 69db79e98f96269432e43d4f33a186c935a42680 libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb 25bdbd3d963d22e325776746effbcdfe6a27b635 libcurl4_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb 076e9f93dc3db4ea5379456e6f315e289b17fdd2 libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els1_all.deb db8ed95609ef47a39d028da7840733acb992bc9d libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb 862db0a18788cfb7c29675fa4aea7af2888a6b92 libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb e60d30b2d47c519e1f56cdf74e05665b1d2eb850 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els1_amd64.deb d8003e83a4cc381a121171c6c4ea63653b96502c CLSA-2023:1688677755 TuxCare License Agreement 0 * SECURITY UPDATE: cache size limit exceeding may cause Denial of Service - debian/patches/CVE-2023-2828.patch: when reaching a limit, free as much space as new header requires. - CVE-2023-2828 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: cache size limit exceeding may cause Denial of Service - debian/patches/CVE-2023-2828.patch: when reaching a limit, free as much space as new header requires. - CVE-2023-2828

0 tuxcare-ubuntu18.04-els bind9_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb b483f0c534dd45df1d3aca223dd49959342c6d2f bind9-doc_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_all.deb c092f199b3b6c021002ebe5d54d18ae3bb97c937 bind9-host_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb aa9b15d6c4e9f1201e2c3373c7740c7e30c07898 bind9utils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 1efbbd4c91ea5a941f995bdc739cf4f08b391c4c dnsutils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 6c63267cf2d8db31b0207702eba29f416d8d6396 libbind-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 6e46cd1be38014812adb8cebb67145b513d87d7c libbind-export-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb b4abee666be5e4cb5e56a287d1b6c61bf39e50f7 libbind9-160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 71fbe68bda775c6ddd35e2901ae201959f70ea0c libdns-export1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 65a43c968232ff915afd40b5ba6f861cb87c0285 libdns1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 163ba1614a34aa83de7e5a3c348bcda28099f52e libirs-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 26c6ea199b4d91db7c025fe8bc8579586286099d libirs160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 697add4fce3334da4b9c430fb413dae128e8e47e libisc-export169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb cf23af13d04cf374794034161bc4d2095e8eeaa6 libisc169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 8af706dbf573a84aa907122a7ba82204bf5cae6c libisccc-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 60dd3f5731ff19abe41a600107f7eb8e41c55ff1 libisccc160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb ef46e954cbbde3fb488e245b7447ea9fdf2fa8be libisccfg-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb df6cea0597176ecac5bb44f8df6dfc8dea831428 libisccfg160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 2af51f5867cdee93ae5cc21fb6c130c1f9fa8e8e liblwres160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els1_amd64.deb 12ccdeb7a7108e2918ea175d2926c22afd45cab7 CLSA-2023:1688677908 TuxCare License Agreement 0 * SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2021-45078.patch: fix out-of-bounds write in stab_xcoff_builtin_type (bz: #28694) - CVE-2021-45078 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2021-45078.patch: fix out-of-bounds write in stab_xcoff_builtin_type (bz: #28694) - CVE-2021-45078

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb b74a0603a33aba988b8ec87e7119aa58f5eeb89a binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 90a1e721285db58d28885dd355e728fd7776674a binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 94c61fa495d7890c8921c9161eff6929730bea4d binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb e2c035946a61b4edef56e40c7616a047eb80616e binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 33ed35056c25dd16fb98fa098008b0a983fe7e1f binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb bf8bd49df99901e941dddbcf86472573265bd922 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 94878f3a86c884d7547722cb2735869f0ee890eb binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els1_all.deb a1613627a875acc8bbc5873cf2076428f7d28b5c binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els1_all.deb bd08493a5bc0d3afc52b0637aab54c0fa0a589ec binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 2bbe5d1f5205a31b82a2fee90ae1c152e863aa27 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 746ef9d08a3d264eba2b19d84625e28fb1b29bf5 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 7a7ee4e342cdd06a25aa626d21cb6e6735ed6240 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb e552e31e0432509d4784f4504300a1ecf01aafac binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb ca241eaca5e50bf790ca83dc358adf1c3f02c503 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb ad788f977754750a0e976269b8b108afde012fdf binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 5d6aeeec01aa1d9f9d70ddc52e611abed198b131 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 92b7bfab5dc131419fa6a07b0e7f25e222fce369 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 3ad772653559b38cc0a9125c98a7874eb20dade7 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb e4455ac56f9d93f741a7d83bb7376e4932d21a4a binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb f842d9b11931b968894e5df4047a6d928ffecbb5 binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb b61c6599f980f8ae3cf3076bf2a38f5791f74dd6 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 49a81624d17a7fa10d852c5410ae3f2afa79039e binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 3b7a52cae078212b32a484e761f258927703a552 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 59e9a5cc6e8210d0c089058f8aca295933d5efca binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 9acb92e0002eb2f0a80b841e43e010ab1dfabed9 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 3681dee1cb0aa7767e3880615cfd874edc41d2fc binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 183649f8e5d768df416b6e6df0526d43f6705a2a binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb fca44005876a7ca086666826b17f4e1422b906bf binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 445e69d17919c2b77f971e75139bbe68a4afbe7b binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 0524fafc93544c7525242655eca7a75027296d48 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 5adcc3869184bc140fcf7afa2a58994e91ab4686 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 83de9359b32a8ec61f5fa010cd25427d778a9f8b binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 34d6d8327cf07e735c332adcc098ff03a1a70506 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 309f867152e20e176a81a2c307f0cdf729768487 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 3921e8a3f60c8c8eda46c7b63754a27a69e19cda binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 2ae9d3acfafd19914ae282d247483a1e932d2062 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb af89e5dedc33049a54787754c08e62e040a9406c binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 10eb6e866337a674832cf909dd7ff17aadd2cdfa binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els1_all.deb b0597813757c06bcff2ca372a40aca07fb0f7d03 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 83fceef6b26694f7b0b7034abb8a8663d23da9f1 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 8833dce5617b863d8d7555876beb6e78adeecf3d binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 3ce87927a2d49ba54962f9bde5cbd6704d4872e8 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 9dae1dc5d8186fb890fc54667dfbd5ef15d58536 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els1_amd64.deb 716a4e0a7a15bc067bb5ca80bc975e43541b5357 CLSA-2023:1688678110 TuxCare License Agreement 0 * SECURITY UPDATE: String hashing algorithm collisions - debian/patches/0021-CVE-2021-33582-pre.patch: gracefully handle lookup on zero-sized tables - debian/patches/0022-CVE-2021-33582.patch: replace ad-hoc algorithm with seeded djb2 and use it when hashing - CVE-2021-33582 * Enable the internal cunit tests * CUnit tests: - debian/patches/0023-Add-unit-tests-for-strhash.patch: add unit tests for strhash and hash quality - debian/patches/0024-Skip-several-failed-tests.patch: skip several failed tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: String hashing algorithm collisions - debian/patches/0021-CVE-2021-33582-pre.patch: gracefully handle lookup on zero-sized tables - debian/patches/0022-CVE-2021-33582.patch: replace ad-hoc algorithm with seeded djb2 and use it when hashing - CVE-2021-33582 * Enable the internal cunit tests * CUnit tests: - debian/patches/0023-Add-unit-tests-for-strhash.patch: add unit tests for strhash and hash quality - debian/patches/0024-Skip-several-failed-tests.patch: skip several failed tests

0 tuxcare-ubuntu18.04-els cyrus-admin_2.5.10-3ubuntu1.1+tuxcare.els1_all.deb 07f07b7f604a8d8bcc5695938cca4b5af8a56921 cyrus-caldav_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb 6e0cabd71bd26bb3135f23d39187dddc587a6967 cyrus-clients_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb f345bf2615b31b1746606cb9cdd4656d6036aa77 cyrus-common_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb c3738a77ad9ecf88070c99c83e338a3c3e844785 cyrus-dev_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb 44db7b20d203820a10836fbe27f998110754cbd5 cyrus-doc_2.5.10-3ubuntu1.1+tuxcare.els1_all.deb 34c7c2d4c32c95c41e7df41641148dd2de9f957d cyrus-imapd_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb 679ee5e5efa4b2be3fd43584f2a0a324655b902b cyrus-murder_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb bf133f9a007913f1e130c901e7e5982fc1a57062 cyrus-nntpd_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb 7bf55b417fb361400b2a8a3a49e8bbdcc91fc4d1 cyrus-pop3d_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb 39149e62ae3312b2a2ab4deea23ce6369cac083e cyrus-replication_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb c36b22f7f7610cf5df946f80db313ae4e10b4aa4 libcyrus-imap-perl_2.5.10-3ubuntu1.1+tuxcare.els1_amd64.deb 6d02616419321b9895f1863c07068396eaf91970 CLSA-2023:1688678245 TuxCare License Agreement 0 * SECURITY UPDATE: Integer overflow in _libcap_strdup() - debian/patches/CVE-2023-2603.patch: enhance libcap's internal strdup code to limit the processing of long strings - CVE-2023-2603 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer overflow in _libcap_strdup() - debian/patches/CVE-2023-2603.patch: enhance libcap's internal strdup code to limit the processing of long strings - CVE-2023-2603

0 tuxcare-ubuntu18.04-els libcap-dev_2.25-1.2+tuxcare.els1_amd64.deb 364ead46f941e59f1405462b0d2e42d825e940c9 libcap2_2.25-1.2+tuxcare.els1_amd64.deb 0aebe885c7d058bb4e62672182f10820f69b9773 libcap2-bin_2.25-1.2+tuxcare.els1_amd64.deb e66815f241cb279b9c39c50924698835500b597c libpam-cap_2.25-1.2+tuxcare.els1_amd64.deb 0a40648f240be2ede5da333cdb70a6c81e15a074 CLSA-2023:1688678407 TuxCare License Agreement 0 * SECURITY UPDATE: null pointer dereference in ber_memalloc_x() - debian/patches/CVE-2023-2953.patch: added check for strdup failure in ldif_open_url, ldap_url_parsehosts. - CVE-2023-2953 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: null pointer dereference in ber_memalloc_x() - debian/patches/CVE-2023-2953.patch: added check for strdup failure in ldif_open_url, ldap_url_parsehosts. - CVE-2023-2953

0 tuxcare-ubuntu18.04-els ldap-utils_2.4.45+dfsg-1ubuntu1.11+tuxcare.els1_amd64.deb 7f8ba08f4053a64b863e80e55f74299612c155c1 libldap-2.4-2_2.4.45+dfsg-1ubuntu1.11+tuxcare.els1_amd64.deb ba90e8f5c175ef81dae9c04c81a15941355969fc libldap-common_2.4.45+dfsg-1ubuntu1.11+tuxcare.els1_all.deb e390fb4c6ec57894324f662664fc59f005d60115 libldap2-dev_2.4.45+dfsg-1ubuntu1.11+tuxcare.els1_amd64.deb 6f9cdeba9328b2a1019cb2df4e35d40ed8e64235 slapd_2.4.45+dfsg-1ubuntu1.11+tuxcare.els1_amd64.deb 276b407fe58e0a7dac9c09588244defd7aa710b6 slapd-smbk5pwd_2.4.45+dfsg-1ubuntu1.11+tuxcare.els1_amd64.deb 0e21a207b611da3be34e8936d652f25d15c62362 CLSA-2023:1688678532 TuxCare License Agreement 0 * SECURITY UPDATE: Allows privilege escalation - debian/patches/CVE-2021-41617.patch: Added correct user group initialization. - CVE-2021-41617 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Allows privilege escalation - debian/patches/CVE-2021-41617.patch: Added correct user group initialization. - CVE-2021-41617

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els1_amd64.deb 1a8a9ba09e1e1cfdaa315de44ee6bf17f226c76c openssh-server_7.6p1-4ubuntu0.7+tuxcare.els1_amd64.deb 5cae7d6348d815936d00cbe8c2344fb4108ae844 openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els1_amd64.deb 28fecc830d445e12061fb94d5fb2ec1b8a15734a ssh_7.6p1-4ubuntu0.7+tuxcare.els1_all.deb 0610fe700864a0e7e405499ce9c21740368af6a5 ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els1_amd64.deb 58d5a371f61098127d5ed00dd2798dbce1783618 CLSA-2023:1688678678 TuxCare License Agreement 0 * SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. - CVE-2021-23240 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. - CVE-2021-23240

0 tuxcare-ubuntu18.04-els sudo_1.8.21p2-3ubuntu1.6+tuxcare.els1_amd64.deb f59db0e2d91e6f752b56fdaa92fc8a61e9636ff4 sudo-ldap_1.8.21p2-3ubuntu1.6+tuxcare.els1_amd64.deb c24bf7a2992038337762693a17ed6503847724ac CLSA-2023:1688678794 TuxCare License Agreement 0 * SECURITY UPDATE: local privilege escalation for some Sudo configurations - debian/patches/CVE-2023-26604.patch: set LESSSECURE to 1 - CVE-2023-26604 * test issue: udev-test.pl is stopped by a timeout in a virtual environment - debian/patches/fix-udev-test.patch: skip this test in some cases Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: local privilege escalation for some Sudo configurations - debian/patches/CVE-2023-26604.patch: set LESSSECURE to 1 - CVE-2023-26604 * test issue: udev-test.pl is stopped by a timeout in a virtual environment - debian/patches/fix-udev-test.patch: skip this test in some cases

0 tuxcare-ubuntu18.04-els libnss-myhostname_237-3ubuntu10.57+tuxcare.els1_amd64.deb db670d1dd5a79aaa3191b8af974b2c1264b0b00d libnss-mymachines_237-3ubuntu10.57+tuxcare.els1_amd64.deb fa88b2b08cda0129c7ed7e52ab5d3bdef5c3be9e libnss-resolve_237-3ubuntu10.57+tuxcare.els1_amd64.deb 84d9042dbcd7101ac9acfb418dcbcde3cf273e06 libnss-systemd_237-3ubuntu10.57+tuxcare.els1_amd64.deb 54733295e6a372e8d5e0b3a6b087b4bdf62c9f7e libpam-systemd_237-3ubuntu10.57+tuxcare.els1_amd64.deb bd1264168b2340da1ba0bec0d04514ee9fb9c9d7 libsystemd-dev_237-3ubuntu10.57+tuxcare.els1_amd64.deb 2e89d4c4aa6da5312394f5193653e7824ce9d5a7 libsystemd0_237-3ubuntu10.57+tuxcare.els1_amd64.deb b83a7634225a4583732e3dbfb49858a824ccfc33 libudev-dev_237-3ubuntu10.57+tuxcare.els1_amd64.deb 6367ebed0a2ce9add948ee1a99c67b31d3c459f7 libudev1_237-3ubuntu10.57+tuxcare.els1_amd64.deb f4f82cc5f100df10af8544e7f642579ad63c3e92 systemd_237-3ubuntu10.57+tuxcare.els1_amd64.deb 68cee5a96e2c2d841869a8c43781c5a6e07bdd24 systemd-container_237-3ubuntu10.57+tuxcare.els1_amd64.deb 43db1681d892d93d7a8f10f7f87730911c58d265 systemd-coredump_237-3ubuntu10.57+tuxcare.els1_amd64.deb 189195589b3bc44e73a1b32d70e769371b2ac7eb systemd-journal-remote_237-3ubuntu10.57+tuxcare.els1_amd64.deb 846dd16a30c6f8db38d2b535c73dec5e6f306afb systemd-sysv_237-3ubuntu10.57+tuxcare.els1_amd64.deb ce7c23e065b87a535cc156b7f87ab7fa7c7ae99d systemd-tests_237-3ubuntu10.57+tuxcare.els1_amd64.deb 54a48d3c2679fac4c61858067acc409adce8891b udev_237-3ubuntu10.57+tuxcare.els1_amd64.deb e9943a1718f761ec09bb4b7293f95dc5107776ca CLSA-2023:1689009763 TuxCare License Agreement 0 * SECURITY UPDATE: Out of bounds read due to a lack of return value checks - debian/patches/CVE-2021-40812.patch: Added return value checks following calls to gdPutBuf in src/gd_webp.c and src/gd_bmp.c - CVE-2021-40812 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out of bounds read due to a lack of return value checks - debian/patches/CVE-2021-40812.patch: Added return value checks following calls to gdPutBuf in src/gd_webp.c and src/gd_bmp.c - CVE-2021-40812

0 tuxcare-ubuntu18.04-els libgd-dev_2.2.5-4ubuntu0.5+tuxcare.els1_amd64.deb ea5fd773bc204fb54f489c43695bfbef209eb136 libgd-tools_2.2.5-4ubuntu0.5+tuxcare.els1_amd64.deb 16da6862cdda9bc2a7db1f7e9938896f2d479dae libgd3_2.2.5-4ubuntu0.5+tuxcare.els1_amd64.deb a02c7b0c179114ff4bd66c3975b39dc67aea7de5 CLSA-2023:1689009963 TuxCare License Agreement 0 * SECURITY UPDATE: EncryptInterceptor only provides partial protection on untrusted network - debian/patches/CVE-2022-29885.patch: Update the documentation to state that the EncryptInterceptor does not provide sufficient protection to run Tomcat clustering over an untrusted network. - CVE-2022-29885 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: EncryptInterceptor only provides partial protection on untrusted network - debian/patches/CVE-2022-29885.patch: Update the documentation to state that the EncryptInterceptor does not provide sufficient protection to run Tomcat clustering over an untrusted network. - CVE-2022-29885

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb f7c4c8624e1af715cc0fb0f46be19ac3bcb5a84f libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb 061a22bc2cbce06b5224dcaf8d75f06f08b261f3 tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb 95eed1c3f48a8ef87e56c01c696213a8a0cb585e tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb 231905e89c905a3a46e2a6f909c691a97cc03e68 tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb 38bb4e8d4cbf34c0df672f55a4e3118972bc6a88 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb 5a54d400e92dac8d4320811b427b8ed9c9138341 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb 0f0f17c1b6fd90535701814c6ba513d394c48a0b tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els3_all.deb ca96388f108e54df9261ae94c659d7b59054ff38 CLSA-2023:1689010064 TuxCare License Agreement 0 * SECURITY UPDATE: EncryptInterceptor only provides partial protection on untrusted network - debian/patches/CVE-2022-29885.patch: Update the documentation to state that the EncryptInterceptor does not provide sufficient protection to run Tomcat clustering over an untrusted network. - CVE-2022-29885 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: EncryptInterceptor only provides partial protection on untrusted network - debian/patches/CVE-2022-29885.patch: Update the documentation to state that the EncryptInterceptor does not provide sufficient protection to run Tomcat clustering over an untrusted network. - CVE-2022-29885

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb fa6c7d46026f048f707f6aaf7608911f4a1e675e libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb bd88fcecef21a33ade7a2621a1988f6d967b90a7 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb 69b824475180a5a0a1fad9376d89d9fff320bf77 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb 47f097721a350892e54832c39a2b542b016cb47e tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb 8e50d70dde46d6b5eb016207654824e27d3c7c98 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb 850e837d3fd3568717328548a28b3decdb4dde89 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb 7c6075e64cf498cc803c6c1c0d096c005ea05a50 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb c8250d8f2349f086d13e5ac832ec62815440a96e CLSA-2023:1689258794 TuxCare License Agreement 0 * SECURITY UPDATE: use after free - debian/patches/CVE-2023-34241.patch: call httpClose() after logging. - CVE-2023-34241 * Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring tests. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use after free - debian/patches/CVE-2023-34241.patch: call httpClose() after logging. - CVE-2023-34241 * Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring tests.

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 423d31b982cee2aa7b363eb5c0cb50ed8964b635 cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 3c9a544b10c4e3b5d749eb16bc6ae45ec13dfc7b cups-client_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 2ff9cd838d2741178dc24f9efde34b9b09d39a7e cups-common_2.2.7-1ubuntu2.10+tuxcare.els1_all.deb fea122be27f36ae85777fbbdc2f2407c2ca1559a cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 0929d17d2bad1092234c613ba83b416571369e03 cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 8e021a0926de89411f1488f9478f2eaafc51b768 cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 4d9dec6b72a29bebdcd583cfe2a009b2f0304e48 cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb aa28c762cd8082b6dc68f63554fdcf2419d1b6c5 cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els1_all.deb 0831e541d760d7359126d8859d1955e1fbdaba3b libcups2_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 8514ae3fa5599e9ec6a1f7c90eef645e859317d3 libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb b98a2722ef4634ac24430968603cda982b68719d libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 66a3ea761cdab5f16fa7b7fbd2779679fde36695 libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb a8060d9e75b57eac92cadfa2bbf6409cfb682e98 libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb cb618c228bb49d2efc41d2828db14869791b312e libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 8a7b8f508d29011b9280af72fbc02e536e1bcb16 libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els1_amd64.deb 15197e1907cdbc0fdc364637d688661d384a8530 CLSA-2023:1689259028 TuxCare License Agreement 0 * SECURITY UPDATE: undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546) - debian/patches/CVE-2023-34151.patch: properly cast double to size_t - CVE-2022-37452 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546) - debian/patches/CVE-2023-34151.patch: properly cast double to size_t - CVE-2022-37452

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 6fb4094a2785bf2b7db497205c3e97704210f6cd imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 3455ebabb0463a0f96fbfaa720f62fa3dd406f2c imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb fb111cd9041c6429b497e72b7173882b75b71348 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 3738b96538217216e5261795e447df87cd221824 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb bd3a0f4596531714b9a4b633ef0144216a00106d imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 00e09651d7f682d07f39d3692945d6c740ffa0b4 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb c1ec8471b16aabeb4c1407a6abc3b4c89cd03c39 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb aed01f59e1b13e7241dd9593072a2591811792b2 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb a053b15698c2d55037429152bbbf2266573e762d libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 5b70513674f2ea39495f3ea1cd8ff5c8aba7020e libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 031f38e895adb26dc223fe7d405903b7bc4c75e2 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb b61870be4a488812f8fed65ca8a77ed2facd460e libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 921437ac50a34f391d6bcecf360a9846b2ac702d libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb d2f50c3f4f2198d14f4994bfb6ab071e39783ba6 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 85a4ff2860fbd0669eb343ddcf96f6f4dfb3e333 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 207d75ea8d5ba4a8625b7c2dbe86c07874033a9d libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb f424c7449fa4b4ebbab15dd463224d4586f3378d libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 3be47640a1a34645d7862aa4eac2c209ed924304 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 13b48bca07c6dc78aae476aad44f9df879110659 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 23834d1f2b02765e3b61d6a205edd7334270f059 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 7db040033c132104072387947cd838b133db954d libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb c5c5f6ae7a2f2ff8008787e0201d932611a26611 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 97e33e230c28617ebb9e447ec1c7e52d9b40a317 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 76c7ebc22af0adafa18763c06b1ca4a1508294b4 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 0a64ee4bf6a5576004549310eb1eb43ac8b1cbae libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 97e2f642dd5c3c235af4897fb2f7965f259457bc libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb d8d46bc9151cadd31a7e2761070e58cd56c297f7 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 6d9a852daca46f0a37320aeb75cb0094e774344a libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb d3217bfcad944e781034fc223907dfb829821e80 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_amd64.deb 4e160eebd670a664bf53c947a0da0ea90799befc libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb 80b8f717db971fe13dc9e03873d258493fd3891b perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els1_all.deb e4842b0251638c14fbc2d8ea883573131413df5d CLSA-2023:1689259392 TuxCare License Agreement 0 * SECURITY UPDATE: Redirection vulnerability in http.server - debian/patches/CVE-2021-28861.patch: Fix an open redirection vulnerability in the `http.server` module when an URI path starts with `//` - debian/patches/expat-regression.patch: some tests were fixed - CVE-2021-28861 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Redirection vulnerability in http.server - debian/patches/CVE-2021-28861.patch: Fix an open redirection vulnerability in the `http.server` module when an URI path starts with `//` - debian/patches/expat-regression.patch: some tests were fixed - CVE-2021-28861

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_all.deb 2997d1723c6f4a642138e29d65bd84f53ece353a libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb ee1a6597b1985df98095766cb411e6394ad3b5b7 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb 1d33e7a74803a68284e156dfa713bff70318f7ab libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb fec5368f07ede161a7d13c492b778b1e53432236 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb 201ec4ad23e4e476293f0d976156d3d6fb0f64eb libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_all.deb e113313914431bccc2da7927d5a5305e9a9cb35d python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb 8588ce0ae6337c7009ca4d707f30a51521f3021c python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb 9581997c115f8bc9482d765a3c21e5cf59d0d540 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_all.deb b5541b36c16b2538efec7636c20a32d577703e9a python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_all.deb 8c8aa2ec8efe9a1619d1e5e6fb5960bbe6bd718b python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb 0f05b1bcc17d8a9b0d2b4b9e58dafffdd77d3d7a python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els2_amd64.deb 8e8985007a3290734452c0a019b9ac00bd719e63 CLSA-2023:1689700589 TuxCare License Agreement 0 * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verify_SSL=>1 to HTTP::Tiny default configuration - CVE-2023-31486 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verify_SSL=>1 to HTTP::Tiny default configuration - CVE-2023-31486

0 tuxcare-ubuntu18.04-els libperl-dev_5.26.1-6ubuntu0.7+tuxcare.els1_amd64.deb 1fca0f3e6902d9c75c557b76a89200adbb3319bc libperl5.26_5.26.1-6ubuntu0.7+tuxcare.els1_amd64.deb ac2e947b40234bd47d5d7885f25b2b5da934f0b7 perl_5.26.1-6ubuntu0.7+tuxcare.els1_amd64.deb 76f761c0d678bc4b96029e26436e598a7f99a39f perl-base_5.26.1-6ubuntu0.7+tuxcare.els1_amd64.deb f308c61475814f01436456d83f530c479749a765 perl-debug_5.26.1-6ubuntu0.7+tuxcare.els1_amd64.deb 72be5e9bdc2f997a06360d0d7827cdf48897e5f7 perl-doc_5.26.1-6ubuntu0.7+tuxcare.els1_all.deb 760643b74d4da85759cb690f51f4e0c41f885f44 perl-modules-5.26_5.26.1-6ubuntu0.7+tuxcare.els1_all.deb c6f30fce91fb3a0c4713f47815f107c487887871 CLSA-2023:1689701119 TuxCare License Agreement 0 * SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch * SECURITY UPDATE: integer overflow in PAC parsing - debian/patches/CVE-2022-42898.patch: catch overflows that result from adding PAC_INFO_BUFFER_SIZE - CVE-2022-42898 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch * SECURITY UPDATE: integer overflow in PAC parsing - debian/patches/CVE-2022-42898.patch: catch overflows that result from adding PAC_INFO_BUFFER_SIZE - CVE-2022-42898

0 tuxcare-ubuntu18.04-els ctdb_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 68c03da4512f10507fb392d00b1fc6dee11f3b3e libnss-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 41efc608ede37574d9f81b53733b6fb0b9ed402a libpam-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 80e82e10b0d77eb95c4650c0ab03362770e20f00 libparse-pidl-perl_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 1a8ee15eb2853cafa0ea11e18cc5547f34b2ebd9 libsmbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 10d075566ec83289cfa56e0b0da9603304d5f833 libsmbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 81a96a85fd98b79a1f768de5f885f0cdba7eec8f libwbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 61338b1c14ca6345bb6f8e578a1b2b9c1f509e3d libwbclient0_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 9a7607eb518a3aaa53ffbfa39e9e6afe80ee1ea0 python-samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 3a747d49c338f25ffc5bb0a0c8bfb8bc5be5bca4 registry-tools_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb be239d28e42d090bc2c6f5c856db3a6d4dc9f500 samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb dd6de062f489e60423b4e751484d1fa1d42093fa samba-common_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_all.deb ad2d54316670baf9f790d3ccb9ab49ff081acd72 samba-common-bin_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb f53b79f8f41c2b9556ae3ade5edb30672d1ffd28 samba-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb c6aba22b68fd9893d2c90f25c640eadc1175defb samba-dsdb-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 0972720b20c58b93ac222a3d00979f58e80379cc samba-libs_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 866b0b1a87d25f104323b279947c2e74d86a4dc6 samba-testsuite_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 074bf9a0d8c27cc70eccd1367767b609cd674513 samba-vfs-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 484d292a68e5d755d605f2ac2c71419ecbf70710 smbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb 888e6ccd15f934831735db394832a15609c3988a winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els2_amd64.deb d839d769350df7a55c5c497dca632e3dbfcc1c6a CLSA-2023:1689701258 TuxCare License Agreement 0 * SECURITY UPDATE: Attacker bypasses redirection using unauthorized CA-signed certificate. - debian/patches/CVE-2021-20230.patch: Patch enhancing certificate verification process to prevent unauthorized redirection with CA-signed certificates by refining session data checks. - CVE-2021-20230 * Fix tests: - debian/patches/renew-cert-script.patch: Add script that re-generate expired test certs. * Repacked orig source tarball with renewed certs. * Removed no longer required patch, that mute tests with expired certificates. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Attacker bypasses redirection using unauthorized CA-signed certificate. - debian/patches/CVE-2021-20230.patch: Patch enhancing certificate verification process to prevent unauthorized redirection with CA-signed certificates by refining session data checks. - CVE-2021-20230 * Fix tests: - debian/patches/renew-cert-script.patch: Add script that re-generate expired test certs. * Repacked orig source tarball with renewed certs. * Removed no longer required patch, that mute tests with expired certificates.

0 tuxcare-ubuntu18.04-els stunnel4_5.44-1ubuntu3+tuxcare.els1_amd64.deb aa61e76ee1bd7e8d1012093f3e28e4a076c76a48 CLSA-2023:1689701064 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/httplib.py, Lib/test/test_httplib.py. - CVE-2021-3737 * take building tests into account, fix failed tests - debian/patches/expat-regression.patch: fix failed expat tests - debain/patches/fix-test-sysconfig.patch: switch off some tests - debain/patches/fix-test-sysconfig2.patch: switch off some tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2021-3737.patch: Fix http client infinite line reading (DoS) after a HTTP 100 continue in Lib/httplib.py, Lib/test/test_httplib.py. - CVE-2021-3737 * take building tests into account, fix failed tests - debian/patches/expat-regression.patch: fix failed expat tests - debain/patches/fix-test-sysconfig.patch: switch off some tests - debain/patches/fix-test-sysconfig2.patch: switch off some tests

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_all.deb 231cea4e6fcf79cf4b68a41246b52b176484a6ed libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb 85d0b570a83f583aa6523794b5d04dddb17eabbc libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb 843bc1bf07f43aabcf124ee5c95041406448a0a0 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb 07be1615de31c6ce3913c9b3f4c0f2b5d96e9ce0 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb fbcfbcd5200e6b98394d00bef461dd8ddf7a8658 libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_all.deb cc473f41ed0ba50a4fc005bd316d44903c9d01cd python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb 1a725d22525ace4dc4972d360274211c23d7e45f python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb ec7e798a61f5dc3d5bb5de676d938083d801b518 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_all.deb dd8b2b5694958bbb9691b37ca79d7b73006d7272 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_all.deb ae963faca000441a82b83bf03679f1e56ccea9e9 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els2_amd64.deb 43ec91dc876289b8bead07ddea90cba510b2d11a CLSA-2023:1691083258 TuxCare License Agreement 0 * Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.62. - The following certificate authorities were added (+): + "BJCA Global Root CA1" + "BJCA Global Root CA2" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.62. - The following certificate authorities were added (+): + "BJCA Global Root CA1" + "BJCA Global Root CA2"

0 tuxcare-ubuntu18.04-els ca-certificates_20230629ubuntu0.18.04.1+tuxcare.els1_all.deb f10c899fd8981586853e5b9450cf81a07ee20d6d CLSA-2023:1691083341 TuxCare License Agreement 0 * Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.62. - The following certificate authorities were added: # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "ANF Secure Server Root CA" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "Certainly Root E1" # Certificate "Certainly Root R1" # Certificate "Certigna Root CA" # Certificate "certSIGN Root CA G2" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "emSign ECC Root CA - C3" # Certificate "emSign ECC Root CA - G3" # Certificate "emSign Root CA - C1" # Certificate "emSign Root CA - G1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "e-Szigno Root CA 2017" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "GlobalSign Root CA - R6" # Certificate "GlobalSign Root E46" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GLOBALTRUST 2020" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "HARICA Client ECC Root CA 2021" # Certificate "HARICA Client RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HiPKI Root CA - G1" # Certificate "Hongkong Post Root CA 3" # Certificate "ISRG Root X2" # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "NAVER Global Root Certification Authority" # Certificate "OISTE WISeKey Global Root GC CA" # Certificate "Security Communication ECC RootCA1" # Certificate "Security Communication RootCA3" # Certificate "Telia Root CA v2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "TunTrust Root CA" # Certificate "UCA Extended Validation Root" # Certificate "UCA Global G2 Root" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" - The following certificate authorities were removed (-): # Certificate "AC Raiz Certicamara S.A." # Certificate "AddTrust External Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "Camerfirma Global Chambersign Root" # Certificate "Certinomis - Root CA" # Certificate "Certplus Class 2 Primary CA" # Certificate "Certplus Root CA G1" # Certificate "Certplus Root CA G2" # Certificate "ComSign CA" # Certificate "Cybertrust Global Root" # Certificate "Deutsche Telekom Root CA 2" # Certificate "DST Root CA X3" # Certificate "EC-ACC" # Certificate "EE Certification Centre Root CA" # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" # Certificate "GeoTrust Global CA" # Certificate "GeoTrust Primary Certification Authority" # Certificate "GeoTrust Primary Certification Authority - G2" # Certificate "GeoTrust Primary Certification Authority - G3" # Certificate "GeoTrust Universal CA" # Certificate "GeoTrust Universal CA 2" # Certificate "GlobalSign Root CA - R2" # Certificate "Hellenic Academic and Research Institutions RootCA 2011" # Certificate "LuxTrust Global Root 2" # Certificate "Network Solutions Certificate Authority" # Certificate "OpenTrust Root CA G1" # Certificate "OpenTrust Root CA G2" # Certificate "OpenTrust Root CA G3" # Certificate "QuoVadis Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "S-TRUST Universal Root CA" # Certificate "Swisscom Root CA 2" # Certificate "SwissSign Platinum CA - G2" # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" # Certificate "Taiwan GRCA" # Certificate "TC TrustCenter Class 3 CA II" # Certificate "thawte Primary Root CA" # Certificate "thawte Primary Root CA - G2" # Certificate "thawte Primary Root CA - G3" # Certificate "Trustis FPS Root CA" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" # Certificate "UTN USERFirst Email Root CA" # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" # Certificate "VeriSign Universal Root Certification Authority" # Certificate "Visa eCommerce Root" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20230629: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.62. - The following certificate authorities were added: # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "ANF Secure Server Root CA" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "Certainly Root E1" # Certificate "Certainly Root R1" # Certificate "Certigna Root CA" # Certificate "certSIGN Root CA G2" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "emSign ECC Root CA - C3" # Certificate "emSign ECC Root CA - G3" # Certificate "emSign Root CA - C1" # Certificate "emSign Root CA - G1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "e-Szigno Root CA 2017" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "GlobalSign Root CA - R6" # Certificate "GlobalSign Root E46" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GLOBALTRUST 2020" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "HARICA Client ECC Root CA 2021" # Certificate "HARICA Client RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HiPKI Root CA - G1" # Certificate "Hongkong Post Root CA 3" # Certificate "ISRG Root X2" # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "NAVER Global Root Certification Authority" # Certificate "OISTE WISeKey Global Root GC CA" # Certificate "Security Communication ECC RootCA1" # Certificate "Security Communication RootCA3" # Certificate "Telia Root CA v2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "TunTrust Root CA" # Certificate "UCA Extended Validation Root" # Certificate "UCA Global G2 Root" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" - The following certificate authorities were removed (-): # Certificate "AC Raiz Certicamara S.A." # Certificate "AddTrust External Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "Camerfirma Global Chambersign Root" # Certificate "Certinomis - Root CA" # Certificate "Certplus Class 2 Primary CA" # Certificate "Certplus Root CA G1" # Certificate "Certplus Root CA G2" # Certificate "ComSign CA" # Certificate "Cybertrust Global Root" # Certificate "Deutsche Telekom Root CA 2" # Certificate "DST Root CA X3" # Certificate "EC-ACC" # Certificate "EE Certification Centre Root CA" # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" # Certificate "GeoTrust Global CA" # Certificate "GeoTrust Primary Certification Authority" # Certificate "GeoTrust Primary Certification Authority - G2" # Certificate "GeoTrust Primary Certification Authority - G3" # Certificate "GeoTrust Universal CA" # Certificate "GeoTrust Universal CA 2" # Certificate "GlobalSign Root CA - R2" # Certificate "Hellenic Academic and Research Institutions RootCA 2011" # Certificate "LuxTrust Global Root 2" # Certificate "Network Solutions Certificate Authority" # Certificate "OpenTrust Root CA G1" # Certificate "OpenTrust Root CA G2" # Certificate "OpenTrust Root CA G3" # Certificate "QuoVadis Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "S-TRUST Universal Root CA" # Certificate "Swisscom Root CA 2" # Certificate "SwissSign Platinum CA - G2" # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" # Certificate "Taiwan GRCA" # Certificate "TC TrustCenter Class 3 CA II" # Certificate "thawte Primary Root CA" # Certificate "thawte Primary Root CA - G2" # Certificate "thawte Primary Root CA - G3" # Certificate "Trustis FPS Root CA" # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" # Certificate "UTN USERFirst Email Root CA" # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" # Certificate "VeriSign Universal Root Certification Authority" # Certificate "Visa eCommerce Root"

0 tuxcare-ubuntu18.04-els libnss3_3.35-2ubuntu2.16+tuxcare.els1_amd64.deb ddf03d477ce66ccd54e0543c18e7a9b54ff04fb1 libnss3-dev_3.35-2ubuntu2.16+tuxcare.els1_amd64.deb 32f83a38002312fa9c7e4b1eb61faae989d976da libnss3-tools_3.35-2ubuntu2.16+tuxcare.els1_amd64.deb 2f6a7c9dfd10696219491200c6caba0eff440624 CLSA-2023:1691083401 TuxCare License Agreement 0 * SECURITY UPDATE: improper handling of tower_callback parameter in amazon.aws collection - debian/patches/CVE-2022-3697.patch: ec2_instance - validate options on tower_callback - CVE-2022-3697 * Enable unit testing. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper handling of tower_callback parameter in amazon.aws collection - debian/patches/CVE-2022-3697.patch: ec2_instance - validate options on tower_callback - CVE-2022-3697 * Enable unit testing.

0 tuxcare-ubuntu18.04-els ansible_2.5.1+dfsg-1ubuntu0.1+tuxcare.els1_all.deb 1f8a4540d6b8dc46b93927ea57749a6a8e1a5d11 CLSA-2023:1691083477 TuxCare License Agreement 0 * SECURITY UPDATE: Remote Code Execution via session persistence - debian/patches/CVE-2020-9484.patch: Improve validation of storage location when using FileStore. - CVE-2020-9484 * SECURITY UPDATE: Fix for CVE-2020-9484 was incomplete - debian/patches/CVE-2021-25329-pre1.patch: Fix some edge cases where the docBase was not being set using a canonical path which in turn meant resource URLs were not being constructed as expected. - debian/patches/CVE-2021-25329.patch: Use java.nio.file.Path for consistent sub-directory checking. - CVE-2021-25329 * SECURITY UPDATE: Local Privilege Escalation - debian/patches/CVE-2022-23181.patch: Make calculation of session storage location more robust. - CVE-2022-23181 * Update the expired test certificates: - debian/test_certs/*.pem|*.jks: Take the last test certificates from the upstream branch 8.5.x. - debian/source/include-binaries: Specifying the binary *.jks files to prevent build failures. - debian/rules: Before the testing stage, the old certificates in the source code are replaced with the new ones from debian/test_certs. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Remote Code Execution via session persistence - debian/patches/CVE-2020-9484.patch: Improve validation of storage location when using FileStore. - CVE-2020-9484 * SECURITY UPDATE: Fix for CVE-2020-9484 was incomplete - debian/patches/CVE-2021-25329-pre1.patch: Fix some edge cases where the docBase was not being set using a canonical path which in turn meant resource URLs were not being constructed as expected. - debian/patches/CVE-2021-25329.patch: Use java.nio.file.Path for consistent sub-directory checking. - CVE-2021-25329 * SECURITY UPDATE: Local Privilege Escalation - debian/patches/CVE-2022-23181.patch: Make calculation of session storage location more robust. - CVE-2022-23181 * Update the expired test certificates: - debian/test_certs/*.pem|*.jks: Take the last test certificates from the upstream branch 8.5.x. - debian/source/include-binaries: Specifying the binary *.jks files to prevent build failures. - debian/rules: Before the testing stage, the old certificates in the source code are replaced with the new ones from debian/test_certs.

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb 5d4169a0cc215f043df7696db67a4e220d60de6b libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb e90a927114784c07c0e7af54b1a206c51308b4fd tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb d8c7bf5011e1280604ecec00369b3908b9c9aa3f tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb 746f3b9bf247758558de488c131283514a89459d tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb e6bddbab545822b6ea3a73575911346d89b61e66 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb 6f76d425a2d6adef8fa6ea4661a118306065439a tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb d450d12f92fa1b4758004fe51e3f13bfcf6971d9 tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els4_all.deb 6ff11c5a8e12831397c829a0ce355c9883a0297f CLSA-2023:1691576488 TuxCare License Agreement 0 * SECURITY UPDATE: helper programs can dlopen()/dlclose() any libraries from /usr/lib - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch: checks libraries before dlopen - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch: separate ssh-pkcs11-helpers for each p11 module - CVE-2023-38408 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: helper programs can dlopen()/dlclose() any libraries from /usr/lib - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch: checks libraries before dlopen - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch: separate ssh-pkcs11-helpers for each p11 module - CVE-2023-38408

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb e3c5d802ec59b2c56e2fe0b83c3020a124daf1e3 openssh-server_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb fc98f2c3efad8ccb6f0bcbb9fd72b033cb53db83 openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb 2e8e4a2c12df6f1a7d8fe275748a46c79f7e9a8c ssh_7.6p1-4ubuntu0.7+tuxcare.els2_all.deb d7bed506d657d06ea6e5eebc3e0238eeb49b0413 ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb 5e1ab8802deb47c7158699c9d0254521717ad643 CLSA-2023:1691576572 TuxCare License Agreement 0 * SECURITY UPDATE: infinite loop vulnerability in mdssvc RPC service for Spotlight - debian/patches/CVE-2023-34966.patch: prevents an infinite loop by preventing subcount less than 1. Add test for addressed CVE. - CVE-2023-34966 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: infinite loop vulnerability in mdssvc RPC service for Spotlight - debian/patches/CVE-2023-34966.patch: prevents an infinite loop by preventing subcount less than 1. Add test for addressed CVE. - CVE-2023-34966

0 tuxcare-ubuntu18.04-els ctdb_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 5c93d02fd4ae7108662c521a509a9800c855c6e3 libnss-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 16328ac8ff8ba0086353e2957bbfaed3783de61e libpam-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb b8349c7d1c723864bcc3b47ff274d90e40dac68a libparse-pidl-perl_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb a749145ff2cc48dd88abfd807598381a9a57728a libsmbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 53c0943f608c6e4694f67cc26f49890e399d3168 libsmbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 1a31f232d4291e00140079681c52ed81407f2a7b libwbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 33a9fb96ccc3113849a4c1c5e8ae0240175a4332 libwbclient0_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb ad461efda2b15fc0f7c7abe82da0c3fd0c68d07a python-samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 824ba3e5bfa4a54f48b1511b50c65a6961520c00 registry-tools_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb ff18c95d9b756d71e8d624986923b20c29f70828 samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 7db93e4df9b2d8100cad2a2587a3698304855518 samba-common_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_all.deb f168ce97bc5fdb583dcfbdfcf201e50133b73723 samba-common-bin_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb c4266b1c99f9b5b8766f14b969e875ea1c8e4a7d samba-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 8e8a1edc581ce15df9aeb74e5ec9dc9733c714c3 samba-dsdb-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 8f4bd9de49e6839fdad13e3f7e336878f3305efd samba-libs_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 15d0702bef1583495a5d412fa50b59bdb4506cd4 samba-testsuite_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb 1d411fb5fa06aaacbf856322d1d8be4f4d32465b samba-vfs-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb a0b12d9214a9e859e36822d4deb40971dd2541c1 smbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb e6f25e9469d54f6357d0783264a835fe9b60403b winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els3_amd64.deb de39b94a57f42b643c5805011970077539606438 CLSA-2023:1691576690 TuxCare License Agreement 0 * SECURITY UPDATE: Fix file description leak - debian/patches/CVE-2023-38408-Fix-file-description-leak.patch: Fix the leak in pkcs11_start_helper() - CVE-2023-38408 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix file description leak - debian/patches/CVE-2023-38408-Fix-file-description-leak.patch: Fix the leak in pkcs11_start_helper() - CVE-2023-38408

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els3_amd64.deb 55e0f9b0d865e90459f1ad739b175075850614bc openssh-server_7.6p1-4ubuntu0.7+tuxcare.els3_amd64.deb 91538c0601d380329870e5d940ac6e912924851d openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els3_amd64.deb 242df8d515c6c2d008feae65b92a0c681009b5c5 ssh_7.6p1-4ubuntu0.7+tuxcare.els3_all.deb f6349984c7bdfc3f0ad757c559406ab29ab81cec ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els3_amd64.deb 1dedb6ccad926365a083a48d0613f1e50f1b7d7f CLSA-2023:1692110951 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2023-07-19: + New Microcodes for 17h family: sig 0x00800f82, sig 0x00830f10; + New Microcodes for 19h family: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; + Updated microcodes of 17h family: sig 0x00800f12, sig 0x00800f82; * SECURITY UPDATE: ZenBleed issue for some CPUs: - CPUs firmware updated up to 2023-07-19 - CVE-2023-20593 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2023-07-19: + New Microcodes for 17h family: sig 0x00800f82, sig 0x00830f10; + New Microcodes for 19h family: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; + Updated microcodes of 17h family: sig 0x00800f12, sig 0x00800f82; * SECURITY UPDATE: ZenBleed issue for some CPUs: - CPUs firmware updated up to 2023-07-19 - CVE-2023-20593

0 tuxcare-ubuntu18.04-els amd64-microcode_3.20230719.1ubuntu0.18.04.1+tuxcare.els1_amd64.deb f2adaab2378406db48049453491f3f4b578feec1 CLSA-2023:1692296244 TuxCare License Agreement 0 * SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2023-30577.patch: introduce tar option allow list * Fix changelog installation - CVE-2023-30577 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2023-30577.patch: introduce tar option allow list * Fix changelog installation - CVE-2023-30577

0 tuxcare-ubuntu18.04-els amanda-client_3.5.1-1ubuntu0.3+tuxcare.els1_amd64.deb db7613f60e2179a33d892fd65af83fd048b529eb amanda-common_3.5.1-1ubuntu0.3+tuxcare.els1_amd64.deb a73d9401422ab0644a5e34e324be9dc08749dc09 amanda-server_3.5.1-1ubuntu0.3+tuxcare.els1_amd64.deb caba64a9842d3c5a74dfd6cbd3cfa72558fa6cf6 CLSA-2023:1692296362 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-05-12 - New microcodes: sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712 sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960 sig 0x000606c1, pf_mask 0x10, 2023-01-27, rev 0x1000230, size 289792 sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664 sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400 sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472 sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472 sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256 sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424 sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 * source: update symlinks to reflect id of the latest release, 20230512 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-05-12 - New microcodes: sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712 sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864 sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032 sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888 sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888 sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696 sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960 sig 0x000606c1, pf_mask 0x10, 2023-01-27, rev 0x1000230, size 289792 sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664 sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592 sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280 sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400 sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472 sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472 sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472 sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968 sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224 sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112 sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448 sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448 sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256 sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280 sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280 sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424 sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872 sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992 * source: update symlinks to reflect id of the latest release, 20230512

0 tuxcare-ubuntu18.04-els intel-microcode_3.20230512.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 974eb7402c09abd889a25c45596668c8ffd71b3d CLSA-2023:1692817457 TuxCare License Agreement 0 * SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 * SECURITY UPDATE: buffer mismanagement in phar_dir_read() - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read() - CVE-2023-3824 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 * SECURITY UPDATE: buffer mismanagement in phar_dir_read() - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read() - CVE-2023-3824

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 3bc4163277b22b9be800037dd146a86a2be1f2a1 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 48e94ebb8ffa42f2a3ff6fc860c6dbc54fcfc4f1 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_all.deb 948ef68e529f4b83a0d8d7e333b01fd810cca17b php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb c542a322eac2978b28df1ab98249a27cd5c24717 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 70c8963a1c540ec952d0df8d0a05150b42d467a5 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb b2065e0b2abfc38de683c6c0d9450b4dec9f8296 php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 410905bf77b07769276c6bf65e4acf523d72d8e3 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 5a1f82eb5dae001a3294849a7e185a09ecb699c3 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 9068835cefe730c35f646e669ab70786cb127a73 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb b8a3eac7a140d5757ec6ccecf366c6192830112a php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb b2f6dd4fd9ff1083a340f0c8cb1a45d6f8c9cf72 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 16f87640bfac29f86b4abe44c17a52c71ca44d5c php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 9bba263ac0c4b1e9bf39ff018dc94d2175a23553 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 3219bff168d71bb0e2c49a5da05f9cc7140a951a php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 02e8236614d9ed97ffb8cf09915aa76faa2c08bf php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 8dc0930fe8f6622a0371ef2adec27bdb22c9e135 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 52afbd7bc51b8d9268f0f976d33a4ff6b2a6d0a8 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 35b5f05aa2644af3e2ace5615312bcdfe6e16473 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb acce7dbb01ca2bcf1bf61856067b81b18e86be27 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 17fcd7275f64a04759b7b1e226a24729279309d8 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 93b99646b3b90a5334cc82f8ec8a73e993ccbab0 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 1a4047a303aff297d0b94b00b6c649fe91a1d425 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 05ac5a3f28cb2a215ee50924a494f84ad6a95572 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb d210133587cab43183d0e8b95efa1221f7f7dafe php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 074f42c5364b274100152e4bc9448b967351f879 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 8c75ad98086fc45581f276a9279be25940d18f19 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb b962d13b9c771d85d75a8cb1fd751433b40de113 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb c994ba65286122bd15b5decfc1c603660f1e71e9 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 234f8a3253dbb576e237bb2f37cd8e30c95d3e9f php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 45378de20f6bd59bb182b075544565393db6dd18 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb ceae8e47d604623d34fddb88f43e0754523d29da php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 7af2f179b56e12f9274a4200f179065ac174bfaa php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb d258581a4745a37801c3514b819c56ebcf1cac89 php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 77ae8d10bed9be6504770a4c090131137795dfd8 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 1d764cd71a25331480d38a25a0a9a5688a9c375c php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb 91c75811c083406b9cb8c4049a9a80fc5a21150a php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_all.deb dd1620d852a5736a2e2e45bb85c97e4a15bc6853 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els1_amd64.deb fbdcc12e63894279a915acce157699ef5d1bb46f CLSA-2023:1693419791 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-08-08 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912 sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720 sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984 sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424 sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496 sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496 sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496 sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448 sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496 sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472 sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 - CVE-2022-40982, INTEL-SA-00828 - CVE-2023-23908, INTEL-SA-00836 - CVE-2022-41804, INTEL-SA-00837 * source: update symlinks to reflect id of the latest release, 20230808 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-08-08 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912 sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720 sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984 sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424 sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496 sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472 sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496 sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496 sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416 sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136 sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448 sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496 sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472 sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160 - CVE-2022-40982, INTEL-SA-00828 - CVE-2023-23908, INTEL-SA-00836 - CVE-2022-41804, INTEL-SA-00837 * source: update symlinks to reflect id of the latest release, 20230808

0 tuxcare-ubuntu18.04-els intel-microcode_3.20230808.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 1445d39aa8437b7036567bdb14036770d5e36c37 CLSA-2023:1693419971 TuxCare License Agreement 0 * SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correct DH keys - CVE-2023-3817 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correct DH keys - CVE-2023-3817

0 tuxcare-ubuntu18.04-els libssl-dev_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1_amd64.deb d47356452b316c4d33ac48b74ce77c087ee3c613 libssl-doc_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1_all.deb d52ffae46ce9fd532af58bfb26b541b828f16502 libssl1.1_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1_amd64.deb fbad93fb6260619305f2dbeeca6c9e92b6e7e785 openssl_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1_amd64.deb 578887cb58e31a4d0d96fb4b5d635a4e69fce571 CLSA-2023:1693420133 TuxCare License Agreement 0 * Fixed possible memory leak - debian/patches/fix-possible-memory-leak.patch: added DestroyDrawInfo call when StringToList returns error. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Fixed possible memory leak - debian/patches/fix-possible-memory-leak.patch: added DestroyDrawInfo call when StringToList returns error.

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb bcbda1d85d78a5f4c879151aaf06c77e7d091563 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb aacffb2ad2ce250bc6be76c62a6ea1b42861fe4c imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb b94460fc420fb3c535f7b793c5d8037530809bbd imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb d69bc353d09bddef421f0f34e8c51774323d5f6d imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb fd80beb24fb118b58a854eff9e850bd1731ee3b4 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb 39309e3def6571cd1e1237c6fae748255869b9ba imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb 42de2e4c49093bc71c1c34ff3ecdd2c0ae9c96fc libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb eac4fa7364e9bc0abe6a98f14090bae85f04cf02 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 40d05ba84aab893403ce8afea6134e7c00695ac3 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 91125da06b5676143c4d1866cba60e682d702e2c libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb c8427a2f2b8c33449c21ecb3214a8ffca0d83123 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 18b6199a9f86ff41018a412136bbdf5b2e52a995 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 71f298588b82e8d830639b8fb2a5fa937a2504c5 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb c8f66f9de7c95d6558b5706377fc5a00d8cdbc22 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 956f6ad2b33e8d29f454ff283e151ff28d6fb183 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb b0a91b5beee2efcae8942cd51d439b377b9563cf libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 0eb50d58d38312c741ab2c51018639044215f186 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb 9fd87a4f8b0498536811aa5dfd4124a4936606d3 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 64f398108fef686096c93d6ba2ca6025719c1d2c libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 56aef86195ad77939bb271d8187d277134ded20a libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 89548d86aa320c0c70037ad4bda260a044d086dd libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb 1ec732e20780d3faf1a0b94507bf882c4987281c libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb cdfacb4b3ee6e0cff6aeafa1c64f3bfdb1211d4a libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb f635c0cef986b459f5059082de8f67ed09259a54 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb 8bff78a905af24bcb37b29409c8023ce4ae486e9 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb fc99c844229bf419a4c7d2067002886b12d94a68 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb c4f2b05becccb35cae076dfc8a91d50487763ce1 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb f3aa57c5562633bc6eb6effacb9c4832ca4b4e9c libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb bf38024dc1d034813db294ffd49a2db309c1ff98 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_amd64.deb a7d1a7e10bd345164f59a404dda9ba6cb5a26943 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb 0a3874029ca41c069724b4d99f5c91112efa856e perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els2_all.deb c9198e5f3ee27e68fc705c47b81fa70cb95bc9a3 CLSA-2023:1693427563 TuxCare License Agreement 0 * Jammy update: v5.15.97 upstream stable release (LP: #2015599) - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.97 upstream stable release (LP: #2015599) - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 22b7f102140de8f68a58fd1be211e6cd67847698 linux-buildinfo-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 90662aa4f6260a262ec75f0da8e20a42620d70e0 linux-cloud-tools-4.15.0-213-tuxcare.els1_4.15.0-213.224_amd64.deb 25cd34c69b3e5c68e3aca07409048c4228c8bd93 linux-cloud-tools-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 213d86d1dee91c23f99b82060aaef143f2f92102 linux-cloud-tools-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 5726a55fd1a9ea77573575d7700fad5e99639b0c linux-cloud-tools-common_4.15.0-213.224_all.deb c73306c181ff27e356d9f579b0a5ec9bdc8aa83a linux-cloud-tools-generic_4.15.0.213.224_amd64.deb 1f52b76c2b5d4a3378f09e29793409ab40451b3a linux-cloud-tools-lowlatency_4.15.0.213.224_amd64.deb d865d83c4cbd3f00c30e179b7b177b3e855846d2 linux-crashdump_4.15.0.213.224_amd64.deb cc5ef1011b2c5e6bd57d2c9c5895930cacc009a0 linux-doc_4.15.0-213.224_all.deb de2a7b909f5314f08ead3c53fd8151c355e176b3 linux-generic_4.15.0.213.224_amd64.deb d9f95abc779c0174eeaac137e7ede37786448244 linux-headers-4.15.0-213-tuxcare.els1_4.15.0-213.224_all.deb 9b72dc9f8148d0e73eb0bf567a271e442dbf03b2 linux-headers-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 11b0a578bd08be8507ecb084b1ec9c7152c294aa linux-headers-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 52041ca90ef9856d69e6433f14d8471b93c35b7a linux-headers-generic_4.15.0.213.224_amd64.deb 7da3db07e039c8344f65b8845862a277e8d17a88 linux-headers-lowlatency_4.15.0.213.224_amd64.deb fe4fc801c19f903ce3a7816a5c4bd6ebb370b645 linux-image-generic_4.15.0.213.224_amd64.deb 9876933cc7c149303ebbbf8ce0994b978b3b2799 linux-image-lowlatency_4.15.0.213.224_amd64.deb 348a525c7a98947f2d47479abfe8e08fee75766e linux-image-unsigned-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 4426ab1b7c21ad887cd885899861ea0486cdb8dc linux-image-unsigned-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 0791411ec42739350a3a63ddeb2f7f2e813403c0 linux-libc-dev_4.15.0-213.224_amd64.deb 4683d1341cbcf12b1cf702c10bc5c24f0155dc3e linux-lowlatency_4.15.0.213.224_amd64.deb 6bdeb1f788efc9529c97dc863559f0132acdf079 linux-modules-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 6d6b71763f2aefeabec96f0b5e1ee388be62ec9c linux-modules-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb c4068555cbe1d9489debd7bf1187366c95a06f9a linux-modules-extra-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 5d620c7df5b9a60e4173dad707d2af28020b29fa linux-source_4.15.0.213.224_all.deb 0324f35b74dda1da36a96611e7c4a1d91a71dac1 linux-source-4.15.0_4.15.0-213.224_all.deb cfdc49f6c43267a5d2a408f3d108e5804658e7ef linux-tools-4.15.0-213-tuxcare.els1_4.15.0-213.224_amd64.deb bb2cad8fe2aa392c4c4e507778ccd80d7ed07ef0 linux-tools-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 6b27fb1a7057a71062ec79f6acbac804821d125b linux-tools-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 40119fb7018e5a6605e5ebd2f953469e7b033c3c linux-tools-common_4.15.0-213.224_all.deb 3ef029213a9a99692ff589e95db757c07f7d0b9c linux-tools-generic_4.15.0.213.224_amd64.deb 511bd730c4b9e7ea50c708a788027bf65fcc41e4 linux-tools-host_4.15.0-213.224_all.deb 9f6226968907c181fed948689cad87a41095650f linux-tools-lowlatency_4.15.0.213.224_amd64.deb 7fa7e5f3841286bf93e6bfea8573efd2b25b4e43 CLSA-2023:1693427752 TuxCare License Agreement 0 * Jammy update: v5.15.97 upstream stable release (LP: #2015599) - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.97 upstream stable release (LP: #2015599) - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 22b7f102140de8f68a58fd1be211e6cd67847698 linux-buildinfo-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 90662aa4f6260a262ec75f0da8e20a42620d70e0 linux-cloud-tools-4.15.0-213-tuxcare.els1_4.15.0-213.224_amd64.deb 25cd34c69b3e5c68e3aca07409048c4228c8bd93 linux-cloud-tools-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 213d86d1dee91c23f99b82060aaef143f2f92102 linux-cloud-tools-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 5726a55fd1a9ea77573575d7700fad5e99639b0c linux-cloud-tools-common_4.15.0-213.224_all.deb c73306c181ff27e356d9f579b0a5ec9bdc8aa83a linux-cloud-tools-generic_4.15.0.213.224_amd64.deb 1f52b76c2b5d4a3378f09e29793409ab40451b3a linux-cloud-tools-lowlatency_4.15.0.213.224_amd64.deb d865d83c4cbd3f00c30e179b7b177b3e855846d2 linux-crashdump_4.15.0.213.224_amd64.deb cc5ef1011b2c5e6bd57d2c9c5895930cacc009a0 linux-doc_4.15.0-213.224_all.deb de2a7b909f5314f08ead3c53fd8151c355e176b3 linux-generic_4.15.0.213.224_amd64.deb d9f95abc779c0174eeaac137e7ede37786448244 linux-headers-4.15.0-213-tuxcare.els1_4.15.0-213.224_all.deb 9b72dc9f8148d0e73eb0bf567a271e442dbf03b2 linux-headers-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 11b0a578bd08be8507ecb084b1ec9c7152c294aa linux-headers-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 52041ca90ef9856d69e6433f14d8471b93c35b7a linux-headers-generic_4.15.0.213.224_amd64.deb 7da3db07e039c8344f65b8845862a277e8d17a88 linux-headers-lowlatency_4.15.0.213.224_amd64.deb fe4fc801c19f903ce3a7816a5c4bd6ebb370b645 linux-image-generic_4.15.0.213.224_amd64.deb 9876933cc7c149303ebbbf8ce0994b978b3b2799 linux-image-lowlatency_4.15.0.213.224_amd64.deb 348a525c7a98947f2d47479abfe8e08fee75766e linux-image-unsigned-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 4426ab1b7c21ad887cd885899861ea0486cdb8dc linux-image-unsigned-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 0791411ec42739350a3a63ddeb2f7f2e813403c0 linux-libc-dev_4.15.0-213.224_amd64.deb 4683d1341cbcf12b1cf702c10bc5c24f0155dc3e linux-lowlatency_4.15.0.213.224_amd64.deb 6bdeb1f788efc9529c97dc863559f0132acdf079 linux-modules-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 6d6b71763f2aefeabec96f0b5e1ee388be62ec9c linux-modules-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb c4068555cbe1d9489debd7bf1187366c95a06f9a linux-modules-extra-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 5d620c7df5b9a60e4173dad707d2af28020b29fa linux-source_4.15.0.213.224_all.deb 0324f35b74dda1da36a96611e7c4a1d91a71dac1 linux-source-4.15.0_4.15.0-213.224_all.deb cfdc49f6c43267a5d2a408f3d108e5804658e7ef linux-tools-4.15.0-213-tuxcare.els1_4.15.0-213.224_amd64.deb bb2cad8fe2aa392c4c4e507778ccd80d7ed07ef0 linux-tools-4.15.0-213-tuxcare.els1-generic_4.15.0-213.224_amd64.deb 6b27fb1a7057a71062ec79f6acbac804821d125b linux-tools-4.15.0-213-tuxcare.els1-lowlatency_4.15.0-213.224_amd64.deb 40119fb7018e5a6605e5ebd2f953469e7b033c3c linux-tools-common_4.15.0-213.224_all.deb 3ef029213a9a99692ff589e95db757c07f7d0b9c linux-tools-generic_4.15.0.213.224_amd64.deb 511bd730c4b9e7ea50c708a788027bf65fcc41e4 linux-tools-host_4.15.0-213.224_all.deb 9f6226968907c181fed948689cad87a41095650f linux-tools-lowlatency_4.15.0.213.224_amd64.deb 7fa7e5f3841286bf93e6bfea8573efd2b25b4e43 CLSA-2023:1693429208 TuxCare License Agreement 0 * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.68 upstream stable release (LP: #1993003) // CVE-url: https://ubuntu.com/security/CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * CVE-2023-1670 // CVE-url: https://ubuntu.com/security/CVE-2023-1670 - xirc2ps_cs: Fix use after free bug in xirc2ps_detach * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-2007 - scsi: dpt_i2o: Remove obsolete driver * CVE-2023-2124 // CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * CVE-url: https://ubuntu.com/security/CVE-2023-23000 - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function * CVE-url: https://ubuntu.com/security/CVE-2023-28466 - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35823 - media: saa7134: fix use after free bug in saa7134_finidev due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition * Miscellaneous Ubuntu changes - [Config] updateconfigs for SCSI_DPT_I2O * Miscellaneous upstream changes - fixup! UBUNTU: [Packaging]: add tuxcare suffix Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.68 upstream stable release (LP: #1993003) // CVE-url: https://ubuntu.com/security/CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * CVE-2023-1670 // CVE-url: https://ubuntu.com/security/CVE-2023-1670 - xirc2ps_cs: Fix use after free bug in xirc2ps_detach * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-2007 - scsi: dpt_i2o: Remove obsolete driver * CVE-2023-2124 // CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * CVE-url: https://ubuntu.com/security/CVE-2023-23000 - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function * CVE-url: https://ubuntu.com/security/CVE-2023-28466 - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35823 - media: saa7134: fix use after free bug in saa7134_finidev due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition * Miscellaneous Ubuntu changes - [Config] updateconfigs for SCSI_DPT_I2O * Miscellaneous upstream changes - fixup! UBUNTU: [Packaging]: add tuxcare suffix

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 9e1967520857b955544c0f0f8681f78009d69dee linux-buildinfo-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 33dfdbcaf1178bd49295343d8f9a206ac1188e86 linux-cloud-tools-4.15.0-214-tuxcare.els2_4.15.0-214.225_amd64.deb efcd15ffe60dde9b79ef7023b36f17e865f4403a linux-cloud-tools-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb a0cfe70ac4cf4e65b971d7313b099cbc3eebdc01 linux-cloud-tools-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 94632495bf36c6762626a791c39ce4c8d1a857c0 linux-cloud-tools-common_4.15.0-214.225_all.deb d127e8de16b5fb7e7a31527e76a3b009b5226f4b linux-cloud-tools-generic_4.15.0.214.225_amd64.deb f6d05a2f48b5bc423cde2995877b7fa45fee0a39 linux-cloud-tools-lowlatency_4.15.0.214.225_amd64.deb 25570652e61604baa062e9e35cdfd04ee60386ff linux-crashdump_4.15.0.214.225_amd64.deb 1c8b31191a75ab5f4047d1934ae624f235f19533 linux-doc_4.15.0-214.225_all.deb 00f350b6b1984e71b914aded3f61a870861a80fc linux-generic_4.15.0.214.225_amd64.deb 60156bd006a0f3faef600cb717054853b3f53ab8 linux-headers-4.15.0-214-tuxcare.els2_4.15.0-214.225_all.deb e55ee72d0f63b26853019267d2b17b4fada04497 linux-headers-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 97995929f241d63206a493c5cfea7bb924c92976 linux-headers-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 0480a81b1b449fd85e49fd0b2e311278d2b16182 linux-headers-generic_4.15.0.214.225_amd64.deb c5613943d0e51d9d523ba48b308a8296ce53a6cf linux-headers-lowlatency_4.15.0.214.225_amd64.deb 4e1b6dea045c96fa6a51df083a7e95c3183e4f79 linux-image-generic_4.15.0.214.225_amd64.deb 68a3a4da27a5d3e0f542bf4fdd63fbaadf0ef567 linux-image-lowlatency_4.15.0.214.225_amd64.deb 05cfe7f736ffff96c88d11c290b8f3076dad8784 linux-image-unsigned-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 3ee67f7b50f0301c4cab254e88bc10f15673d293 linux-image-unsigned-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 3ad2e2c1dee1f3042c0b7e5ee91079aafc4afe21 linux-libc-dev_4.15.0-214.225_amd64.deb 2b30620f222ff00a1c172f233a472d68b7153ad3 linux-lowlatency_4.15.0.214.225_amd64.deb 1c5ce23ee4d4e954f21735c0636762d840ee6ae6 linux-modules-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 298c1b890e5ac09f33d9188a51bc7b6de2c64294 linux-modules-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 805039ecbd715fc9e3f0128078306d136a0939c4 linux-modules-extra-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb ddd2afdbb9181881dd4ab1c7909d4298324736bf linux-source_4.15.0.214.225_all.deb 1d8659b6005155c0135c06a003b1909580b9c368 linux-source-4.15.0_4.15.0-214.225_all.deb a8955de5a2192264bbc3b674240187742d02e02e linux-tools-4.15.0-214-tuxcare.els2_4.15.0-214.225_amd64.deb 93e2cc7f3138362e74824f0bbae1954eaa15fef4 linux-tools-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb a4f2db35d9a4c2ca23df1982bdc0b62f5837cf0f linux-tools-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb e51201e99e0ff21f9acc838a34a9d977978b43d4 linux-tools-common_4.15.0-214.225_all.deb dcedabf365ec79018456ecd0e9303291d0bbf72e linux-tools-generic_4.15.0.214.225_amd64.deb 8dc0bdfe6464de3585562e42140749694285e67e linux-tools-host_4.15.0-214.225_all.deb e16f1a4f09ac0ff4a344d14d448a7c7a100b58c2 linux-tools-lowlatency_4.15.0.214.225_amd64.deb ec27fa3512f6cf69d529d9fc222e6d4be9e71fd9 CLSA-2023:1693431257 TuxCare License Agreement 0 * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.68 upstream stable release (LP: #1993003) // CVE-url: https://ubuntu.com/security/CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * CVE-2023-1670 // CVE-url: https://ubuntu.com/security/CVE-2023-1670 - xirc2ps_cs: Fix use after free bug in xirc2ps_detach * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-2007 - scsi: dpt_i2o: Remove obsolete driver * CVE-2023-2124 // CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * CVE-url: https://ubuntu.com/security/CVE-2023-23000 - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function * CVE-url: https://ubuntu.com/security/CVE-2023-28466 - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35823 - media: saa7134: fix use after free bug in saa7134_finidev due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition * Miscellaneous Ubuntu changes - [Config] updateconfigs for SCSI_DPT_I2O * Miscellaneous upstream changes - fixup! UBUNTU: [Packaging]: add tuxcare suffix Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check if directory block is within i_size * Jammy update: v5.15.68 upstream stable release (LP: #1993003) // CVE-url: https://ubuntu.com/security/CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * CVE-2023-1670 // CVE-url: https://ubuntu.com/security/CVE-2023-1670 - xirc2ps_cs: Fix use after free bug in xirc2ps_detach * CVE-url: https://ubuntu.com/security/CVE-2023-1989 - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1990 - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-2007 - scsi: dpt_i2o: Remove obsolete driver * CVE-2023-2124 // CVE-url: https://ubuntu.com/security/CVE-2023-2124 - xfs: verify buffer contents when we skip log replay * CVE-url: https://ubuntu.com/security/CVE-2023-23000 - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function * CVE-url: https://ubuntu.com/security/CVE-2023-28466 - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() * CVE-url: https://ubuntu.com/security/CVE-2023-3090 - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: https://ubuntu.com/security/CVE-2023-3111 - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: https://ubuntu.com/security/CVE-2023-3141 - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-3212 - gfs2: Don't deref jdesc in evict * CVE-url: https://ubuntu.com/security/CVE-2023-3268 - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: https://ubuntu.com/security/CVE-2023-3390 - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: https://ubuntu.com/security/CVE-2023-35823 - media: saa7134: fix use after free bug in saa7134_finidev due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35824 - media: dm1105: Fix use after free bug in dm1105_remove due to race condition * Miscellaneous Ubuntu changes - [Config] updateconfigs for SCSI_DPT_I2O * Miscellaneous upstream changes - fixup! UBUNTU: [Packaging]: add tuxcare suffix

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 9e1967520857b955544c0f0f8681f78009d69dee linux-buildinfo-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 33dfdbcaf1178bd49295343d8f9a206ac1188e86 linux-cloud-tools-4.15.0-214-tuxcare.els2_4.15.0-214.225_amd64.deb efcd15ffe60dde9b79ef7023b36f17e865f4403a linux-cloud-tools-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb a0cfe70ac4cf4e65b971d7313b099cbc3eebdc01 linux-cloud-tools-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 94632495bf36c6762626a791c39ce4c8d1a857c0 linux-cloud-tools-common_4.15.0-214.225_all.deb d127e8de16b5fb7e7a31527e76a3b009b5226f4b linux-cloud-tools-generic_4.15.0.214.225_amd64.deb f6d05a2f48b5bc423cde2995877b7fa45fee0a39 linux-cloud-tools-lowlatency_4.15.0.214.225_amd64.deb 25570652e61604baa062e9e35cdfd04ee60386ff linux-crashdump_4.15.0.214.225_amd64.deb 1c8b31191a75ab5f4047d1934ae624f235f19533 linux-doc_4.15.0-214.225_all.deb 00f350b6b1984e71b914aded3f61a870861a80fc linux-generic_4.15.0.214.225_amd64.deb 60156bd006a0f3faef600cb717054853b3f53ab8 linux-headers-4.15.0-214-tuxcare.els2_4.15.0-214.225_all.deb e55ee72d0f63b26853019267d2b17b4fada04497 linux-headers-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 97995929f241d63206a493c5cfea7bb924c92976 linux-headers-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 0480a81b1b449fd85e49fd0b2e311278d2b16182 linux-headers-generic_4.15.0.214.225_amd64.deb c5613943d0e51d9d523ba48b308a8296ce53a6cf linux-headers-lowlatency_4.15.0.214.225_amd64.deb 4e1b6dea045c96fa6a51df083a7e95c3183e4f79 linux-image-generic_4.15.0.214.225_amd64.deb 68a3a4da27a5d3e0f542bf4fdd63fbaadf0ef567 linux-image-lowlatency_4.15.0.214.225_amd64.deb 05cfe7f736ffff96c88d11c290b8f3076dad8784 linux-image-unsigned-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 3ee67f7b50f0301c4cab254e88bc10f15673d293 linux-image-unsigned-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 3ad2e2c1dee1f3042c0b7e5ee91079aafc4afe21 linux-libc-dev_4.15.0-214.225_amd64.deb 2b30620f222ff00a1c172f233a472d68b7153ad3 linux-lowlatency_4.15.0.214.225_amd64.deb 1c5ce23ee4d4e954f21735c0636762d840ee6ae6 linux-modules-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb 298c1b890e5ac09f33d9188a51bc7b6de2c64294 linux-modules-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb 805039ecbd715fc9e3f0128078306d136a0939c4 linux-modules-extra-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb ddd2afdbb9181881dd4ab1c7909d4298324736bf linux-source_4.15.0.214.225_all.deb 1d8659b6005155c0135c06a003b1909580b9c368 linux-source-4.15.0_4.15.0-214.225_all.deb a8955de5a2192264bbc3b674240187742d02e02e linux-tools-4.15.0-214-tuxcare.els2_4.15.0-214.225_amd64.deb 93e2cc7f3138362e74824f0bbae1954eaa15fef4 linux-tools-4.15.0-214-tuxcare.els2-generic_4.15.0-214.225_amd64.deb a4f2db35d9a4c2ca23df1982bdc0b62f5837cf0f linux-tools-4.15.0-214-tuxcare.els2-lowlatency_4.15.0-214.225_amd64.deb e51201e99e0ff21f9acc838a34a9d977978b43d4 linux-tools-common_4.15.0-214.225_all.deb dcedabf365ec79018456ecd0e9303291d0bbf72e linux-tools-generic_4.15.0.214.225_amd64.deb 8dc0bdfe6464de3585562e42140749694285e67e linux-tools-host_4.15.0-214.225_all.deb e16f1a4f09ac0ff4a344d14d448a7c7a100b58c2 linux-tools-lowlatency_4.15.0.214.225_amd64.deb ec27fa3512f6cf69d529d9fc222e6d4be9e71fd9 CLSA-2023:1693432495 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-1859 // CVE-url: https://ubuntu.com/security/CVE-2023-1859 - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-2023-3611 // CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-1859 // CVE-url: https://ubuntu.com/security/CVE-2023-1859 - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-2023-3611 // CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 664e8e081c4cfae5b5d12f55a6f2121ecc7cd615 linux-buildinfo-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb 69d041069e98bcf319da9ca81b8cd987ca920095 linux-cloud-tools-4.15.0-215-tuxcare.els3_4.15.0-215.226_amd64.deb 2d7e91bdcdfca07d12ecbe50edb020fa1224d6a9 linux-cloud-tools-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 58aa6090f38deb930df77af1f950a511868e3637 linux-cloud-tools-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb c922cf8f28229c3ec7c21d15c9daed2ee725027b linux-cloud-tools-common_4.15.0-215.226_all.deb 72b8e83490aeb027f19e94bf61d139a9f7a5baf2 linux-cloud-tools-generic_4.15.0.215.226_amd64.deb 076f827274e93b26729b03445e57733755a91d8a linux-cloud-tools-lowlatency_4.15.0.215.226_amd64.deb 5454371ff2643f4403b83169cf29b96210247143 linux-crashdump_4.15.0.215.226_amd64.deb 183c75c4aae1058a946937a5f2b6c47f16ef6af0 linux-doc_4.15.0-215.226_all.deb 860da578f4c0172ba22a2a4e3bdc1582d583f83b linux-generic_4.15.0.215.226_amd64.deb f810b7bdd2287d1e29d12d05cb9346973532f8c3 linux-headers-4.15.0-215-tuxcare.els3_4.15.0-215.226_all.deb cc5823101d0fb069de2d939dac412d8490d80704 linux-headers-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb a65b44e42ad51365bcd8077937ab8e1bf314093f linux-headers-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb ab74ff8f9b92afc9c2b4f2ca39952d85236b85dc linux-headers-generic_4.15.0.215.226_amd64.deb ca48b051b5fab979b3ae28fa5124aaea4a6d28f6 linux-headers-lowlatency_4.15.0.215.226_amd64.deb 937d66fcc6c664c22eb6b28ccb4978398bae96a5 linux-image-generic_4.15.0.215.226_amd64.deb a0484891a94aa60dedd671f1432f370e59dd3c5b linux-image-lowlatency_4.15.0.215.226_amd64.deb 4b217ddcc1375a462811cfbb04f396460caaecc8 linux-image-unsigned-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb f0440d4baf83fcda0ca2a95fa91fdc59adc00e5e linux-image-unsigned-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb 1bbb12cce1c1bf78ae44dfc0059a733dbf880c27 linux-libc-dev_4.15.0-215.226_amd64.deb f8c9b97c4542e70d3bc6048823db787a43554a96 linux-lowlatency_4.15.0.215.226_amd64.deb 330cec0bec953be2df6957486a646428fe844ebf linux-modules-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb c11438b13675825f6769d21290317929050a5472 linux-modules-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb d815f53bfea6f61617c2895cdde440ef696ef98b linux-modules-extra-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 6876bdd4d0facfe3a44e77018ec9691296ae1a14 linux-source_4.15.0.215.226_all.deb 1f3c8e26a5249e27495f79b1c34528ad83eccb86 linux-source-4.15.0_4.15.0-215.226_all.deb f594b5d26a884ce2cd1cafbf126cc2604ed87d4a linux-tools-4.15.0-215-tuxcare.els3_4.15.0-215.226_amd64.deb 1fb5fbe4c724d8d0b0fb04b5449ee42ce3d48e7b linux-tools-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 5403ac9f5d07786483c1e7126f8c123682b003eb linux-tools-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb 78f30afb243ccbc66454a2ac5eb178bc12614cda linux-tools-common_4.15.0-215.226_all.deb 416b8f177624317a855956c25eb66b77333a4bb6 linux-tools-generic_4.15.0.215.226_amd64.deb d535fb54b38e150b38e947e4a64075460c97760e linux-tools-host_4.15.0-215.226_all.deb 33ba70f791e670d3e9c9191f4f1d1c1a3e810dc4 linux-tools-lowlatency_4.15.0.215.226_amd64.deb 02a91851b3be33b37acb2b7a686d44e8328eb6c2 CLSA-2023:1693432750 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-1859 // CVE-url: https://ubuntu.com/security/CVE-2023-1859 - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-2023-3611 // CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-1859 // CVE-url: https://ubuntu.com/security/CVE-2023-1859 - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-2023-3611 // CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 664e8e081c4cfae5b5d12f55a6f2121ecc7cd615 linux-buildinfo-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb 69d041069e98bcf319da9ca81b8cd987ca920095 linux-cloud-tools-4.15.0-215-tuxcare.els3_4.15.0-215.226_amd64.deb 2d7e91bdcdfca07d12ecbe50edb020fa1224d6a9 linux-cloud-tools-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 58aa6090f38deb930df77af1f950a511868e3637 linux-cloud-tools-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb c922cf8f28229c3ec7c21d15c9daed2ee725027b linux-cloud-tools-common_4.15.0-215.226_all.deb 72b8e83490aeb027f19e94bf61d139a9f7a5baf2 linux-cloud-tools-generic_4.15.0.215.226_amd64.deb 076f827274e93b26729b03445e57733755a91d8a linux-cloud-tools-lowlatency_4.15.0.215.226_amd64.deb 5454371ff2643f4403b83169cf29b96210247143 linux-crashdump_4.15.0.215.226_amd64.deb 183c75c4aae1058a946937a5f2b6c47f16ef6af0 linux-doc_4.15.0-215.226_all.deb 860da578f4c0172ba22a2a4e3bdc1582d583f83b linux-generic_4.15.0.215.226_amd64.deb f810b7bdd2287d1e29d12d05cb9346973532f8c3 linux-headers-4.15.0-215-tuxcare.els3_4.15.0-215.226_all.deb cc5823101d0fb069de2d939dac412d8490d80704 linux-headers-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb a65b44e42ad51365bcd8077937ab8e1bf314093f linux-headers-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb ab74ff8f9b92afc9c2b4f2ca39952d85236b85dc linux-headers-generic_4.15.0.215.226_amd64.deb ca48b051b5fab979b3ae28fa5124aaea4a6d28f6 linux-headers-lowlatency_4.15.0.215.226_amd64.deb 937d66fcc6c664c22eb6b28ccb4978398bae96a5 linux-image-generic_4.15.0.215.226_amd64.deb a0484891a94aa60dedd671f1432f370e59dd3c5b linux-image-lowlatency_4.15.0.215.226_amd64.deb 4b217ddcc1375a462811cfbb04f396460caaecc8 linux-image-unsigned-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb f0440d4baf83fcda0ca2a95fa91fdc59adc00e5e linux-image-unsigned-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb 1bbb12cce1c1bf78ae44dfc0059a733dbf880c27 linux-libc-dev_4.15.0-215.226_amd64.deb f8c9b97c4542e70d3bc6048823db787a43554a96 linux-lowlatency_4.15.0.215.226_amd64.deb 330cec0bec953be2df6957486a646428fe844ebf linux-modules-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb c11438b13675825f6769d21290317929050a5472 linux-modules-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb d815f53bfea6f61617c2895cdde440ef696ef98b linux-modules-extra-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 6876bdd4d0facfe3a44e77018ec9691296ae1a14 linux-source_4.15.0.215.226_all.deb 1f3c8e26a5249e27495f79b1c34528ad83eccb86 linux-source-4.15.0_4.15.0-215.226_all.deb f594b5d26a884ce2cd1cafbf126cc2604ed87d4a linux-tools-4.15.0-215-tuxcare.els3_4.15.0-215.226_amd64.deb 1fb5fbe4c724d8d0b0fb04b5449ee42ce3d48e7b linux-tools-4.15.0-215-tuxcare.els3-generic_4.15.0-215.226_amd64.deb 5403ac9f5d07786483c1e7126f8c123682b003eb linux-tools-4.15.0-215-tuxcare.els3-lowlatency_4.15.0-215.226_amd64.deb 78f30afb243ccbc66454a2ac5eb178bc12614cda linux-tools-common_4.15.0-215.226_all.deb 416b8f177624317a855956c25eb66b77333a4bb6 linux-tools-generic_4.15.0.215.226_amd64.deb d535fb54b38e150b38e947e4a64075460c97760e linux-tools-host_4.15.0-215.226_all.deb 33ba70f791e670d3e9c9191f4f1d1c1a3e810dc4 linux-tools-lowlatency_4.15.0.215.226_amd64.deb 02a91851b3be33b37acb2b7a686d44e8328eb6c2 CLSA-2023:1693904331 TuxCare License Agreement 0 * Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1855 - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-33203 - net: qcom/emac: Fix use after free bug in emac_remove due to race condition * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1855 - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-33203 - net: qcom/emac: Fix use after free bug in emac_remove due to race condition * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 7fc2d16cd42620de6ddb96ca622e6882d6979f56 linux-buildinfo-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb 7ee994d1af96df1595de5ae8fcfa401da85a427c linux-cloud-tools-4.15.0-216-tuxcare.els4_4.15.0-216.227_amd64.deb 466910ded3e8efd957e17e207c4ba4e58b548674 linux-cloud-tools-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb af0e7c9b842cde8e67b1ab67279c777773578c57 linux-cloud-tools-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb 38b666f55ce98d0270559a5771f48ee7a6be9dc2 linux-cloud-tools-common_4.15.0-216.227_all.deb 36593edf30aed0523cced9b5ac81a9b872d05a64 linux-cloud-tools-generic_4.15.0.216.227_amd64.deb 5452f5ce4844a3770d465d3093808182a4b95d58 linux-cloud-tools-lowlatency_4.15.0.216.227_amd64.deb 5570ecc67590ad8d138e6128e603b4f9c722e78f linux-crashdump_4.15.0.216.227_amd64.deb 9e632fa58cdd993cbfef794d90ead742cba5b912 linux-doc_4.15.0-216.227_all.deb f3b9365f99cf158c5b0841bbbcc8bd822e47de43 linux-generic_4.15.0.216.227_amd64.deb 29a9a131d9f4d5a02c9295ae500cff4f3418c05e linux-headers-4.15.0-216-tuxcare.els4_4.15.0-216.227_all.deb 2040baa6189d105057b829ba9f59c92b5cf37207 linux-headers-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 3dae0af7d72d7fd22e4ebeedabccabb54d0a1950 linux-headers-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb b850a1f9e18106e718a15c962b7d7037cb1a74dc linux-headers-generic_4.15.0.216.227_amd64.deb b4bac8bd250f0f825ce720721999051855344fb0 linux-headers-lowlatency_4.15.0.216.227_amd64.deb 7946f7a7a6d35793a80eeb0b103d36fd490bdb80 linux-image-generic_4.15.0.216.227_amd64.deb 17c71741a5343b19ef1830faabf1c336122f2b75 linux-image-lowlatency_4.15.0.216.227_amd64.deb 2149c9344e49385c76a3e47dc2ad1d3090571470 linux-image-unsigned-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb baf8172d85dfd663f48c0247b3eaa44ecba7abbd linux-image-unsigned-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb ffc7fcc5f684f4e96df9fafbeacf4e9fe2fee7e2 linux-libc-dev_4.15.0-216.227_amd64.deb 72c390b3e28c1de8bbb8ff7e9b1e3a0dcee88a5a linux-lowlatency_4.15.0.216.227_amd64.deb a42b7a549071c1bbb5946052ae7cdc3ee9464836 linux-modules-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 70dff020cbd328e253891610304a6b879c73aae7 linux-modules-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb 3579bda5595e7ccb5fd4a8b9d9af56cb4b7193f0 linux-modules-extra-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 289983b919fb1702c801930d2d10ee872296ab07 linux-source_4.15.0.216.227_all.deb 84d27771323ca012172c8691f5886b55b8725b2c linux-source-4.15.0_4.15.0-216.227_all.deb 3c1887c207b866f521789861644cd03d9977b186 linux-tools-4.15.0-216-tuxcare.els4_4.15.0-216.227_amd64.deb b1a1f57bdfd2094431d9b85a5cfc42b5c644155f linux-tools-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb c2d383bb1183018d80313b969d3a9561a9953f6f linux-tools-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb bca87f6ec9feb05dcc4dcfc37ebf765c6ad0f82d linux-tools-common_4.15.0-216.227_all.deb 8e69d9590e723a07b430b5188b4c6a7e928cd960 linux-tools-generic_4.15.0.216.227_amd64.deb f11b84e68e34f98758c33a1c1bce0048286010c1 linux-tools-host_4.15.0-216.227_all.deb 18b0f8d95b4ec54bb1941791574d416cd2e2cf62 linux-tools-lowlatency_4.15.0.216.227_amd64.deb 3826320d09b70622c00c29a944f35e08b89cab7e CLSA-2023:1693904659 TuxCare License Agreement 0 * Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1855 - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-33203 - net: qcom/emac: Fix use after free bug in emac_remove due to race condition * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: https://ubuntu.com/security/CVE-2023-0590 - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: https://ubuntu.com/security/CVE-2023-1855 - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: https://ubuntu.com/security/CVE-2022-4129 - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-30772 - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-2194 - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2023-33203 - net: qcom/emac: Fix use after free bug in emac_remove due to race condition * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: https://ubuntu.com/security/CVE-2023-31084 - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-2985 - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: https://ubuntu.com/security/CVE-2023-2269 - dm ioctl: fix nested locking in table_clear() to remove deadlock concern

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 7fc2d16cd42620de6ddb96ca622e6882d6979f56 linux-buildinfo-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb 7ee994d1af96df1595de5ae8fcfa401da85a427c linux-cloud-tools-4.15.0-216-tuxcare.els4_4.15.0-216.227_amd64.deb 466910ded3e8efd957e17e207c4ba4e58b548674 linux-cloud-tools-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb af0e7c9b842cde8e67b1ab67279c777773578c57 linux-cloud-tools-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb 38b666f55ce98d0270559a5771f48ee7a6be9dc2 linux-cloud-tools-common_4.15.0-216.227_all.deb 36593edf30aed0523cced9b5ac81a9b872d05a64 linux-cloud-tools-generic_4.15.0.216.227_amd64.deb 5452f5ce4844a3770d465d3093808182a4b95d58 linux-cloud-tools-lowlatency_4.15.0.216.227_amd64.deb 5570ecc67590ad8d138e6128e603b4f9c722e78f linux-crashdump_4.15.0.216.227_amd64.deb 9e632fa58cdd993cbfef794d90ead742cba5b912 linux-doc_4.15.0-216.227_all.deb f3b9365f99cf158c5b0841bbbcc8bd822e47de43 linux-generic_4.15.0.216.227_amd64.deb 29a9a131d9f4d5a02c9295ae500cff4f3418c05e linux-headers-4.15.0-216-tuxcare.els4_4.15.0-216.227_all.deb 2040baa6189d105057b829ba9f59c92b5cf37207 linux-headers-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 3dae0af7d72d7fd22e4ebeedabccabb54d0a1950 linux-headers-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb b850a1f9e18106e718a15c962b7d7037cb1a74dc linux-headers-generic_4.15.0.216.227_amd64.deb b4bac8bd250f0f825ce720721999051855344fb0 linux-headers-lowlatency_4.15.0.216.227_amd64.deb 7946f7a7a6d35793a80eeb0b103d36fd490bdb80 linux-image-generic_4.15.0.216.227_amd64.deb 17c71741a5343b19ef1830faabf1c336122f2b75 linux-image-lowlatency_4.15.0.216.227_amd64.deb 2149c9344e49385c76a3e47dc2ad1d3090571470 linux-image-unsigned-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb baf8172d85dfd663f48c0247b3eaa44ecba7abbd linux-image-unsigned-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb ffc7fcc5f684f4e96df9fafbeacf4e9fe2fee7e2 linux-libc-dev_4.15.0-216.227_amd64.deb 72c390b3e28c1de8bbb8ff7e9b1e3a0dcee88a5a linux-lowlatency_4.15.0.216.227_amd64.deb a42b7a549071c1bbb5946052ae7cdc3ee9464836 linux-modules-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 70dff020cbd328e253891610304a6b879c73aae7 linux-modules-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb 3579bda5595e7ccb5fd4a8b9d9af56cb4b7193f0 linux-modules-extra-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb 289983b919fb1702c801930d2d10ee872296ab07 linux-source_4.15.0.216.227_all.deb 84d27771323ca012172c8691f5886b55b8725b2c linux-source-4.15.0_4.15.0-216.227_all.deb 3c1887c207b866f521789861644cd03d9977b186 linux-tools-4.15.0-216-tuxcare.els4_4.15.0-216.227_amd64.deb b1a1f57bdfd2094431d9b85a5cfc42b5c644155f linux-tools-4.15.0-216-tuxcare.els4-generic_4.15.0-216.227_amd64.deb c2d383bb1183018d80313b969d3a9561a9953f6f linux-tools-4.15.0-216-tuxcare.els4-lowlatency_4.15.0-216.227_amd64.deb bca87f6ec9feb05dcc4dcfc37ebf765c6ad0f82d linux-tools-common_4.15.0-216.227_all.deb 8e69d9590e723a07b430b5188b4c6a7e928cd960 linux-tools-generic_4.15.0.216.227_amd64.deb f11b84e68e34f98758c33a1c1bce0048286010c1 linux-tools-host_4.15.0-216.227_all.deb 18b0f8d95b4ec54bb1941791574d416cd2e2cf62 linux-tools-lowlatency_4.15.0.216.227_amd64.deb 3826320d09b70622c00c29a944f35e08b89cab7e CLSA-2023:1693904834 TuxCare License Agreement 0 * SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174

0 tuxcare-ubuntu18.04-els busybox_1.27.2-2ubuntu3.4+tuxcare.els2_amd64.deb 2f6aaea0d68eb9ddb2e3d8fd95719f83082b50f8 busybox-initramfs_1.27.2-2ubuntu3.4+tuxcare.els2_amd64.deb 38b8b4e13528438ec9b1de2101909cdaf4e5ad12 busybox-static_1.27.2-2ubuntu3.4+tuxcare.els2_amd64.deb 2bca665924a613682460de601e25054f913527af busybox-syslogd_1.27.2-2ubuntu3.4+tuxcare.els2_all.deb 00789b148a3e61194905c529d9629044bc3ac62b udhcpc_1.27.2-2ubuntu3.4+tuxcare.els2_amd64.deb c6434d9e376f50075daf4d879cfe5eae83d83196 udhcpd_1.27.2-2ubuntu3.4+tuxcare.els2_amd64.deb 8bc6e359298e3397c7edc20ead885342aa8b1f83 CLSA-2023:1694109668 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2023-08-08: + New Microcodes for 19h family: sig 0x00a10f11, sig 0x00a10f12, sig 0x00aa0f01, sig 0x00aa0f02; * SECURITY UPDATE: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result to potential information disclosure. - CPUs firmware updated up to 2023-08-08 - CVE-2023-20569 - CVE-2023-20593 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2023-08-08: + New Microcodes for 19h family: sig 0x00a10f11, sig 0x00a10f12, sig 0x00aa0f01, sig 0x00aa0f02; * SECURITY UPDATE: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result to potential information disclosure. - CPUs firmware updated up to 2023-08-08 - CVE-2023-20569 - CVE-2023-20593

0 tuxcare-ubuntu18.04-els amd64-microcode_3.20230808.1ubuntu0.18.04.1+tuxcare.els1_amd64.deb ae70b68dcaf4a9cb9f336221cfe641e2dac2cb56 CLSA-2023:1694538536 TuxCare License Agreement 0 * SECURITY UPDATE: segmentation fault in objdump.c compare_symbols - debian/patches/CVE-2022-47695.patch: test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47695 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: segmentation fault in objdump.c compare_symbols - debian/patches/CVE-2022-47695.patch: test symbol flags to exclude section and synthetic symbols before attempting to check flavour - CVE-2022-47695

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 9dc39e6ec72947fc17ad0f2bd621a4e59807acb4 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb cd944dfebf9838898a2c1cf022d22b293a7d869e binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb b84fd98efc4703c2c91630d05294f7621965ea00 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 2939e1a27b7a32f3ebfb03106fb8809d0ace6249 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 49a20c6d1c588c116839d9be18eb774b9224bdb0 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 505e0e523df8a184f8e06c744c1ad29e672c0411 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 90c9e498ecc36794308e7024d5c44a03de844820 binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els3_all.deb 565107dba2ba92ba22ce1e861d5741bcd5a736b6 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els3_all.deb f2386ea70dcf9158c60e06840881396d7a2d5249 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 3061777f5bf97c276853d85ffcab65179b96f18a binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 3c8ee91be7ab16b433c2f6abb275cbb67c2dc03e binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb bf3af10dbc52473f45878be58527b6867216cfc2 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 87b1e46fab722e980b882c9cd87a0c5cca31a8df binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 943786bfb2635503f44f178b77a2236dd196ee45 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 3a47bee49efdf19bba53939803ce3355be2fcffe binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 0ef3e71efe1c8c75f6b02a5c72fcb4fcaf183ecf binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 8e022557774f061d1b997ad0b4af0ac7a7650c46 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 54ceba495530c22c8cf5b51550a6f4e9ead66637 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 1c6e2702f15ddc380647174e5ee970d2e010e9d8 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb a9e261169feb0361ce22698df70cec509a28053e binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb f77fc00f65ff5a4b700a2390755c03939e7b54ad binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 43fc2e30f86b0adfbdc08ad3698a7e5ce122ac90 binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 66ab736213d94e73e94e917f8c112455d3b48125 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb a99dad2e08873d34c6cce45846f76faf9de2a3f8 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 9b6d9cb29c72cbe105940b4984ce263a4f1df7b9 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 6531aa132956587c8b91abd9a1576781c89559b8 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb d89730c89093335e1cfc6fca08ea8148ff1801a4 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb aa05f9bbafc75fcbb2adb9c4cedab9f135e0e5f5 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 393f9e8249f10f6716937d396a00a7aa255a4b6e binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 729b8fe8b07e5ea6cee864bf28a8b9bc41c1eca3 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb fc1a9a3e16ac3fa90771c3ccdeb68d0b5860f760 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb e21c9ee1473eea4173a75191c21a454721fb5b4a binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 78c45d94cead722ed2d16935bec68d4ccb71f48d binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 533dbe464c46165b78a6fd97fd281a8a8013660f binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 1aee4152a9e1b3acec64e95a25ecf2fc2caf6ab9 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 2f36ef8c5c47cc57c71f1bb7d7de79f6d7639ce8 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb c10fd2c13cc1461a6a49d8053acb53d6cf318f98 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 47efd604784b0d097bbb12b2dcc89f0e21c33a4e binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els3_all.deb 463b128ea994a918f31459e597a98370693f8622 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb da3b831846339f38ecd52d0f149de79ba477a287 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 13028d778d31bd412993ad468c1ea230a612cbcf binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 456988da198be0e17a2841d35b28c2d387f0d2cc binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 85298f13251e1a53d571a988e42c91f4856a3d91 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els3_amd64.deb 985f1369523adf2a073410d9cdbaeced78dd5757 CLSA-2023:1694538670 TuxCare License Agreement 0 * CVE-2022-40433: Segmentation fault in ciMethodBlocks::make_block_at(int) Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-40433: Segmentation fault in ciMethodBlocks::make_block_at(int)

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 5916086af5d325bf1a4f58445441a18ed47718bc openjdk-8-doc_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_all.deb b1219ed60f7989952be2e6a4f6903a48b793fcf1 openjdk-8-jdk_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb a866b82d5e0c9b5c8bd3468a2fec3c5f81bf2c66 openjdk-8-jdk-headless_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 32082f3dec7bf0797850df024ab73c54d75abf19 openjdk-8-jre_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 6527bd3dd646f81d6fdf0dfdecf162a29a7e1d2e openjdk-8-jre-headless_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb f56563bce3869157852b6f646c40ba8c2933deda openjdk-8-jre-zero_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 19c404412d6750dda0d378aea138412e17d1c17a openjdk-8-source_8u372-ga~us1-0ubuntu1~18.04+tuxcare.els1_all.deb 648aaec64f18631f4d2a92e998814c551c23d1df CLSA-2023:1694538765 TuxCare License Agreement 0 * SECURITY UPDATE: XML vulnerabilities in plist files - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: XML vulnerabilities in plist files - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_all.deb 149c9dfba57054038c11431d783b41f3ee32466f libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb 841409c447b63d3d56718704351073ee5881503a libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb 4f8faf298fa9d1194d010a01d3a69a0ec97bc5ba libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb 056c3fd4a220474a5705b68ca71ffd3ad62395fb libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb b7e6e55c5a5b5817e78edd146d92a445af0f9061 libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_all.deb a4e1d8252f4c47d8630c7e9784b65d74c84f3d3b python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb 7cfcf2606f23f619c02b174d7e865af530bf8eff python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb 973ee5e65450a5f642703a8e1054c3924129acce python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_all.deb 046905529b269b0ac07f67508bb6f40be961ae52 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_all.deb ca432007a6ca071bc4262aaad436b62948ea4ba3 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els3_amd64.deb 4de2ea32028dfc20e3a770bb5273c38e72d10263 CLSA-2023:1694538837 TuxCare License Agreement 0 * SECURITY UPDATE: DoS in case of malicious entity directives - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DoS in case of malicious entity directives - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_all.deb 5220ed36eb8ea5d331303307250e7195a782782d libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb cc0386fd7c4b15d565740a22f6abf6cb4ef784f1 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb 488be94cc69726da8a2c857a30a1bb7dd65c4167 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb 5b04eecdfd368abb86ee724efaae00bada580554 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb 13202bad0e3d12cf7b26e28112ad761e12b7a441 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_all.deb 594c0e4e0e951c31a30ed2ee2095e95f88cebfcd python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb 51f6ebb00529e62a4a2c4db0f7bc9ba9c6056b67 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb fb36c4af56f04ac62e68cb52aa7069748150be0d python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_all.deb 9fd8dbe333492612ce02c323e28998b18a8ae394 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_all.deb 8ab9d62aa78ccc64a9272766f8ef252080391817 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb a8e62e20681c8ada2ac5b97dd3453ccdde4030dd python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els3_amd64.deb 3edcedca5b685533af8abf4c04225822556c74dc CLSA-2023:1695041084 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: act_mirred: better wording on protection against excessive stack growth - act_mirred: use the backlog for nested calls to mirred ingress * CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: user-space can't set unknown tcfa_action values - net/tc: introduce TC_ACT_REINSERT. - act_mirred: use TC_ACT_REINSERT when possible - net: sched: act_mirred method rename for grep-ability and consistency - net: sched: protect against stack overflow in TC act_mirred - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: Introduce tc actions tests * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-27672 - x86/speculation: Identify processors vulnerable to SMT RSB predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions * CVE-url: https://ubuntu.com/security/CVE-2022-27672 - KVM: x86: drop bogus MWAIT check - KVM: x86: simplify kvm_mwait_in_guest() - KVM: X86: Provide a capability to disable MWAIT intercepts - KVM: X86: Provide a capability to disable HLT intercepts - KVM: VMX: Remove redundant write to set vCPU as active at RESET/INIT - KVM: X86: Provide a capability to disable PAUSE intercepts - x86/headers/UAPI: Move DISABLE_EXITS KVM capability bits to the UAPI - tools headers kvm: Sync uapi/linux/kvm.h with the kernel sources - KVM: X86: Provide a capability to disable cstate msr read intercepts * Jammy update: v5.15.110 upstream stable release (LP: #2025090) // CVE-url: https://ubuntu.com/security/CVE-2023-2002 - bluetooth: Perform careful capability checks in hci_sock_ioctl() * Jammy update: v5.15.80 upstream stable release (LP: #2003122) // CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: ensure subsystem reset is single threaded * CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: host delete_work and reset_work on separate workqueues - PCI/ASPM: Add pcie_aspm_enabled() - nvme-pci: Allow PCI bus-level PM to be used if ASPM is disabled - nvme: Prevent resets during paused controller state - nvme: Add quirk for LiteON CL1 devices running FW 22301111 - nvme: Wait for reset state when required * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2022-47519 - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute * CVE-2022-47520 // CVE-url: https://ubuntu.com/security/CVE-2022-47520 - wifi: wilc1000: validate pairwise and authentication suite offsets * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: act_mirred: better wording on protection against excessive stack growth - act_mirred: use the backlog for nested calls to mirred ingress * CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: user-space can't set unknown tcfa_action values - net/tc: introduce TC_ACT_REINSERT. - act_mirred: use TC_ACT_REINSERT when possible - net: sched: act_mirred method rename for grep-ability and consistency - net: sched: protect against stack overflow in TC act_mirred - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: Introduce tc actions tests * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-27672 - x86/speculation: Identify processors vulnerable to SMT RSB predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions * CVE-url: https://ubuntu.com/security/CVE-2022-27672 - KVM: x86: drop bogus MWAIT check - KVM: x86: simplify kvm_mwait_in_guest() - KVM: X86: Provide a capability to disable MWAIT intercepts - KVM: X86: Provide a capability to disable HLT intercepts - KVM: VMX: Remove redundant write to set vCPU as active at RESET/INIT - KVM: X86: Provide a capability to disable PAUSE intercepts - x86/headers/UAPI: Move DISABLE_EXITS KVM capability bits to the UAPI - tools headers kvm: Sync uapi/linux/kvm.h with the kernel sources - KVM: X86: Provide a capability to disable cstate msr read intercepts * Jammy update: v5.15.110 upstream stable release (LP: #2025090) // CVE-url: https://ubuntu.com/security/CVE-2023-2002 - bluetooth: Perform careful capability checks in hci_sock_ioctl() * Jammy update: v5.15.80 upstream stable release (LP: #2003122) // CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: ensure subsystem reset is single threaded * CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: host delete_work and reset_work on separate workqueues - PCI/ASPM: Add pcie_aspm_enabled() - nvme-pci: Allow PCI bus-level PM to be used if ASPM is disabled - nvme: Prevent resets during paused controller state - nvme: Add quirk for LiteON CL1 devices running FW 22301111 - nvme: Wait for reset state when required * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2022-47519 - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute * CVE-2022-47520 // CVE-url: https://ubuntu.com/security/CVE-2022-47520 - wifi: wilc1000: validate pairwise and authentication suite offsets * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb 6ca24c6dff081dc9764fcec462aff7c28bb3c479 linux-buildinfo-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 507602ed5f9503bc6aea6cfa8c8e7778ff6fe10c linux-cloud-tools-4.15.0-217-tuxcare.els5_4.15.0-217.228_amd64.deb 7402182d026b52655e47515918660f4d3d096aa6 linux-cloud-tools-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb b70f2e14fc09b06b0e9da4d39268015934c40186 linux-cloud-tools-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 9d7da4ebe8c383af96bf8c8d105b7f5797f43fcd linux-cloud-tools-common_4.15.0-217.228_all.deb ab4af86f0c6f4d353266bcecf527db03ab6f0b98 linux-cloud-tools-generic_4.15.0.217.228_amd64.deb 0d36ab66b3d17ee717f8f20da8317430af202930 linux-cloud-tools-lowlatency_4.15.0.217.228_amd64.deb 12f25875cf27960b57f5ba0914da848d1e0ed60c linux-crashdump_4.15.0.217.228_amd64.deb 33a2ef49f20d587a9b34d1a0ad982b8c95ffb79c linux-doc_4.15.0-217.228_all.deb b43bc3199a60fdd669c928db308104d34f1a18e1 linux-generic_4.15.0.217.228_amd64.deb 5a14577a909444310568334c820527d6d6ea218c linux-headers-4.15.0-217-tuxcare.els5_4.15.0-217.228_all.deb 9267512563aa173155c7623dbc28f62fbb4c3142 linux-headers-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb 5fc5360f897996ef143efc0ba8ae10a6fe5f68b3 linux-headers-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb f41f8e92d8f42aca76bb5c5b213d57659da899bf linux-headers-generic_4.15.0.217.228_amd64.deb 4cb2a19d824870b5445e1861f0fefecb26dd5518 linux-headers-lowlatency_4.15.0.217.228_amd64.deb 575113d0d19dac266dd665e28ebf922913d964a7 linux-image-generic_4.15.0.217.228_amd64.deb 0fe6f63dee1ff27c2b3715864487cc2df57f0981 linux-image-lowlatency_4.15.0.217.228_amd64.deb bcb31e8c5eaf3f343ecc57b13acafc11ea765594 linux-image-unsigned-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb b295ff886d0f92a18c57533bdbbad3dea7efcb00 linux-image-unsigned-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 022afc0104bb98f22ff43f9ca63de85fef57ecdc linux-libc-dev_4.15.0-217.228_amd64.deb 680a74a0ba2102d2484060d7ee430fcdd55b962a linux-lowlatency_4.15.0.217.228_amd64.deb bcf8ff8e28f36aec150d87d6984eeba616384c8c linux-modules-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb f5212aae9a6affca5ea1a61221be1e59e945e0ee linux-modules-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb d9a84a1f3a3d8a6e388f3c21f4a1c9505ea33119 linux-modules-extra-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb 85e51f56e0cefa4aa8d06f15c67b99e475358573 linux-source_4.15.0.217.228_all.deb 0ea2ac736938109a17b9514f53091626922ba0a3 linux-source-4.15.0_4.15.0-217.228_all.deb fdd1cdeb3a3102bb1b85a8651d0e339bc40003e8 linux-tools-4.15.0-217-tuxcare.els5_4.15.0-217.228_amd64.deb f764163cbbf6b4e61e42d30ef3eb7aede60b115e linux-tools-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb dc19850fe53bbb78fad599277810c0ca7da29e8e linux-tools-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 05c911e77b69ffdf17b9e521bbbe9131d8074032 linux-tools-common_4.15.0-217.228_all.deb ef20597f8d0224685ec07587ab152e61856ed4b9 linux-tools-generic_4.15.0.217.228_amd64.deb 6ad9652d43a4ac5ad07cffbfee98519ec486edbd linux-tools-host_4.15.0-217.228_all.deb 985ba7da803f22c8ec77409af2155c55d125ed74 linux-tools-lowlatency_4.15.0.217.228_amd64.deb 138b6691092d1ff4ff7b2d7da37b4c05df3ff996 CLSA-2023:1695041288 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: act_mirred: better wording on protection against excessive stack growth - act_mirred: use the backlog for nested calls to mirred ingress * CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: user-space can't set unknown tcfa_action values - net/tc: introduce TC_ACT_REINSERT. - act_mirred: use TC_ACT_REINSERT when possible - net: sched: act_mirred method rename for grep-ability and consistency - net: sched: protect against stack overflow in TC act_mirred - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: Introduce tc actions tests * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-27672 - x86/speculation: Identify processors vulnerable to SMT RSB predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions * CVE-url: https://ubuntu.com/security/CVE-2022-27672 - KVM: x86: drop bogus MWAIT check - KVM: x86: simplify kvm_mwait_in_guest() - KVM: X86: Provide a capability to disable MWAIT intercepts - KVM: X86: Provide a capability to disable HLT intercepts - KVM: VMX: Remove redundant write to set vCPU as active at RESET/INIT - KVM: X86: Provide a capability to disable PAUSE intercepts - x86/headers/UAPI: Move DISABLE_EXITS KVM capability bits to the UAPI - tools headers kvm: Sync uapi/linux/kvm.h with the kernel sources - KVM: X86: Provide a capability to disable cstate msr read intercepts * Jammy update: v5.15.110 upstream stable release (LP: #2025090) // CVE-url: https://ubuntu.com/security/CVE-2023-2002 - bluetooth: Perform careful capability checks in hci_sock_ioctl() * Jammy update: v5.15.80 upstream stable release (LP: #2003122) // CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: ensure subsystem reset is single threaded * CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: host delete_work and reset_work on separate workqueues - PCI/ASPM: Add pcie_aspm_enabled() - nvme-pci: Allow PCI bus-level PM to be used if ASPM is disabled - nvme: Prevent resets during paused controller state - nvme: Add quirk for LiteON CL1 devices running FW 22301111 - nvme: Wait for reset state when required * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2022-47519 - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute * CVE-2022-47520 // CVE-url: https://ubuntu.com/security/CVE-2022-47520 - wifi: wilc1000: validate pairwise and authentication suite offsets * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: act_mirred: better wording on protection against excessive stack growth - act_mirred: use the backlog for nested calls to mirred ingress * CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: user-space can't set unknown tcfa_action values - net/tc: introduce TC_ACT_REINSERT. - act_mirred: use TC_ACT_REINSERT when possible - net: sched: act_mirred method rename for grep-ability and consistency - net: sched: protect against stack overflow in TC act_mirred - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: Introduce tc actions tests * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-27672 - x86/speculation: Identify processors vulnerable to SMT RSB predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions * CVE-url: https://ubuntu.com/security/CVE-2022-27672 - KVM: x86: drop bogus MWAIT check - KVM: x86: simplify kvm_mwait_in_guest() - KVM: X86: Provide a capability to disable MWAIT intercepts - KVM: X86: Provide a capability to disable HLT intercepts - KVM: VMX: Remove redundant write to set vCPU as active at RESET/INIT - KVM: X86: Provide a capability to disable PAUSE intercepts - x86/headers/UAPI: Move DISABLE_EXITS KVM capability bits to the UAPI - tools headers kvm: Sync uapi/linux/kvm.h with the kernel sources - KVM: X86: Provide a capability to disable cstate msr read intercepts * Jammy update: v5.15.110 upstream stable release (LP: #2025090) // CVE-url: https://ubuntu.com/security/CVE-2023-2002 - bluetooth: Perform careful capability checks in hci_sock_ioctl() * Jammy update: v5.15.80 upstream stable release (LP: #2003122) // CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: ensure subsystem reset is single threaded * CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: host delete_work and reset_work on separate workqueues - PCI/ASPM: Add pcie_aspm_enabled() - nvme-pci: Allow PCI bus-level PM to be used if ASPM is disabled - nvme: Prevent resets during paused controller state - nvme: Add quirk for LiteON CL1 devices running FW 22301111 - nvme: Wait for reset state when required * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2022-47519 - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute * CVE-2022-47520 // CVE-url: https://ubuntu.com/security/CVE-2022-47520 - wifi: wilc1000: validate pairwise and authentication suite offsets * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb 6ca24c6dff081dc9764fcec462aff7c28bb3c479 linux-buildinfo-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 507602ed5f9503bc6aea6cfa8c8e7778ff6fe10c linux-cloud-tools-4.15.0-217-tuxcare.els5_4.15.0-217.228_amd64.deb 7402182d026b52655e47515918660f4d3d096aa6 linux-cloud-tools-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb b70f2e14fc09b06b0e9da4d39268015934c40186 linux-cloud-tools-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 9d7da4ebe8c383af96bf8c8d105b7f5797f43fcd linux-cloud-tools-common_4.15.0-217.228_all.deb ab4af86f0c6f4d353266bcecf527db03ab6f0b98 linux-cloud-tools-generic_4.15.0.217.228_amd64.deb 0d36ab66b3d17ee717f8f20da8317430af202930 linux-cloud-tools-lowlatency_4.15.0.217.228_amd64.deb 12f25875cf27960b57f5ba0914da848d1e0ed60c linux-crashdump_4.15.0.217.228_amd64.deb 33a2ef49f20d587a9b34d1a0ad982b8c95ffb79c linux-doc_4.15.0-217.228_all.deb b43bc3199a60fdd669c928db308104d34f1a18e1 linux-generic_4.15.0.217.228_amd64.deb 5a14577a909444310568334c820527d6d6ea218c linux-headers-4.15.0-217-tuxcare.els5_4.15.0-217.228_all.deb 9267512563aa173155c7623dbc28f62fbb4c3142 linux-headers-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb 5fc5360f897996ef143efc0ba8ae10a6fe5f68b3 linux-headers-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb f41f8e92d8f42aca76bb5c5b213d57659da899bf linux-headers-generic_4.15.0.217.228_amd64.deb 4cb2a19d824870b5445e1861f0fefecb26dd5518 linux-headers-lowlatency_4.15.0.217.228_amd64.deb 575113d0d19dac266dd665e28ebf922913d964a7 linux-image-generic_4.15.0.217.228_amd64.deb 0fe6f63dee1ff27c2b3715864487cc2df57f0981 linux-image-lowlatency_4.15.0.217.228_amd64.deb bcb31e8c5eaf3f343ecc57b13acafc11ea765594 linux-image-unsigned-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb b295ff886d0f92a18c57533bdbbad3dea7efcb00 linux-image-unsigned-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 022afc0104bb98f22ff43f9ca63de85fef57ecdc linux-libc-dev_4.15.0-217.228_amd64.deb 680a74a0ba2102d2484060d7ee430fcdd55b962a linux-lowlatency_4.15.0.217.228_amd64.deb bcf8ff8e28f36aec150d87d6984eeba616384c8c linux-modules-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb f5212aae9a6affca5ea1a61221be1e59e945e0ee linux-modules-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb d9a84a1f3a3d8a6e388f3c21f4a1c9505ea33119 linux-modules-extra-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb 85e51f56e0cefa4aa8d06f15c67b99e475358573 linux-source_4.15.0.217.228_all.deb 0ea2ac736938109a17b9514f53091626922ba0a3 linux-source-4.15.0_4.15.0-217.228_all.deb fdd1cdeb3a3102bb1b85a8651d0e339bc40003e8 linux-tools-4.15.0-217-tuxcare.els5_4.15.0-217.228_amd64.deb f764163cbbf6b4e61e42d30ef3eb7aede60b115e linux-tools-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb dc19850fe53bbb78fad599277810c0ca7da29e8e linux-tools-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb 05c911e77b69ffdf17b9e521bbbe9131d8074032 linux-tools-common_4.15.0-217.228_all.deb ef20597f8d0224685ec07587ab152e61856ed4b9 linux-tools-generic_4.15.0.217.228_amd64.deb 6ad9652d43a4ac5ad07cffbfee98519ec486edbd linux-tools-host_4.15.0-217.228_all.deb 985ba7da803f22c8ec77409af2155c55d125ed74 linux-tools-lowlatency_4.15.0.217.228_amd64.deb 138b6691092d1ff4ff7b2d7da37b4c05df3ff996 CLSA-2023:1695752345 TuxCare License Agreement 0 * SECURITY UPDATE: a heap buffer overflow triggered in display_debug_section() at binutils/readelf.c - debian/patches/CVE-2022-45703.patch: combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-45703 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a heap buffer overflow triggered in display_debug_section() at binutils/readelf.c - debian/patches/CVE-2022-45703.patch: combine sanity checks, calculate element counts, not word counts, fix typo - CVE-2022-45703

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 788063dff8f0fbe34b261acdeee7fa7c07254b3c binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 9e7a66d998d17f1d737eeecaeb3f4839149218f4 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 8ed28106492a9345dd965747b56afc04fde2a89c binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 61e34f4208be95e7e7fdebf4cf6d823c53acf290 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 8341b9f39ac7009af9392a0a2ed69e91a9cf7279 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 279be7c87d44013b5fe4223ccb23dcda1d105887 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb bfafe0c348256a81273a0c827446998a68b738df binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els4_all.deb 4bab292e9553fc67dbc5cf53f3425d98a5368572 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els4_all.deb 272b7e4fb8ac3eaf21eb0726d2ccf3caf71a3f7a binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb dbd6b0d8c181f8a6cf4cce18622e67ca24d18197 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 50c41a8b451af9f57744a9198a13dd8e5d374fea binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb e5abd88cb664380f3b65a8e8579574098f65ff12 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 60c766dac7af3aea474f655f59a5555abcfba0dd binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb f3a2c240b7d557482371b5850f3c586ad8f87974 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 252879eb6242e71b7cec51105a2d35f4f9446697 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb d434f1f8df030d34e7342f8075e1c7b54a9d99e1 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 0271d4fb8b9cc670daa6016528ead46d5480d99d binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 1e05531c1fd68eee5a7da09463d760638ae299cf binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 50e5e88ea73f5391661a2ddbf349cae64231f88f binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 6417edeb2233646a4e740bcf5978a48aeca0b3bf binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 3c756c2029f004f20bda63d851e9f8d64b58df18 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 9302b0edc50ce5e6f1e800d5bf86332a21156aff binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 01b5dc5cf3f08f8fc270434997e63e7b839acc5c binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb b85ba9b14a6b426bc5ea3992c8f498ffac0101f8 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 24e1bb201ed9fe3f08a50bdfa587858b64935af6 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb cdea096482206f02fe606c186332b84b8f27f888 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 58afa6cb185a7720cf577cb75e06cb9e3315d883 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 794e597fad9622f7bf6bfbfff01d115a9c8cd600 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 673c964d7eb12daadbe9104421ad563b35c08877 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb c7713d9f245ffb0e8def4cdfbefe4af095d0a2f9 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 7ff0e01fd757efe2984e241c2bca1dffe02e672e binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 66d02bfdfbccec58c44472336f0fb6c900576dad binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 6a95d2fb1b1aa4fbf880cabbadb4a0b007ee93ac binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 911c91b262a1a83536df3aca18433e815230141f binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 31d9b764f9eb495114b98781ac5aa36a05ee80ec binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb f6cf6fb5986888afc0948fe93fd771f7659b503e binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 9a34221006ec86b41c65d9071198013b37ab37ac binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 06ceeea7d63e58bc7eba052a3841ba598af6f0a3 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els4_all.deb c17f0660fa3197d8735aef425e81892400c242c6 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 1bc74ae05fb329560b67790e6319f43fe44319a1 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 9ed800109516e610ac0fa0bdaa904335973b659e binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb 9101240c56370f3714382193b9d1eddc76ee6773 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb a7dc79b9d1609d4d36d1f32aa462ebf80bf8196d libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els4_amd64.deb c19527008b870e7a1f85a575015b4e3f9750429e CLSA-2023:1695900880 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - vmlinux.lds.h: Create section for protection against instrumentation - x86/cpu: Move arch_smt_update() to a neutral place * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: Fix to check for kmemdup failure * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - vmlinux.lds.h: Create section for protection against instrumentation - x86/cpu: Move arch_smt_update() to a neutral place * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: Fix to check for kmemdup failure * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb 3c8f2aaf29c2d02dc3e8eb17fd22bb09d8f71c34 linux-buildinfo-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 2045d1e990f1ce80be2b6200e5e254e584006e1d linux-cloud-tools-4.15.0-218-tuxcare.els6_4.15.0-218.229_amd64.deb 2e88ffe01e033170d632b8fdbed5637c96d08107 linux-cloud-tools-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb 90ec66bcb9b6a62d71a11b09cae5e02d86141dd2 linux-cloud-tools-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 3348e12b99e87d4288901500fbc0ae70db3b6467 linux-cloud-tools-common_4.15.0-218.229_all.deb 20dc964b4107fcb3a1d3467eb8ddf8e53efe0fac linux-cloud-tools-generic_4.15.0.218.229_amd64.deb 9e8c824f452a4f5b75705fd00a6f4acaabdaca80 linux-cloud-tools-lowlatency_4.15.0.218.229_amd64.deb 6fcf634e9f7091e817d7b6e4fce997393312b9d0 linux-crashdump_4.15.0.218.229_amd64.deb 320eb4b59c7041589dd33b792409f0010f041228 linux-doc_4.15.0-218.229_all.deb 48ab608da0b024cbbb65b10a54b259d40e3462b7 linux-generic_4.15.0.218.229_amd64.deb 46491f9f9155a8c5dadf0ac0f0d21ede65c8aa61 linux-headers-4.15.0-218-tuxcare.els6_4.15.0-218.229_all.deb 4b6716e64fc1c3cc45b00a49daf2e95e58e01a1a linux-headers-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb e6e978545e4ad849431276cb182f4416bc0a15c0 linux-headers-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb a2ee7814395a75802717a5c23dacb5236bf50eb5 linux-headers-generic_4.15.0.218.229_amd64.deb 1efcc9d8ba116bc17a77deaa5494f285151c540a linux-headers-lowlatency_4.15.0.218.229_amd64.deb d53294ab01be77a51c44c19fc09bdbf4567a69bc linux-image-generic_4.15.0.218.229_amd64.deb 8b06b645fd96bba3464e4bdbfc6f17f74cb98339 linux-image-lowlatency_4.15.0.218.229_amd64.deb 8780b9c0e2899a56fa00b2803204471069431dbc linux-image-unsigned-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb d82b47a6af88a953b653bc7bb7af9e8c01384a69 linux-image-unsigned-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 17e610352fdf3360827f3a312fa55b4fad6bab46 linux-libc-dev_4.15.0-218.229_amd64.deb 079559df9dafafc88abbc9244d63ff87eb0bc571 linux-lowlatency_4.15.0.218.229_amd64.deb c823972a1405700ea64335e2681a941117a95e37 linux-modules-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb c9993ad7470c8b7eefa1fb2aec257bee9f92c4b4 linux-modules-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb a2480c70fb35a2102e0b49cbd11f0de545757450 linux-modules-extra-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb ffaeada1acb1d448310bfffb1e3f4979adc68c27 linux-source_4.15.0.218.229_all.deb be835dd08d511ce1375349aa85104e470b5d4b89 linux-source-4.15.0_4.15.0-218.229_all.deb c4cfb220d87478baf0602a44e52d4a51cd973963 linux-tools-4.15.0-218-tuxcare.els6_4.15.0-218.229_amd64.deb 7c6f16e7c5475a926ffc99aa9c7515d4de66bb4b linux-tools-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb bf00a6719a2dd5514f88a1a7281e483382cc2827 linux-tools-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 29e6afa93bf41340521348e4946ce7addd5647f1 linux-tools-common_4.15.0-218.229_all.deb 5b2eb0dc9bcd53e9b7b1bb21df31d34ed8dc1f97 linux-tools-generic_4.15.0.218.229_amd64.deb 2ec56ef2041530bb02f0f0c13665bfda43c52dc1 linux-tools-host_4.15.0-218.229_all.deb f77e4917813b5a07b354b86e56e2482666843de2 linux-tools-lowlatency_4.15.0.218.229_amd64.deb e967ac4f1ba76e7bc9b64b35c7eafad4f54f730e CLSA-2023:1695901043 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - vmlinux.lds.h: Create section for protection against instrumentation - x86/cpu: Move arch_smt_update() to a neutral place * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: Fix to check for kmemdup failure * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - vmlinux.lds.h: Create section for protection against instrumentation - x86/cpu: Move arch_smt_update() to a neutral place * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: Fix to check for kmemdup failure * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb 3c8f2aaf29c2d02dc3e8eb17fd22bb09d8f71c34 linux-buildinfo-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 2045d1e990f1ce80be2b6200e5e254e584006e1d linux-cloud-tools-4.15.0-218-tuxcare.els6_4.15.0-218.229_amd64.deb 2e88ffe01e033170d632b8fdbed5637c96d08107 linux-cloud-tools-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb 90ec66bcb9b6a62d71a11b09cae5e02d86141dd2 linux-cloud-tools-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 3348e12b99e87d4288901500fbc0ae70db3b6467 linux-cloud-tools-common_4.15.0-218.229_all.deb 20dc964b4107fcb3a1d3467eb8ddf8e53efe0fac linux-cloud-tools-generic_4.15.0.218.229_amd64.deb 9e8c824f452a4f5b75705fd00a6f4acaabdaca80 linux-cloud-tools-lowlatency_4.15.0.218.229_amd64.deb 6fcf634e9f7091e817d7b6e4fce997393312b9d0 linux-crashdump_4.15.0.218.229_amd64.deb 320eb4b59c7041589dd33b792409f0010f041228 linux-doc_4.15.0-218.229_all.deb 48ab608da0b024cbbb65b10a54b259d40e3462b7 linux-generic_4.15.0.218.229_amd64.deb 46491f9f9155a8c5dadf0ac0f0d21ede65c8aa61 linux-headers-4.15.0-218-tuxcare.els6_4.15.0-218.229_all.deb 4b6716e64fc1c3cc45b00a49daf2e95e58e01a1a linux-headers-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb e6e978545e4ad849431276cb182f4416bc0a15c0 linux-headers-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb a2ee7814395a75802717a5c23dacb5236bf50eb5 linux-headers-generic_4.15.0.218.229_amd64.deb 1efcc9d8ba116bc17a77deaa5494f285151c540a linux-headers-lowlatency_4.15.0.218.229_amd64.deb d53294ab01be77a51c44c19fc09bdbf4567a69bc linux-image-generic_4.15.0.218.229_amd64.deb 8b06b645fd96bba3464e4bdbfc6f17f74cb98339 linux-image-lowlatency_4.15.0.218.229_amd64.deb 8780b9c0e2899a56fa00b2803204471069431dbc linux-image-unsigned-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb d82b47a6af88a953b653bc7bb7af9e8c01384a69 linux-image-unsigned-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 17e610352fdf3360827f3a312fa55b4fad6bab46 linux-libc-dev_4.15.0-218.229_amd64.deb 079559df9dafafc88abbc9244d63ff87eb0bc571 linux-lowlatency_4.15.0.218.229_amd64.deb c823972a1405700ea64335e2681a941117a95e37 linux-modules-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb c9993ad7470c8b7eefa1fb2aec257bee9f92c4b4 linux-modules-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb a2480c70fb35a2102e0b49cbd11f0de545757450 linux-modules-extra-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb ffaeada1acb1d448310bfffb1e3f4979adc68c27 linux-source_4.15.0.218.229_all.deb be835dd08d511ce1375349aa85104e470b5d4b89 linux-source-4.15.0_4.15.0-218.229_all.deb c4cfb220d87478baf0602a44e52d4a51cd973963 linux-tools-4.15.0-218-tuxcare.els6_4.15.0-218.229_amd64.deb 7c6f16e7c5475a926ffc99aa9c7515d4de66bb4b linux-tools-4.15.0-218-tuxcare.els6-generic_4.15.0-218.229_amd64.deb bf00a6719a2dd5514f88a1a7281e483382cc2827 linux-tools-4.15.0-218-tuxcare.els6-lowlatency_4.15.0-218.229_amd64.deb 29e6afa93bf41340521348e4946ce7addd5647f1 linux-tools-common_4.15.0-218.229_all.deb 5b2eb0dc9bcd53e9b7b1bb21df31d34ed8dc1f97 linux-tools-generic_4.15.0.218.229_amd64.deb 2ec56ef2041530bb02f0f0c13665bfda43c52dc1 linux-tools-host_4.15.0-218.229_all.deb f77e4917813b5a07b354b86e56e2482666843de2 linux-tools-lowlatency_4.15.0.218.229_amd64.deb e967ac4f1ba76e7bc9b64b35c7eafad4f54f730e CLSA-2023:1696351864 TuxCare License Agreement 0 * SECURITY UPDATE: uninitialized-heap vulnerability in function tic4x_print_cond in file opcodes/tic4x-dis.c - debian/patches/CVE-2020-35342.patch: Init all of condtable - CVE-2020-35342 * SECURITY UPDATE: a memory consumption issue in get_data function in binutils/nm.c - debian/patches/CVE-2020-19724.patch: Free dyn_syms - CVE-2020-19724 * SECURITY UPDATE: a memory leak when process microblaze-dis.c - debian/patches/CVE-2020-21490.patch: Use strbuf rather than strdup of local temp - CVE-2020-21490 * SECURITY UPDATE: an issue relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service - debian/patches/CVE-2020-19726.patch: Fix parsing a corrupt PE format file - CVE-2020-19726 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: uninitialized-heap vulnerability in function tic4x_print_cond in file opcodes/tic4x-dis.c - debian/patches/CVE-2020-35342.patch: Init all of condtable - CVE-2020-35342 * SECURITY UPDATE: a memory consumption issue in get_data function in binutils/nm.c - debian/patches/CVE-2020-19724.patch: Free dyn_syms - CVE-2020-19724 * SECURITY UPDATE: a memory leak when process microblaze-dis.c - debian/patches/CVE-2020-21490.patch: Use strbuf rather than strdup of local temp - CVE-2020-21490 * SECURITY UPDATE: an issue relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service - debian/patches/CVE-2020-19726.patch: Fix parsing a corrupt PE format file - CVE-2020-19726

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 2764ef76b2d792347b1aed1f1f3c7756fc2a649b binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb cb381b8f2700373b9e76ad5a43e657f2339dffe5 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb d7c2914dc57f2b9e9202a270409a4cdd4a4eda7e binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb e5b724b68b844c9006d87f31a285bec58a1e1117 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb e4249489e03b2e87c2990dbfa35f2089e20397df binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb f21526210123e8b49535c93452cc3fcacdcff750 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 1f3650f7e1549db4373144746ae946a595fac1f3 binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els5_all.deb b933904255f829eaabc280680a4ec54c8d8f670a binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els5_all.deb 717a34f0b0b938ba281cd905d11e5bba43da6e2e binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 279322c050f89836cca0a61901e8af3673e35fdb binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 6199934dca25604768c235f6ded64003c185b6e1 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 789627ad10cc033eeb2c137e97f05e625b9d68de binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 823596e76953eaeeffff690598f9aec68f3e3299 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb d7257befd7493329723208ccec7349d6911f8e38 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb ceca3ada0daeb7be4dffb29cb038fbcf1ffd04b0 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb cb242670cc73819fa043709fe7d620ba67ca9d17 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb a7cef85a9ae58fbfa8c508e7add383fab9cdef3b binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb c1bcede782009658bb0b7086c72e2ca36d3a1b5b binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 8a93f93582085ab1c32b7e1b34896ee63354872d binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb ab2659a00af9f9fa711cfb98ec9cb924940c67cf binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb c758ba6fadd6c70fd91c313312f1ee73d278e064 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb ead1595d4d4142ab3c12e122fb2d3b0332b14db9 binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb b918afc6f1783db205bdf3ffb27635ff0574e1c2 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 02442daa3e9f0f393f45e2f1a1e4fea03cdafebd binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb b95af85c8c84136911f62318e7d4be0dd846089e binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 3a4f409661a77b4021678851151503d51be2e072 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb d11456c750ff1321c5abd92dd206244e47868eb6 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 20b71913a13cb3a8ca632979cde19c96676eabca binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 9f445e58c1ba02a9a8d10bba4e893f3634792c89 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 28de74a7d2bba0771585e202ae56b8aeada9a9ea binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 5079b1e5cf9babfca3f5878e8410bd3b1eac9b92 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 745de21f992a75380217d61fd6aacf07cc2c9603 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 50fbac6f264422cb212c787edc054b002c658818 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 66b55babcf9c2bf9c5741fbaa8bffa1893cd95cb binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb bf09dc7171f4229f8f9a2e71b40f7674fecabc26 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 7e276d9941f79dd894ae7769325eb596f9239d7f binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb bd655c655c8e4247e9ff4b41b6b0b3b582bd12c8 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb e7aa27188877237b53cba0dfdb5dc5a6cd3ed42b binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els5_all.deb 88510f45b356294173ad9394abb157cb1bf705e1 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb e15a76550db8f3c0cf6d4a154b52c23edec9f2ef binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 65051fe03b33acb1a824e38762d57761e7d9db42 binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 0c05a9629bba8d6254d1320a5bf5baa7f9ab43f2 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb f79ab4f4940b889163e502276d7cbb682b739bce libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els5_amd64.deb 577af3ca59f56ebeb946c51bb94182e41ddd91e9 CLSA-2023:1696351966 TuxCare License Agreement 0 * SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: a memory leak that allows remote attackers to perform a denial of service via the "identify -help" command - debian/patches/CVE-2022-48541.patch: added missing calls to destroy methods - CVE-2022-48541

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 85abe4a9e9021f7177ff2feee7e851de4e92dd7d imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 795772123bcb3a388d5e3561df46b6b189415531 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 06d52fb5c2700136214fbbbd7add65a86eef4f0c imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 0df588aee2576637c94351deda56085a442cc487 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb a6932ec4798534a775e5db1f12aa714872b148d4 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb e659e42965fb778b2cefe33ae1ef238eeea85a27 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 78c6062eb8b2ed886885264b0ebaca1cb021adb2 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 3e406c099394c838f7e7563bf63fefa16666b940 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 51b1f855a740f8e0cae8e6f554c6b2fa7beee2dc libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 366a658c2e63c4f32e7ea607d526e84635bd8788 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 237b3ab359a5e3e99f899befa9696e142a3a5e5e libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 86b5e97e042249c488653ee98ce410afb74ef115 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 384439ed8c5f349766a39c06261ac13768306f36 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 8c9d7261be1397acbcf3fda636388f0773fff3d5 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 1935bdf49939c77b81c7ab753f9364069c7a2d4c libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 288b9dba3ade9258802784c64bc4018bc3610949 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb b73b6b8a7bbf18eec48f47a9cf579acfd4a486c4 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 47e221cc1a2ebcc568de8859cead4c9fddc185e8 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 08a2461391effc5f734fc0408c623e2b20d0ee8c libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 1ea17047af1f0fc997c84a2559f3a37a4074e7ef libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb fe323a5c59db2607d51a2efc2bf1f2df854256b4 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 0059ad1b214747018b5fc2658ba5571fdb335a37 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb e16011953bb04025e8dba6af293729c6878d0e19 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 5b406b0912837d09d86147abfe956f53fb66aa08 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 0a8535aaa641b44e7816979353bbe176c0546d58 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 67b21a5359b97e10acfccbe6ec9a9668fce37c13 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 2f833fb05ac2fdad0398273e4cbbcd0a2ae1ca18 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 4d3481b40c6e78bbaa062db05d7bc7dea88865d6 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb 58c6b5a31e7e7500d16157ecfd89b5ec61876e9f libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_amd64.deb a208f71f312d86c89719146a4c784dc4363687cb libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 5e1bd6be2ebc25a54d9e8214a805044cdfa08cdd perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els3_all.deb 5688a74f5526f8fd09ca71e029cf1cd23b5336a8 CLSA-2023:1696352041 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service - debian/patches/CVE-2022-48571.patch: fix the crash when receiving multi-packet uploads in UDP - CVE-2022-48571 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service - debian/patches/CVE-2022-48571.patch: fix the crash when receiving multi-packet uploads in UDP - CVE-2022-48571

0 tuxcare-ubuntu18.04-els memcached_1.5.6-0ubuntu1.2+tuxcare.els1_amd64.deb 33cbc3306a238163cfd09a79fcf94cc4836ede1f CLSA-2023:1696537563 TuxCare License Agreement 0 * SECURITY UPDATE: SQL injection when @extowner@, @extschema@, or @extschema:...@ appeared inside a quoting construct (dollar quoting, '', or "") - debian/patches/CVE-2023-39417: reject substituting extension schemas or owners matching ["$'\]. - CVE-2023-39417 -- Pavel Kopylov <pkopylov@cloudlinux.com> Fri, 15 Sep 2023 10:55:03 +0300 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: SQL injection when @extowner@, @extschema@, or @extschema:...@ appeared inside a quoting construct (dollar quoting, '', or "") - debian/patches/CVE-2023-39417: reject substituting extension schemas or owners matching ["$'\]. - CVE-2023-39417 -- Pavel Kopylov <pkopylov@cloudlinux.com> Fri, 15 Sep 2023 10:55:03 +0300

0 tuxcare-ubuntu18.04-els libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb dfcd43c7e4a2c5d25263397a1732b4f06b91c49a libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb d31cc9c4182a40379c09cae6c6f223ddc79725ea libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb e6a9d63230eccbc5f806c0cc6086ff42fd818031 libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb 48264a897e034c9a1adfe73cedfd34562ef68c5f libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb f2317d786246ef0fabad18e6d740e355832122c5 libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb f7dbed40781673e6a751a54dff1350ab8bd219cc postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb 406b60c982d47b710150c64180a5f991472521c9 postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb 7894119be32d2a80d723138dc09f3343dc186716 postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_all.deb 608b8d1b6b136497a8f7964df14f8483fa8801f3 postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb 62d1edc89120e65b1d506ee8335a75ac7c02120f postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb 296b5288da0cc1b0348b3a415ba419a42bc6599d postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb 823eeeac31e8d89e7f3a02db75952df47c36d052 postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb c36fcba48ac346d2f7a31233788f90893d318c77 postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb d40fb3a35c03b23926505cc96fb19b93744ce237 CLSA-2023:1697016628 TuxCare License Agreement 0 * SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2023-42114.patch: fix possible OOB read in SPA authenticator - CVE-2023-42114 - debian/patches/CVE-2023-42116.patch: fix possible OOB write in SPA authenticator - CVE-2023-42116 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2023-42114.patch: fix possible OOB read in SPA authenticator - CVE-2023-42114 - debian/patches/CVE-2023-42116.patch: fix possible OOB write in SPA authenticator - CVE-2023-42116

0 tuxcare-ubuntu18.04-els exim4_4.90.1-1ubuntu1.10+tuxcare.els2_all.deb bfa7923f371af975986a64ba0e346eb311bdf950 exim4-base_4.90.1-1ubuntu1.10+tuxcare.els2_amd64.deb c3b96e3f956bc89559805faab0aa102a773a6917 exim4-config_4.90.1-1ubuntu1.10+tuxcare.els2_all.deb 53163128ff3c0d39d5fbedf2b367e5850a7dbefa exim4-daemon-heavy_4.90.1-1ubuntu1.10+tuxcare.els2_amd64.deb 12c2850ebe6ea59001193da2b2f19a256bdadb2d exim4-daemon-light_4.90.1-1ubuntu1.10+tuxcare.els2_amd64.deb fb9a2f1134c45c98149cefaeb0dfd9b166abb231 exim4-dev_4.90.1-1ubuntu1.10+tuxcare.els2_amd64.deb bfe3ab48443198aa990e056542c608fbf91e62ec eximon4_4.90.1-1ubuntu1.10+tuxcare.els2_amd64.deb 90a705c87ba688f60b1c85ea2a3b8b6b8e906b2a CLSA-2023:1697016696 TuxCare License Agreement 0 * SECURITY UPDATE: Heap buffer overflow - debian/patches/CVE-2023-4863-pre.patch: prepare sources to be patched - debian/patches/CVE-2023-4863-1.patch: first, BuildHuffmanTable() is called to check if the data is valid. If it is and the table is not big enough, more memory is allocated. This will make sure that valid (but unoptimized because of unbalanced codes) streams are still decodable. - debian/patches/CVE-2023-4863-2.patch: fix memory error - debian/patches/CVE-2023-4863-3.patch: remove unused code - debian/patches/CVE-2023-4863-4.patch: fix pointer offset int overflow - CVE-2023-4836 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap buffer overflow - debian/patches/CVE-2023-4863-pre.patch: prepare sources to be patched - debian/patches/CVE-2023-4863-1.patch: first, BuildHuffmanTable() is called to check if the data is valid. If it is and the table is not big enough, more memory is allocated. This will make sure that valid (but unoptimized because of unbalanced codes) streams are still decodable. - debian/patches/CVE-2023-4863-2.patch: fix memory error - debian/patches/CVE-2023-4863-3.patch: remove unused code - debian/patches/CVE-2023-4863-4.patch: fix pointer offset int overflow - CVE-2023-4836

0 tuxcare-ubuntu18.04-els libwebp-dev_0.6.1-2ubuntu0.18.04.2.tuxcare.els1_amd64.deb 5887b9542a2a000145e01352338cf78df3608bea libwebp6_0.6.1-2ubuntu0.18.04.2.tuxcare.els1_amd64.deb 529b8a2059b6748bd57ce534bb6438a1c6dd8d7a libwebpdemux2_0.6.1-2ubuntu0.18.04.2.tuxcare.els1_amd64.deb b379311662b8be2545d64be6280e287ea793484f libwebpmux3_0.6.1-2ubuntu0.18.04.2.tuxcare.els1_amd64.deb 8a25e70954f5fdc85a6251787e8ccf09e5f2076d webp_0.6.1-2ubuntu0.18.04.2.tuxcare.els1_amd64.deb ebdd4dc77120ae7b1b18ed728c4a728c22171a41 CLSA-2023:1697134108 TuxCare License Agreement 0 * SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341

0 tuxcare-ubuntu18.04-els bind9_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 3baef6162dbea16deedbb43f535324a8a167ba8a bind9-doc_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_all.deb 1a4841dea86b2632c5f72c91e7b1bd460ec2b62a bind9-host_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 3ccb62f035bda2c235e981858fcc86aacb269f48 bind9utils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 5547d6cc7494da026abe4b8fa9d3a55eaf6dd067 dnsutils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb d39bb8be42738b8315e30cbf1dd9f643203f4b3a libbind-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb b96e1f3bbddf279745eb770a2f8fa81e3f84b098 libbind-export-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb db3817f3d355bd40fac10fd52bcc05fef6753fd9 libbind9-160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 59a0207c9d2719910c9dcb1a2420ffccfa72ef21 libdns-export1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 271dfd05ee8b8d1935fd92040861ea1d85ef74b7 libdns1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb b3d102d6e4e5a1308c4726251bd191f67071a35a libirs-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb d92beeabeeba83ff176040e31179e4292ee9cb2b libirs160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 8c79d409dc32ce712d6fae3f0cf9382ddc79f5a9 libisc-export169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 8b98256c2f2f84cb6399224298d8d15e80a65b55 libisc169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 13c1f2ce7f354245858fa508dfc99ce770836fdd libisccc-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 3ce67484c9d65cabee55e545b667251458a0021e libisccc160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb c7046ebe305ea016137d1370d58ea040971e34f4 libisccfg-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 2745dd181c9b2792bf70f1dc02ba08d650af339e libisccfg160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 3bccbe5ac61f6d3029bcdac33897c315de3debdc liblwres160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els2_amd64.deb 423df55817a1775f2c2875912d3ae19cd8dbca01 CLSA-2023:1697462566 TuxCare License Agreement 0 * SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_all.deb 62795864a89ca89e5a1bbccee30fb0ea3f91a734 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb 8216a954745276401c8ebf273d8fc96b4a0b1fcf libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb f60282e571f95c6cfea405f3cb708741aab68a95 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb 6e6b287eb76fee31102ca6d333a94bcfc33c9b2d libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb 36c73bca3a4a0f1cc0433f3deca1ee7d96becf8b libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_all.deb 7c6311ab0b6422201d3ab86efa565e3ff4371ab6 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb 2097402d4a774c8b23f4ae3df427ee0c0b73c89a python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb fe72652e4f09b62472f3f6afe55621f2fd9850a6 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_all.deb 82e9ecf2fcb36cedb970432faa4fa346ff7342d5 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_all.deb 6b0f7123cf91c5ef1107c18f9a51fc0dfabd1934 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb 6a2782421d3ec12f3d843638a606e55a49044fdd python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els4_amd64.deb 3233453b1113688beab44965c40a6eeef098a1ec CLSA-2023:1697463155 TuxCare License Agreement 0 * SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Constant-time-defeating optimisations issue - debian/patches/CVE-2022-48566.patch: Make compare_digest more constant-time - CVE-2022-48566

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_all.deb 156137cc935ffed5b78a90d18ec0c17108183e13 libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb db66fe3a5a57789c6a90c64b32cd431d5596f9ca libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb 34b6c43c46f1025180017669f7c4aefecdb63ec1 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb 0beec82c7d43ef8be58b7e058cb2be218c3fdf56 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb 26e30e01ca1c451f6f1b75efbf60a5b830e2404b libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_all.deb d4523db4679fb6295c60bd7b06af0bc3f182fb7d python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb b3d5bada8f7348c794a95272da3f58ecc765b8bb python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb a3460a2af973c1710191563ad9bc7d2770bd5522 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_all.deb 5bca17365a3d2b948067225819ac1e4dc3873f54 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_all.deb a28520e7d2037278d6bf3337b38256961cd33a87 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els4_amd64.deb 5771b6c5770e5bd0e95ef02d02ecad4543101b22 CLSA-2023:1697463318 TuxCare License Agreement 0 * SECURITY UPDATE: сookie injection with none file - debian/patches/CVE-2023-38546.patch: remove unnecessary struct fields in lib/cookie.c - CVE-2023-38546 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: сookie injection with none file - debian/patches/CVE-2023-38546.patch: remove unnecessary struct fields in lib/cookie.c - CVE-2023-38546

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb a5d133aa3cbbdf567f569cbe5580a719e55de844 libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb ed20a9e91fb480a15d78113c52160f6b091b1c91 libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb f272e2b70b8959a9352403a20fc2d69df3bc9c4f libcurl4_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb b7da334c17824d75885f4537b92b00626745ca0f libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els2_all.deb ec0eb3103a57fbd98699d7b009353c0aba7cfc7c libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb d4c83542b400ece023771aeadb7f4270d0d6945d libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb 30f43bdaedc48e9f622ac2e9ae85c8720239d3bd libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els2_amd64.deb 44a90259b604f08c5709b2c3343cfa8503bafd14 CLSA-2023:1697481097 TuxCare License Agreement 0 * Bump epoch * Disable ESM notification after installation: - remove ESM hook for apt-system - remove ESM infra/apps repositories from apt sources list * Automatically mark some pytest to skip if FIPS kernel is running in a disabled state (they always fail in this mode) None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump epoch * Disable ESM notification after installation: - remove ESM hook for apt-system - remove ESM infra/apps repositories from apt sources list * Automatically mark some pytest to skip if FIPS kernel is running in a disabled state (they always fail in this mode)

0 tuxcare-ubuntu18.04-els ubuntu-advantage-pro_29.4~18.04+tuxcare.els1_all.deb 1828f3f5a591b96491dffa316d03187b0e2dbe3a ubuntu-advantage-tools_29.4~18.04+tuxcare.els1_amd64.deb b46e6495500b4c3a86b633991f8ff476c47cfe45 CLSA-2023:1697576053 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 53eab00527781278f60e01caf030a7b4f6c260b7 cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb d1e6a334ae7fd07b4d72f1d5b8413247c53414ad cups-client_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 17104dee7f87159b4538b6a3a2b9d1da3b6405de cups-common_2.2.7-1ubuntu2.10+tuxcare.els2_all.deb da4871a1aeb0d63c4dbb9cccde730cad11cc8a39 cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb cf2af5ff0a703f6d9c0e30a70fe5f40864eb07bc cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 97f8b2b7b59b55766180a6a4dde335eb3bcaaa72 cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 58fd71b68a1a89d74fb26fd914efedc160d0a7d2 cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 4d7c5d6772b040783815363fb9823753c35f6630 cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els2_all.deb 307d47bb2930c7b17e7e9008fa4923c99808491c libcups2_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 5a6b6cfeb7f4454b48b6fff79dc2296674e1522d libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 8cfd8e8bf25b1cd792b3a5bab1cf87c40e27c458 libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 001480ce86e96777e992acef6265890fb3021855 libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 5df2f4c855e24bbcf9f9a5fc9941f7ba9b16f256 libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 27b75c0fd0cb12bf3b68ebc95a7985e7b30c73f0 libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 4bf3a4b52622985f0974b97ef67efaa1680c5b34 libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els2_amd64.deb 6513c79e68c00ad548d9f8f8f84ea0f1fcc5ae55 CLSA-2023:1697741849 TuxCare License Agreement 0 * SECURITY UPDATE: GVariant security issues - debian/patches/CVE-2023-29499-x-CVE-2023-32665/*.patch: fix multiple GVariant serialization issues - CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 * debian/patches/fix-g_test_bug-assertion.patch: Fix g_test_bug assertion in gvariant test * debian/patches/skip-several-failed-tests.patch: Skip several failed tests * debian/patches/libglib2.0-0.symbols: Add new symbol Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: GVariant security issues - debian/patches/CVE-2023-29499-x-CVE-2023-32665/*.patch: fix multiple GVariant serialization issues - CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 * debian/patches/fix-g_test_bug-assertion.patch: Fix g_test_bug assertion in gvariant test * debian/patches/skip-several-failed-tests.patch: Skip several failed tests * debian/patches/libglib2.0-0.symbols: Add new symbol

0 tuxcare-ubuntu18.04-els libglib2.0-0_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_amd64.deb 62f2cf94d984ea97c8f951d29bf250ebed5d5697 libglib2.0-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_amd64.deb adc4ecf8101731f2f5b9e3fa6dfffed56f942b8d libglib2.0-data_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_all.deb d6e64ab42a6be77362fce70ef32823b2d5067a51 libglib2.0-dev_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_amd64.deb 3fbfe2cd9c3d339f2975686e14c3ca35a4550533 libglib2.0-dev-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_amd64.deb 8329d574683283a5af77d5be7c3f102ef1d9d955 libglib2.0-doc_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_all.deb 10793b7979edb78fb704bbbb1a399d526a55250f libglib2.0-tests_2.56.4-0ubuntu0.18.04.9+tuxcare.els1_amd64.deb 99722e72e6880e35b0b91f699b119aff3d9bf380 CLSA-2023:1697742355 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487

0 tuxcare-ubuntu18.04-els libnginx-mod-http-auth-pam_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb d7cd05b12b4ae9c191078cdeab14f6f318d1c8d8 libnginx-mod-http-cache-purge_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb ff05e6c68acf00061dabbc2a43982aae9ad2cf43 libnginx-mod-http-dav-ext_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 8dbef3d9c4cf4864519622d9d31757d2fdc1077b libnginx-mod-http-echo_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 089aebf8f730eb35ea636dcffc07e7fdd0259fa4 libnginx-mod-http-fancyindex_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb c98084f9acf0ba1aa55ed6520f6b6738c370f490 libnginx-mod-http-geoip_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 0a56ba492fda3e491c2b56169308e23d1dfa228a libnginx-mod-http-headers-more-filter_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb cb452e81cb1ae4027e770418a5c26ed7e4368201 libnginx-mod-http-image-filter_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb c4fdbb1934cde69f41bb62630807beffa276dbb3 libnginx-mod-http-lua_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb b3681f3a94a84fa56f16829045bf0419dbf5f783 libnginx-mod-http-ndk_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 47c7477e71800918379b33e0e812cdbb06b36948 libnginx-mod-http-perl_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 6e3484943f202520c51d4f69ae123a35e788f0b7 libnginx-mod-http-subs-filter_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 2b95c28fb4fa22cd49b6b60b36fe60815110f607 libnginx-mod-http-uploadprogress_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 8e56c74668a8191b54cbca490868def90b78b198 libnginx-mod-http-upstream-fair_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 077116221a9043aa0acc9ed87334c48f36d3d5e1 libnginx-mod-http-xslt-filter_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb c4c5cdc6652787c83f7296a8612f655765851184 libnginx-mod-mail_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb edbf837540cec983e408d10ec0310a9efc1e56be libnginx-mod-nchan_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 8f107bd7910863836358bccf10082f44916327d6 libnginx-mod-rtmp_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 85569cb781e1d91a1cd89320b2cff24135fbf2f6 libnginx-mod-stream_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb a9deb7af428d23269d3b422d7c9aef59fe5d7afb nginx_1.14.0-0ubuntu1.11+tuxcare.els1_all.deb 1d5a8d74d3ccba5e0026071398dda5aaa5ef3987 nginx-common_1.14.0-0ubuntu1.11+tuxcare.els1_all.deb 200651ecfa5985f299b51748f3ce54d3b9db660f nginx-core_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 328d0769a859b26c36114db90070a0cfcd72a0a3 nginx-doc_1.14.0-0ubuntu1.11+tuxcare.els1_all.deb b5a701e88b207e951efa0078124763d955dbc2c5 nginx-extras_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb d6315e6355edf2b5d920fb7e8813a7857965769a nginx-full_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb ff11271b90a739d219d4e0309c4257050791711f nginx-light_1.14.0-0ubuntu1.11+tuxcare.els1_amd64.deb 060830fe32f8e746560d69d50c55ad91ef9076f7 CLSA-2023:1697744683 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * CVE-url: https://ubuntu.com/security/CVE-2022-45886 - media: dvb-core: Fix use-after-free on race condition at dvb_frontend - media: dvb-core: Fix use-after-free due on race condition at dvb_net * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * CVE-url: https://ubuntu.com/security/CVE-2022-45886 - media: dvb-core: Fix use-after-free on race condition at dvb_frontend - media: dvb-core: Fix use-after-free due on race condition at dvb_net * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb 9f58607d254391d36565554550a2b2a99817033a linux-buildinfo-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb 2a4793c066e52639d3f4281a6ceefe2d7c2b925a linux-cloud-tools-4.15.0-219-tuxcare.els7_4.15.0-219.230_amd64.deb 79290640c020fa04296eec3f9997297df920de8e linux-cloud-tools-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb c2a4c144595679c71d496ab73bfc14ce286674be linux-cloud-tools-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb e117f2440e9a17ad52369f30602ee832e08b337f linux-cloud-tools-common_4.15.0-219.230_all.deb e8fdc812a1a8c250564b3dd8f37b817f28863654 linux-cloud-tools-generic_4.15.0.219.230_amd64.deb c5a0649f2674bebac4e3adc245ed7c86864159eb linux-cloud-tools-lowlatency_4.15.0.219.230_amd64.deb 341f0f25a5fa39b7f5183712fc2585ba8455f7c4 linux-crashdump_4.15.0.219.230_amd64.deb f472da78583ffb57bb9e511ce516ed7dfbee707b linux-doc_4.15.0-219.230_all.deb d437fb88aea674b29d769caec14d29de180a3e00 linux-generic_4.15.0.219.230_amd64.deb 945df9733446b4ba97b4fe42489883abf9653bfd linux-headers-4.15.0-219-tuxcare.els7_4.15.0-219.230_all.deb 0a4e62929fea3c7ac5b8a6671fdce26540efd648 linux-headers-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb ef793e65dae0a5b4fe5dc2df27df7cf8598aba9f linux-headers-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb e5dc902fb918f2fe30aa4df1dc63a860bba1d5f5 linux-headers-generic_4.15.0.219.230_amd64.deb eac5f777957bf81b0d27a9bb9745e4c530a3b7c1 linux-headers-lowlatency_4.15.0.219.230_amd64.deb 9bbfe2c59e8435342ea1b42dec6fdedfa05bbe85 linux-image-generic_4.15.0.219.230_amd64.deb 76621cfcd428881876ccf05cc369c49b4520b3d7 linux-image-lowlatency_4.15.0.219.230_amd64.deb bd8658720770ec7ee89aa1ad1523993bd58b2ccf linux-image-unsigned-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb 8828bda0114b6d289856bfe599b4a3ed834d2481 linux-image-unsigned-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb dbb9289ea6063bbfc443a2854e1252a799d2f030 linux-libc-dev_4.15.0-219.230_amd64.deb 6cea8f2daa0bd006732d0607e39f5bd7a05ed257 linux-lowlatency_4.15.0.219.230_amd64.deb 8c8c328acd58f8f69377808d9c316afcd2ae0d1e linux-modules-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb b9e89dfc834a67dbb5260a82b67e1ac19d3f15da linux-modules-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb 0cf2341dd3749dd859c91b1867b79e1244a0a132 linux-modules-extra-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb 55529089522c48370377077d2b49c55bb5889b54 linux-source_4.15.0.219.230_all.deb e4495d239f67eaac519f9f874f62b2f5ef038fc8 linux-source-4.15.0_4.15.0-219.230_all.deb 4b62f6549deba1dcc057ecde7abad2a6c7cf8535 linux-tools-4.15.0-219-tuxcare.els7_4.15.0-219.230_amd64.deb 349f23f74a510a3547220c625fababde8bf56d4d linux-tools-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb f5d19e35ee7712716b68c0e5999ea8ec44a30179 linux-tools-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb 145c3cb980dd8560b88ef07ddbe22d1f81cb42cd linux-tools-common_4.15.0-219.230_all.deb 560fb78b39d4d0f018172b329e6f5b1a04124cf6 linux-tools-generic_4.15.0.219.230_amd64.deb b36b7910f775e1891ec9c762b8590517c2be3cfb linux-tools-host_4.15.0-219.230_all.deb e95ba88e3aea59f3d078122afed598a280895dc6 linux-tools-lowlatency_4.15.0.219.230_amd64.deb 381edafe4a22db54a2ffc6ab68768a0b559a9ef3 CLSA-2023:1697744819 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * CVE-url: https://ubuntu.com/security/CVE-2022-45886 - media: dvb-core: Fix use-after-free on race condition at dvb_frontend - media: dvb-core: Fix use-after-free due on race condition at dvb_net * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier * CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrm_address_filter OOB read * CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-url: https://ubuntu.com/security/CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-url: https://ubuntu.com/security/CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * CVE-url: https://ubuntu.com/security/CVE-2023-3338 - [Config] updateconfigs for DECNET * Jammy update: v5.15.118 upstream stable release (LP: #2030239) // CVE-url: https://ubuntu.com/security/CVE-2023-3338 - Remove DECnet support from kernel * CVE-2023-1206 // CVE-url: https://ubuntu.com/security/CVE-2023-1206 - tcp: Reduce chance of collisions in inet6_hashfn(). * CVE-url: https://ubuntu.com/security/CVE-2022-45886 - media: dvb-core: Fix use-after-free on race condition at dvb_frontend - media: dvb-core: Fix use-after-free due on race condition at dvb_net * Miscellaneous Ubuntu changes - [Config] updateconfigs for NET_CLS_RSVP

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb 9f58607d254391d36565554550a2b2a99817033a linux-buildinfo-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb 2a4793c066e52639d3f4281a6ceefe2d7c2b925a linux-cloud-tools-4.15.0-219-tuxcare.els7_4.15.0-219.230_amd64.deb 79290640c020fa04296eec3f9997297df920de8e linux-cloud-tools-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb c2a4c144595679c71d496ab73bfc14ce286674be linux-cloud-tools-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb e117f2440e9a17ad52369f30602ee832e08b337f linux-cloud-tools-common_4.15.0-219.230_all.deb e8fdc812a1a8c250564b3dd8f37b817f28863654 linux-cloud-tools-generic_4.15.0.219.230_amd64.deb c5a0649f2674bebac4e3adc245ed7c86864159eb linux-cloud-tools-lowlatency_4.15.0.219.230_amd64.deb 341f0f25a5fa39b7f5183712fc2585ba8455f7c4 linux-crashdump_4.15.0.219.230_amd64.deb f472da78583ffb57bb9e511ce516ed7dfbee707b linux-doc_4.15.0-219.230_all.deb d437fb88aea674b29d769caec14d29de180a3e00 linux-generic_4.15.0.219.230_amd64.deb 945df9733446b4ba97b4fe42489883abf9653bfd linux-headers-4.15.0-219-tuxcare.els7_4.15.0-219.230_all.deb 0a4e62929fea3c7ac5b8a6671fdce26540efd648 linux-headers-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb ef793e65dae0a5b4fe5dc2df27df7cf8598aba9f linux-headers-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb e5dc902fb918f2fe30aa4df1dc63a860bba1d5f5 linux-headers-generic_4.15.0.219.230_amd64.deb eac5f777957bf81b0d27a9bb9745e4c530a3b7c1 linux-headers-lowlatency_4.15.0.219.230_amd64.deb 9bbfe2c59e8435342ea1b42dec6fdedfa05bbe85 linux-image-generic_4.15.0.219.230_amd64.deb 76621cfcd428881876ccf05cc369c49b4520b3d7 linux-image-lowlatency_4.15.0.219.230_amd64.deb bd8658720770ec7ee89aa1ad1523993bd58b2ccf linux-image-unsigned-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb 8828bda0114b6d289856bfe599b4a3ed834d2481 linux-image-unsigned-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb dbb9289ea6063bbfc443a2854e1252a799d2f030 linux-libc-dev_4.15.0-219.230_amd64.deb 6cea8f2daa0bd006732d0607e39f5bd7a05ed257 linux-lowlatency_4.15.0.219.230_amd64.deb 8c8c328acd58f8f69377808d9c316afcd2ae0d1e linux-modules-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb b9e89dfc834a67dbb5260a82b67e1ac19d3f15da linux-modules-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb 0cf2341dd3749dd859c91b1867b79e1244a0a132 linux-modules-extra-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb 55529089522c48370377077d2b49c55bb5889b54 linux-source_4.15.0.219.230_all.deb e4495d239f67eaac519f9f874f62b2f5ef038fc8 linux-source-4.15.0_4.15.0-219.230_all.deb 4b62f6549deba1dcc057ecde7abad2a6c7cf8535 linux-tools-4.15.0-219-tuxcare.els7_4.15.0-219.230_amd64.deb 349f23f74a510a3547220c625fababde8bf56d4d linux-tools-4.15.0-219-tuxcare.els7-generic_4.15.0-219.230_amd64.deb f5d19e35ee7712716b68c0e5999ea8ec44a30179 linux-tools-4.15.0-219-tuxcare.els7-lowlatency_4.15.0-219.230_amd64.deb 145c3cb980dd8560b88ef07ddbe22d1f81cb42cd linux-tools-common_4.15.0-219.230_all.deb 560fb78b39d4d0f018172b329e6f5b1a04124cf6 linux-tools-generic_4.15.0.219.230_amd64.deb b36b7910f775e1891ec9c762b8590517c2be3cfb linux-tools-host_4.15.0-219.230_all.deb e95ba88e3aea59f3d078122afed598a280895dc6 linux-tools-lowlatency_4.15.0.219.230_amd64.deb 381edafe4a22db54a2ffc6ab68768a0b559a9ef3 CLSA-2023:1697816189 TuxCare License Agreement 0 * SECURITY UPDATE: bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation - debian/patches/CVE-2023-41360.patch: don't read the first byte of ORF header if we are ahead of stream. - CVE-2023-41360 * SECURITY UPDATE: bgpd/bgp_packet.c processes NLRIs if the attribute length is zero - debian/patches/CVE-2023-41358.patch: do not process NLRIs if the attribute length is zero - CVE-2023-41358 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation - debian/patches/CVE-2023-41360.patch: don't read the first byte of ORF header if we are ahead of stream. - CVE-2023-41360 * SECURITY UPDATE: bgpd/bgp_packet.c processes NLRIs if the attribute length is zero - debian/patches/CVE-2023-41358.patch: do not process NLRIs if the attribute length is zero - CVE-2023-41358

0 tuxcare-ubuntu18.04-els quagga_1.2.4-1+tuxcare.els1_amd64.deb 9973ddf2f07eb324518e5ab5dd5461038938d361 quagga-bgpd_1.2.4-1+tuxcare.els1_amd64.deb 4d9f10fc4ea39a16f123befec11c36b7f1e5bf4d quagga-core_1.2.4-1+tuxcare.els1_amd64.deb fb7277a97468eceaa80147c9390a46480b703916 quagga-doc_1.2.4-1+tuxcare.els1_all.deb 2f2a965ab160bb238f8ff8877fe393d1e9c3effc quagga-isisd_1.2.4-1+tuxcare.els1_amd64.deb 2cb1109e111f07f8b3462cb5fc9b4e9335c2d795 quagga-ospf6d_1.2.4-1+tuxcare.els1_amd64.deb 221e5347e2f8bfc1534a20dc62c4883b2b11ed69 quagga-ospfd_1.2.4-1+tuxcare.els1_amd64.deb 688eb1c6a5510e3e5587f12323eb9d8b9083d622 quagga-pimd_1.2.4-1+tuxcare.els1_amd64.deb faaaf3ba7a844e9d35c4d53865aa990c263127c6 quagga-ripd_1.2.4-1+tuxcare.els1_amd64.deb 1b9ab1ccbbd8c6605d7f4a62f4e580803936e3b2 quagga-ripngd_1.2.4-1+tuxcare.els1_amd64.deb 12a350555befe7615882963a05b96be1f0f2f129 CLSA-2023:1698101945 TuxCare License Agreement 0 - CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-25193. - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-July/024064.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-25193. - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-July/024064.html

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 6e854251ef502da5e5f428ab8ef35c6a7db43ff8 openjdk-11-doc_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_all.deb 8c364f1987663b2cdca053cae1b92a348a45856c openjdk-11-jdk_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 7740c057f348800fdc18d0752318367325c67e3a openjdk-11-jdk-headless_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 317d6dd30dca3660af54e485be1ce4b6fe4ec35c openjdk-11-jre_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 455a2a865a2859ac2ce60de7e7fcda5adffe1ded openjdk-11-jre-headless_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb c1e0601d4a6733bdcb37a3f35a6e434b0ede8dd2 openjdk-11-jre-zero_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 82de444f33f622c2f5586497444773a0b8cbd835 openjdk-11-source_11.0.20+8-0ubuntu1~18.04.1+tuxcare.els1_all.deb c6856540c1a75b7e223c3b07f106a11325ee2ce3 CLSA-2023:1698179235 TuxCare License Agreement 0 * SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip4_64 - CVE-2023-45853 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip4_64 - CVE-2023-45853

0 tuxcare-ubuntu18.04-els lib32z1_1.2.11.dfsg-0ubuntu2.2+tuxcare.els1_amd64.deb 3750ed254448ae3eab7092a2c2b230d2ed8e6c34 lib32z1-dev_1.2.11.dfsg-0ubuntu2.2+tuxcare.els1_amd64.deb e24965a879e3cddcabc40e203db6689da86b3b0a libx32z1_1.2.11.dfsg-0ubuntu2.2+tuxcare.els1_amd64.deb 3c7dddd8d0c6c23d026f83d04cc6b6f1870ac07b libx32z1-dev_1.2.11.dfsg-0ubuntu2.2+tuxcare.els1_amd64.deb 52893753e2ec69bd210a1aca8bcb7359eac76dff zlib1g_1.2.11.dfsg-0ubuntu2.2+tuxcare.els1_amd64.deb 9bebcf36c7b98355507917a20c8ffa6642201404 zlib1g-dev_1.2.11.dfsg-0ubuntu2.2+tuxcare.els1_amd64.deb 3379bf62975ee19fe64ed04d77f264e7f2db1202 CLSA-2023:1698306895 TuxCare License Agreement 0 * CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU entry areas without KASLR * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity - x86/mm: Randomize per-cpu entry area - x86/cpu_entry_area: Move percpu_setup_debug_store() to __init section - x86/cpu_entry_area: Cleanup setup functions * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU entry areas without KASLR * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity - x86/mm: Randomize per-cpu entry area - x86/cpu_entry_area: Move percpu_setup_debug_store() to __init section - x86/cpu_entry_area: Cleanup setup functions * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 149bc0a871797ac2ce7bb3dd64a051c64135ac22 linux-buildinfo-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb fead75b53c78bd4f50c160ffb164f4ce6ac7409c linux-cloud-tools-4.15.0-220-tuxcare.els8_4.15.0-220.231_amd64.deb d265823e2ce8a84396b6c8b8df3c30b1789417e2 linux-cloud-tools-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb c687b078ee95395fa64a896498f1a418db9d14bb linux-cloud-tools-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 79842bfa9c291fa72fd1e2a3491cfb151bf29d65 linux-cloud-tools-common_4.15.0-220.231_all.deb fdb3674c6270bba811122889184b19c693c3c25e linux-cloud-tools-generic_4.15.0.220.231_amd64.deb e09c201dc5a332db7efcfc6c94d0710c11f13667 linux-cloud-tools-lowlatency_4.15.0.220.231_amd64.deb c6f4de100ac817b97912f4f8db49c8b67964e052 linux-crashdump_4.15.0.220.231_amd64.deb 0f2a8e3fe0287a6eb06f34a475f46e61f03304b2 linux-doc_4.15.0-220.231_all.deb b55c95b02a91ca6a88c18ae749bca24d24d1cf21 linux-generic_4.15.0.220.231_amd64.deb fff677dd765cf0d4628d4d303db93e0d7728bef5 linux-headers-4.15.0-220-tuxcare.els8_4.15.0-220.231_all.deb b8cf719a3fe85859e67c97d2e83618cba4cdbce7 linux-headers-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 07b2adbe0eb7c59921958a51f5f543aad7e6f753 linux-headers-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 99efc85aab9dbd2e2bf6823aba9d0f32332ba150 linux-headers-generic_4.15.0.220.231_amd64.deb f281e7eee296a60d67c73418c75fe9c51e4e38e2 linux-headers-lowlatency_4.15.0.220.231_amd64.deb 8b722de0c38e44cd305d4e2751ca877e7d729fa2 linux-image-generic_4.15.0.220.231_amd64.deb d94047256138e08fba6f63280d3dbd0821954169 linux-image-lowlatency_4.15.0.220.231_amd64.deb f205541fd5082337eecff3a772ba5d46ec133785 linux-image-unsigned-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb af4e39a3e697df185ff87814cccf54688e526012 linux-image-unsigned-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 7420aa8d019b8cd670a0a0099f607f6cc6329247 linux-libc-dev_4.15.0-220.231_amd64.deb 293ebe901ef51124602c90998e90aba25acb836a linux-lowlatency_4.15.0.220.231_amd64.deb 0223625b976f9db64a899ce7b5fec4ef0ca9e067 linux-modules-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 7f3ca0bd15e51cca9efc4754a6d00becee979ec7 linux-modules-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb a79f1429fbef1d820307d69b4c432ca5852a9f55 linux-modules-extra-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 32ebe809cf7d18d3355c481155a428af570aceeb linux-source_4.15.0.220.231_all.deb 861744c10d468d460d472983b858db5e3253cfe6 linux-source-4.15.0_4.15.0-220.231_all.deb 701a1c8f1f7b07d48272b1061c272595d3982974 linux-tools-4.15.0-220-tuxcare.els8_4.15.0-220.231_amd64.deb 405a1c5b955d6bea372494bed52464904fba2163 linux-tools-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb c45f98f0055b6143a91705c9274fd101270b9361 linux-tools-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 93d3c0ae1ddfe24d6cd20a2efb9935e2b951ad63 linux-tools-common_4.15.0-220.231_all.deb 7d495d32463f052c676bc46a2c7964bfc82d926b linux-tools-generic_4.15.0.220.231_amd64.deb df59d2f24f0f67acbe9d9f818a5022ce121e6d89 linux-tools-host_4.15.0-220.231_all.deb 01409e7f1b703db36790ae66deb1a89017049f48 linux-tools-lowlatency_4.15.0.220.231_amd64.deb ea99973589473de53174b35486cc6ffa5525bfae CLSA-2023:1698307021 TuxCare License Agreement 0 * CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU entry areas without KASLR * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity - x86/mm: Randomize per-cpu entry area - x86/cpu_entry_area: Move percpu_setup_debug_store() to __init section - x86/cpu_entry_area: Cleanup setup functions * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU entry areas without KASLR * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity - x86/mm: Randomize per-cpu entry area - x86/cpu_entry_area: Move percpu_setup_debug_store() to __init section - x86/cpu_entry_area: Cleanup setup functions * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 149bc0a871797ac2ce7bb3dd64a051c64135ac22 linux-buildinfo-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb fead75b53c78bd4f50c160ffb164f4ce6ac7409c linux-cloud-tools-4.15.0-220-tuxcare.els8_4.15.0-220.231_amd64.deb d265823e2ce8a84396b6c8b8df3c30b1789417e2 linux-cloud-tools-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb c687b078ee95395fa64a896498f1a418db9d14bb linux-cloud-tools-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 79842bfa9c291fa72fd1e2a3491cfb151bf29d65 linux-cloud-tools-common_4.15.0-220.231_all.deb fdb3674c6270bba811122889184b19c693c3c25e linux-cloud-tools-generic_4.15.0.220.231_amd64.deb e09c201dc5a332db7efcfc6c94d0710c11f13667 linux-cloud-tools-lowlatency_4.15.0.220.231_amd64.deb c6f4de100ac817b97912f4f8db49c8b67964e052 linux-crashdump_4.15.0.220.231_amd64.deb 0f2a8e3fe0287a6eb06f34a475f46e61f03304b2 linux-doc_4.15.0-220.231_all.deb b55c95b02a91ca6a88c18ae749bca24d24d1cf21 linux-generic_4.15.0.220.231_amd64.deb fff677dd765cf0d4628d4d303db93e0d7728bef5 linux-headers-4.15.0-220-tuxcare.els8_4.15.0-220.231_all.deb b8cf719a3fe85859e67c97d2e83618cba4cdbce7 linux-headers-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 07b2adbe0eb7c59921958a51f5f543aad7e6f753 linux-headers-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 99efc85aab9dbd2e2bf6823aba9d0f32332ba150 linux-headers-generic_4.15.0.220.231_amd64.deb f281e7eee296a60d67c73418c75fe9c51e4e38e2 linux-headers-lowlatency_4.15.0.220.231_amd64.deb 8b722de0c38e44cd305d4e2751ca877e7d729fa2 linux-image-generic_4.15.0.220.231_amd64.deb d94047256138e08fba6f63280d3dbd0821954169 linux-image-lowlatency_4.15.0.220.231_amd64.deb f205541fd5082337eecff3a772ba5d46ec133785 linux-image-unsigned-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb af4e39a3e697df185ff87814cccf54688e526012 linux-image-unsigned-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 7420aa8d019b8cd670a0a0099f607f6cc6329247 linux-libc-dev_4.15.0-220.231_amd64.deb 293ebe901ef51124602c90998e90aba25acb836a linux-lowlatency_4.15.0.220.231_amd64.deb 0223625b976f9db64a899ce7b5fec4ef0ca9e067 linux-modules-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 7f3ca0bd15e51cca9efc4754a6d00becee979ec7 linux-modules-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb a79f1429fbef1d820307d69b4c432ca5852a9f55 linux-modules-extra-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb 32ebe809cf7d18d3355c481155a428af570aceeb linux-source_4.15.0.220.231_all.deb 861744c10d468d460d472983b858db5e3253cfe6 linux-source-4.15.0_4.15.0-220.231_all.deb 701a1c8f1f7b07d48272b1061c272595d3982974 linux-tools-4.15.0-220-tuxcare.els8_4.15.0-220.231_amd64.deb 405a1c5b955d6bea372494bed52464904fba2163 linux-tools-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb c45f98f0055b6143a91705c9274fd101270b9361 linux-tools-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb 93d3c0ae1ddfe24d6cd20a2efb9935e2b951ad63 linux-tools-common_4.15.0-220.231_all.deb 7d495d32463f052c676bc46a2c7964bfc82d926b linux-tools-generic_4.15.0.220.231_amd64.deb df59d2f24f0f67acbe9d9f818a5022ce121e6d89 linux-tools-host_4.15.0-220.231_all.deb 01409e7f1b703db36790ae66deb1a89017049f48 linux-tools-lowlatency_4.15.0.220.231_amd64.deb ea99973589473de53174b35486cc6ffa5525bfae CLSA-2023:1698689602 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: h2: don't accept new streams if conn_streams are still in excess - CVE-2023-44487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: h2: don't accept new streams if conn_streams are still in excess - CVE-2023-44487

0 tuxcare-ubuntu18.04-els haproxy_1.8.8-1ubuntu0.13.tuxcare.els1_amd64.deb 931d6c169e8a245cf92467d8359bafa10e4705b8 haproxy-doc_1.8.8-1ubuntu0.13.tuxcare.els1_all.deb 7707964813cbd7e490775f12a5a3692d3f532035 vim-haproxy_1.8.8-1ubuntu0.13.tuxcare.els1_all.deb c347ff0a961838dadb4569f078ddf776ccc629d7 CLSA-2023:1698689712 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: Improvements to HTTP/2 overhead protection - CVE-2023-44487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: Improvements to HTTP/2 overhead protection - CVE-2023-44487

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 4e6d43a28bc48b4f34693db4f2009ab5993d0c14 libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 354c151c995ef30554e11faf69c2d9297bceacfd tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 6722705ffce5016a804842d75d7eac3c693913ee tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 10d1afe6904a752e9d5fa7ff5741a5b47a1ed002 tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 8757dd73211f1463cbf054e1286cc54cba33ec19 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 8af4e2d3a56fa8a52f5f91b46c5145f7fe5977b6 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb 96760c4d781f95a8be10ff8cc3781a4ab0c181c1 tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb b1443fb2be6bb3dc7b4a7a0bf4b1261bb96bf1d1 CLSA-2023:1698689824 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: Improvements to HTTP/2 overhead protection - CVE-2023-44487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: Improvements to HTTP/2 overhead protection - CVE-2023-44487

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb f040a16cceea981f1ca5ed8eb23362cb764bf738 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb ed32a89c18e7324e6a82bac58582ab66775d8f33 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb 5d0cc0b1719b32d8a6a25b0d7a2f058d8bc51382 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb 809684bb6799a682005e92c7204233a9d740ddbe tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb d8adbe0d3881dff0bede93be1d163a6e5d13330c tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb 01fd0b765c8e75ebe093f1e1c9a196d3879ed192 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb 647401492cc8731a9ae83a35ec971349b46fb01c tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els3_all.deb 8709e7e23381b4bcc9e964dd1a74e28edc0ff87c CLSA-2023:1698949430 TuxCare License Agreement 0 * SECURITY UPDATE: mod_macro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in mod_macro - CVE-2023-31122 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_macro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in mod_macro - CVE-2023-31122

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb 4718fedf6787c940741474f1398b37c7aed18f36 apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb c60cecfc16ddc7be0b77f2be0faabff45fc5f0fe apache2-data_2.4.29-1ubuntu4.27+tuxcare.els1_all.deb cee8e42d6bdd8870765c414f7dcce64e61222537 apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb c6bac7ae505d9b7f9e5b73e4078fae6a2f321792 apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els1_all.deb b714e6ae81b9e313d5f3d6343c056e5d357a8053 apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb 1f147f70cf352fd3e214a5077c22559d011f8416 apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb 3ac01c6a4df7916a55c1b8b3c1dd1db195db20d9 apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb 88270de9a10ec0ffc63016ad6a4c1d445afe7736 apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els1_amd64.deb caf842e7407a0eb05d1bcd0dc4376e406456c0af CLSA-2023:1699380962 TuxCare License Agreement 0 * SECURITY UPDATE: fix an attempt to allocate an unreasonably large amount of memory when parsing a corrupt ELF file - debian/patches/CVE-2022-48063.patch: Check for excessively large sections - CVE-2022-48063 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix an attempt to allocate an unreasonably large amount of memory when parsing a corrupt ELF file - debian/patches/CVE-2022-48063.patch: Check for excessively large sections - CVE-2022-48063

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb de731ce57d9583b7ae6edda24c0e80c7f3134f15 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 4e1273a3f3e37a4ecafb7d84aae31c503caf100b binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb f220042a3faa45072fa26933e1f434860ae3cab9 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 23dcc80f9c2b598886b3dbac86030bebf5fd8b5c binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb d9ebb1ce6b8f108649a85eb16e7d7c852e6dc815 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 6592441ec2a19353a1cbb2176c362da24a76cf87 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb dd185d74d360145f74b44e6b191122d60b66a9e3 binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els6_all.deb 2a92047f0bc3146513f02f9a831114227bf96ab0 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els6_all.deb 2667eca2253936637589348a85fe28a005f7edde binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 4dac5bd67eb2b52b4f38f3b82f40b4af286bdec7 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb ccae6e07bc104001d63d8f5e1c16a3624c00200c binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 46945a5310f6c8ad94c15e6ba58dc724dc51a6ae binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 823210beb9d569c59ff44a11705e57eff5df56e0 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb a27c3d05fb85f146e269ae3f336a275146095cc4 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 77cc0ae2cf24db910a7a467ef52d66b017aa40ed binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb ada418a86772ab2d587c4024023600752fdd7cc8 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 96dc8a0824683da7833b55456e5e6011b974aa28 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 3cc66e48fe800b8d023034d1e24d7efd582868db binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 321a508c34842c649e3b3e9e5a167f9ccf112677 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 844da13a81f2957947dc608994a1a699518e090b binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 09410640f634bc7e058e3a1fc14a9085535cc62a binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb f29f35c5ebf57e71d759ecddeb7e64b4b91c6e98 binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb a8e69fc92d50bcc238d4838dc2314ff7459eea1a binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 2454973e71e3b552063bbe38b09afdc996842feb binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb c9340b0ab4ece398369bdd429317c2858779ff41 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 552ed913478f474287b3521b1578c4b17e152327 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 36ed63be28e773f91abd09e9bd0945a48c1c13e2 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 21c699437fec96417d953d00b5719ce10e36f4a7 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 23ca60f5886160926959c6bfcd68caa5f618e4d3 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb d7e6b2302a65e0ae8b0a876d6f87d527bc2a8871 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 40a703583a7a0a5be0707b495f6400b850badb3a binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb cdc2df050a53748b14a1cd446e9725425dc8014e binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 238b6256e62aca8bb0e263d75407881a479abd08 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb e846b73ae01b5dad1ce50090445dd102da33f6dd binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb f647dbd11d17f3afbcea14496aef54eec3d4f356 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 14af00cb7df31c3faabbb243dd492e085b72df64 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 18ae511b96c4f79b93c23e405ab67adda97ef603 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 1168df2e27f7c0decad28309b7a5066dfd21db45 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els6_all.deb 974f918c5bb8a49742ceb0fe5ba8d76f5f1f8ba7 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb eaa45ff78b7cb6d226a20f3343f4a8bdc85829c9 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb abce26f99d94023ec9e6b15550e6e3a029bbfc58 binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 9827dd8ca544d8368a9e4b28edae81a036478f07 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb a373e3891078cb7a87ba772a36bc4f2f1084403b libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els6_amd64.deb 0e74659ac16e8f98c25530f6443190632fcb1134 CLSA-2023:1699381084 TuxCare License Agreement 0 * SECURITY UPDATE: reachable assertion failure in display_debug_names - debian/patches/CVE-2022-35205.patch: replace assert with a warning message - CVE-2022-35205 * SECURITY UPDATE: memory leak in stab_demangle_v3_arg - debian/patches/CVE-2022-47007.patch: free dt on failure path - CVE-2022-47007 * SECURITY UPDATE: memory leak in make_tempdir - debian/patches/CVE-2022-47008.patch: free template on all failure paths - CVE-2022-47008 * SECURITY UPDATE: memory leak in pr_function_type - debian/patches/CVE-2022-47010.patch: free "s" on failure path - CVE-2022-47010 * SECURITY UPDATE: memory leak in parse_stab_struct_fields - debian/patches/CVE-2022-47011.patch: free "fields" on failure path - CVE-2022-47011 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: reachable assertion failure in display_debug_names - debian/patches/CVE-2022-35205.patch: replace assert with a warning message - CVE-2022-35205 * SECURITY UPDATE: memory leak in stab_demangle_v3_arg - debian/patches/CVE-2022-47007.patch: free dt on failure path - CVE-2022-47007 * SECURITY UPDATE: memory leak in make_tempdir - debian/patches/CVE-2022-47008.patch: free template on all failure paths - CVE-2022-47008 * SECURITY UPDATE: memory leak in pr_function_type - debian/patches/CVE-2022-47010.patch: free "s" on failure path - CVE-2022-47010 * SECURITY UPDATE: memory leak in parse_stab_struct_fields - debian/patches/CVE-2022-47011.patch: free "fields" on failure path - CVE-2022-47011

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 30b665951c6524f1f9a8ce046a090cbd756cc298 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 15e1fd399d37704f29eaa99b63187f23517d9065 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb aab3ffb45228a4aff37e44be8052186c9c47461f binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 6902e904b625fd24398b8388927709c56a4bbaa2 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 60d96698e31945961d6c3c80cd7b7035a53f6d8e binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb a204baf2e4108f9221eb0eced2fdc0b5b53e87c5 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 91c89ea925b28ed4cd6e15bd07b565b01d5d5bf6 binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els7_all.deb cd08421feb91924efdbd696ecd8c6a8b9df6d5b5 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els7_all.deb 0db434ffea5fa49a56c00958d6b941bc6ca0c3cb binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 8ec0d0a0770971aa88e5a8bd1a0c80558b17e71a binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 0492fe0b061799b02a4961b5ade3d3c13df93275 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb d10bcf75ece8cfc40ca12c4fdbfe1f5754f3b282 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb fc0539fef8554ac826a5ad1ee95cfaa09d15625d binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb ad076bf94e2a3aa7ca790c8caafdc0ee8ce230e3 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 0a2dad4a411d529bc8b8352afd66089d7a642ee2 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb e51c6be5bfe8161cd9876807d690aa7b0da7350d binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 3ede45b4e68324a210a1fd9ec6c3031b46fe39c9 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 15b07d07d80ffde5322e32ea62fb639f9f48a194 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb cd5cc785f67da07c40f9409c4b43782a248b1ab9 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 7ed6f710d5a625c21e62908d3a3f955e33deb511 binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb f5494a5c91bf91fdbf53efb597bd321c9c097a2c binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb cda0b83e8f6c539dab74bbad001b95985408298e binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 3a8556dcfd39a59634ad7ada96ac318952a801bf binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb e3996ff822792c6978641d015e62cf31f53f7037 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb d406f0874d0de9bdf9a8a1efd95a1217b0bd5275 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb aed4bc13f88b5400c0ee07a16b82043eada1f815 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 2753601bc8040ab95fb2840662a995f8a91ca6e1 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 4854474820a0829f75e67087d46e58bdd1acb4ad binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb c9a6e792e9522fc0b2785b7807108030027a0fd1 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 5f2121a2ee8ff0ce385996267192181fc7e1d225 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb fc89b124bb84e528abc4f3bb1df1b688ce2cd739 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb f39c842d3bdedd6784aaa05a619f3801932bc333 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 90e953dd5ad4c3c61504ca273b6bc70deab9e48a binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb cf478d9cdd165a2842abd96d88b2f7457a9623a5 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 6a772f590c8c9dccdb67ef269d1073ac306df32f binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 8e9fb5b3d20ce031f837ee408a1aa4aa137114e5 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb b44d954d3f7ed33345b080fbf5ae87627d907229 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb c0811d5c22c1e90dca4d2dfaaee28e035cb36348 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els7_all.deb bdec107711afb337a4e6c86f2c34ab5c2ac0a45d binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb a1a8014003848e9210a998662adcd90d709ae1b5 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 53a2d3d1b975bd707290307becd5bed1fcfc987b binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb cb79a320a991aa44fb143e91a0e7b9e3b5858107 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb 7a58be5cf2f2ea0c5ebf284b41098d18e3fd7e5f libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els7_amd64.deb bbe8d0c5b6808d95ed0465aed100dc6343cd7683 CLSA-2023:1699468134 TuxCare License Agreement 0 * SECURITY UPDATE: dnsdb out-of-bounds read information disclosure - debian/patches/CVE-2023-42119.patch: harden dnsdb against crafted DNS responses - CVE-2023-42119 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: dnsdb out-of-bounds read information disclosure - debian/patches/CVE-2023-42119.patch: harden dnsdb against crafted DNS responses - CVE-2023-42119

0 tuxcare-ubuntu18.04-els exim4_4.90.1-1ubuntu1.10+tuxcare.els3_all.deb 62918deff4b9802a9ccb85bb4d73f597cbdb146d exim4-base_4.90.1-1ubuntu1.10+tuxcare.els3_amd64.deb e6e60d3bf63f15577c24b360bfec2f300cf242da exim4-config_4.90.1-1ubuntu1.10+tuxcare.els3_all.deb 503b85535d1924b855b2db59668e51a2bcd0197f exim4-daemon-heavy_4.90.1-1ubuntu1.10+tuxcare.els3_amd64.deb b4f6eef3165562c147e40fac1dab9d5e3793afde exim4-daemon-light_4.90.1-1ubuntu1.10+tuxcare.els3_amd64.deb e655c0b447cc8bceb8015b39e0842d770149ffc5 exim4-dev_4.90.1-1ubuntu1.10+tuxcare.els3_amd64.deb 135ae3daa2c69587174a539650952a8eb42e12fe eximon4_4.90.1-1ubuntu1.10+tuxcare.els3_amd64.deb 5057ad224e645b4b5ae6ad4c6b673720649ece05 CLSA-2023:1699468766 TuxCare License Agreement 0 * SECURITY UPDATE: Arbitrary code execution vulnerability in ntpq/ntpdc - debian/patches/CVE-2018-12327.patch: fix stack buffer overflow in NTPQ/NTPDC. - CVE-2018-12327 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Arbitrary code execution vulnerability in ntpq/ntpdc - debian/patches/CVE-2018-12327.patch: fix stack buffer overflow in NTPQ/NTPDC. - CVE-2018-12327

0 tuxcare-ubuntu18.04-els ntp_4.2.8p10+dfsg-5ubuntu7.3+tuxcare.els1_amd64.deb 8bd6917bf7ab14eeea9b83e8e5bd314264a26c7c ntp-doc_4.2.8p10+dfsg-5ubuntu7.3+tuxcare.els1_all.deb 0c2e9b58c3c14760f03f7c670cd3076e6b9b2003 ntpdate_4.2.8p10+dfsg-5ubuntu7.3+tuxcare.els1_amd64.deb b167d91b084b9679688dc6ffb8874f03c3328464 sntp_4.2.8p10+dfsg-5ubuntu7.3+tuxcare.els1_amd64.deb 677192e5c17c168bd18029b989ddda42df801bcd CLSA-2023:1699468875 TuxCare License Agreement 0 * SECURITY UPDATE: posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: disallow releasing heap items during a comparison callback - CVE-2022-48560 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: disallow releasing heap items during a comparison callback - CVE-2022-48560

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_all.deb f8cadb504e5e9f14aaa03c87e569aa88aef45709 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb 208476abb7e5f969ca847e452cf83d4e1cb105e5 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb a2d45f27958591cbc31ae2f69da59273bb375831 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb 99e57b387eece13c39d50fc6a140820661b00db3 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb 80a845abd1286936cd5056e5007e7530964575be libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_all.deb a7dfb56e3b5392bf8d240b8f5514b817a576daa7 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb 23a3a44856a6f6fbc17442aa63a45ac9337e1d65 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb 4a84358586adac22b0121d4fe06597ca751de199 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_all.deb 6b14410d551c236490c03efe3a4f18238a2c1d29 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_all.deb 69487e8c37f1150a035a474255b7ed0f82bc4cf1 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb ca999e29456ca1c2e287ae08f5b1f4e4a0b657ac python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els5_amd64.deb a1b583711701f30cab7c9ba9378b183a745a50fd CLSA-2023:1699907419 TuxCare License Agreement 0 * SECURITY UPDATE: possible weak randomness in nonce value - debian/patches/php-7.1-CVE-2023-3247.patch: Fix missing randomness check for SOAP HTTP Digest - CVE-2023-3247 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible weak randomness in nonce value - debian/patches/php-7.1-CVE-2023-3247.patch: Fix missing randomness check for SOAP HTTP Digest - CVE-2023-3247

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 55c3527b9c893a63642c41707ed72e9beb8e4372 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 60689571eac4cabc997b97474a8d1870715cc5f4 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_all.deb 1ed9e587d10af2096618972fd8601c441c8b09b5 php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb b66b6734d5fee7ff1b4a35eb270400261ec06d2b php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 88606a980a987cc2402dfb2072b75c9da552771e php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 677eef2399d3b25d94f1aca370537fbb0dc48c72 php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 972757e2f9d7556d2329776e03a3390ac3337ed1 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb d5ba54ec600ac3406e933b4ce6ed7f0522144d17 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb ccf61fd7056438b60536f2603f983abdc3feb7c5 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 62c8095e629c3030b4a70498dc43bb31930a1b03 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 8db37bde0484ab757e4e9a2396e4087e0aea2f37 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 06fc99e7ca0f7204df1bfd0520c66f2fbd65689b php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 1067c49ddd750c11197f57febe085366e1e61e75 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 96cea6e7c732352390e74c5968805e318e6cc455 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 1ecb702689ab9ebe43121c5b75e20b1cd4ba7342 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 647342a331f390da9783be8b9134a901f60912ca php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 5b0dc4c929cf6c5ab5e122b0dc8123cdd0c42f1a php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 2c13264360e4846210162c18ca3f65d327a574d5 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 768bf12720b6f9faf69774d7e900d389f0d04ca5 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 61b8d64f36edaf673e90df21de54364a1a317075 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 2cb52d5593badb00e273731f74913c54f8589f11 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 33a167ba2bf5b488ce31ecf19c33f63655443596 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb f258c9defeb5445e96ceba5d34917d42fe49a328 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 304d0208e96edd1b92ccc149fc212dc5a5dfced8 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb a24fe57ee4cdfaa242e1efe71c84b348225fb8b6 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb d2b5de0a1c9770a17f0b3667e58086a4b8711570 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb eda8d95cbce6b10f2bb594e5f14392055efa7c48 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 60810b244bf333201a0c6e688d3b7b8df04e96ab php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 7289f283679a3e80f37eedbffc95032c8baa9232 php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb ab44d5f70c01de7b8173e544131574dd40366e24 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 9dbe242b0de1d474aacb7b25c8f832e39dd63a50 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb edf18b9aeb6de362249786a847515c3ebf6a0eaf php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb fdf1cadeb2805dde5ae19277eb7a09a2f0a99b99 php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 5eface6ebbc5f01caaf6f3ad5cd443655dae5dfb php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 70b054f47f5b57b7599a5f146034fc42ee76226b php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb bb881f830a463316159fb89de4b6e4f2c8b179d5 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_all.deb 3c0d2096c62938f0efc9dff89568022c1ba32423 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els2_amd64.deb 60be0e1b1b91a5e2e6979f9e95df28db6eafa266 CLSA-2023:1699907536 TuxCare License Agreement 0 * SECURITY UPDATE: An unauthenticated user may be able to access recently printed documents. The config file /etc/cups/cupsd.conf should be edited manually in case the cups has been already installed in the system: the <Limit Send-Document> and <Limit CUPS-Get-Document> sections should be changed according to the patch - debian/patches/CVE-2023-32360.patch: Require authentication for CUPS-Get-Document. - CVE-2023-32360 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: An unauthenticated user may be able to access recently printed documents. The config file /etc/cups/cupsd.conf should be edited manually in case the cups has been already installed in the system: the <Limit Send-Document> and <Limit CUPS-Get-Document> sections should be changed according to the patch - debian/patches/CVE-2023-32360.patch: Require authentication for CUPS-Get-Document. - CVE-2023-32360

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb fe05229b3ec279e7f034007707190b45ad7b2a34 cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 8bf2d364dc7fc4b41c5d44c6bf7c454439623621 cups-client_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb b0bae31ca8811ce9c24f9d5427095daf51c6407d cups-common_2.2.7-1ubuntu2.10+tuxcare.els3_all.deb fc7d22ba847ae0bf220097e137384db7afcaff52 cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 240f0f91af516a5e546c1b3c000b006d8bdb0345 cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb ca1c4daf22cd0a1ee11c575e6bb9b8766cb527da cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb cea5a252fee62656ef2686fb05edf69c7356e73f cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 50b90faa6a1aadb2cb2deecc599fe74f4ddbe8fa cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els3_all.deb 1682d4f92259e85471a26619a087a51934c1d3c4 libcups2_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb cf15ad83fa39a97d8e33a6bb842cac641a7e1297 libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 0366020a75791947e67bf3fb582902c27782c624 libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 9afdb04e701a36115a949f16681910f4b7e9fbb0 libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 90023d0bade2e0945d321776fea92a9adc75676a libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 02aa71d4870a248b8338280045c393b64ee457c8 libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 55697b18888efb65411d9d343175fcf17ad558f3 libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els3_amd64.deb 4093dc0e1a96cb292a1784ba043e7406d0e00996 CLSA-2023:1700160152 TuxCare License Agreement 0 * SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix string_is_ip_address() - CVE-2023-42117 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix string_is_ip_address() - CVE-2023-42117

0 tuxcare-ubuntu18.04-els exim4_4.90.1-1ubuntu1.10+tuxcare.els4_all.deb 84a4142b181b1ecc027fe4c50cb803a1d3e39176 exim4-base_4.90.1-1ubuntu1.10+tuxcare.els4_amd64.deb 4fdd7c30408a45b88d63b35bfb793d6fa5723540 exim4-config_4.90.1-1ubuntu1.10+tuxcare.els4_all.deb dcc748bb7b4443948636e29298789a4a15687c07 exim4-daemon-heavy_4.90.1-1ubuntu1.10+tuxcare.els4_amd64.deb d451d109b34e88a5f5d931bb77d79f9944208513 exim4-daemon-light_4.90.1-1ubuntu1.10+tuxcare.els4_amd64.deb f9f950cece27dc493a6291342232d0ec88e4e8f3 exim4-dev_4.90.1-1ubuntu1.10+tuxcare.els4_amd64.deb 54a742802e7910cd5c5285758917f3bcae4a59e5 eximon4_4.90.1-1ubuntu1.10+tuxcare.els4_amd64.deb 7485f52e844176d23e31437ef6dd0be0124a6a75 CLSA-2023:1700160468 TuxCare License Agreement 0 * SECURITY UPDATE: Remote authenticated user can trigger a kadmind crash - debian/patches/CVE-2023-36054.patch: ensure array count consistency in kadm5 RPC - CVE-2023-36054 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Remote authenticated user can trigger a kadmind crash - debian/patches/CVE-2023-36054.patch: ensure array count consistency in kadm5 RPC - CVE-2023-36054

0 tuxcare-ubuntu18.04-els krb5-admin-server_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb cab60170a30da6b31b6afd942a61943ed617da23 krb5-doc_1.16-2ubuntu0.4+tuxcare.els1_all.deb 6a2b9c01c78b9090802f1440822fff6bb67d4799 krb5-gss-samples_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 2f08d4035dc1c630a4821962417977c746e7cd0e krb5-k5tls_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 73f4f51af3113a699bf3a8270488e97c7c807412 krb5-kdc_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 6f37a06768a758d82c7694ecba642305514944cb krb5-kdc-ldap_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 43f19d30737148e39c83633174f26265f6db0202 krb5-kpropd_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 47f6ec75150a46bcb4fac4c8eff9bd1563a92d65 krb5-locales_1.16-2ubuntu0.4+tuxcare.els1_all.deb b76bc936f42656b55118597f66f66a1d1e2181e9 krb5-multidev_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb a88864895b2a40bdb8f235c11e887badaea9d62d krb5-otp_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 3b2dd434ccf3a1318c7a8efafbac3b37da86ce1f krb5-pkinit_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 4631bab53a6ea3bceea1c19e96c8ffa69f03f598 krb5-user_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb eb80e55460fbe04fb029189935ebc6c8c5d585be libgssapi-krb5-2_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 322a0935e6ecfd138fa0b88d28016cc7c761af66 libgssrpc4_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb d17a040644a5760ed51fe79d102ac52ffb880670 libk5crypto3_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 1b933b05f2602c37f1d76c3101f7ca003f613cc1 libkadm5clnt-mit11_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb ad0688505dc5c541595543a888360fe0247b9fe3 libkadm5srv-mit11_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 11b48d688396f3cae6e110fa4eb12d08c15a5dc7 libkdb5-9_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb e03a984d08077a661cafa9dda2427cdf35b48f62 libkrad-dev_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 4223cd7dcb7da42b310ce4a866763057ce40e79a libkrad0_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb cdfe16bdbbde4b99a91aa47a03c623e91cea149d libkrb5-3_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb cfe3a4303a84e119bcc14c692a6da7d47b5864ca libkrb5-dev_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb 425affaac5f93e45c818ed87a18f95328b6b0649 libkrb5support0_1.16-2ubuntu0.4+tuxcare.els1_amd64.deb abcb76ec98b1a1d6a2e0748ecfa043aee225d149 CLSA-2023:1700160647 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service in HTTP Digest Authentication - debian/patches/CVE-2023-46847.patch: fix stack buffer overflow when parsing Digest Authorization - CVE-2023-46847

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els1_amd64.deb 6c964e1a8c1ac2ad3f59fa8b326e74ff2226e104 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els1_amd64.deb d6f652d988bd57208cd4f0e19a0078616db1eb88 squid-common_3.5.27-1ubuntu1.14+tuxcare.els1_all.deb fa68248780c9b8fbc081b183eaf5d113590dd872 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els1_amd64.deb 2fc26078f1bed8f742343a95f122f6ca1b555b9f squid3_3.5.27-1ubuntu1.14+tuxcare.els1_all.deb 0b995148b75cd51d95fbd11626b8c0fe92ef622d squidclient_3.5.27-1ubuntu1.14+tuxcare.els1_amd64.deb fc580428a9425257e4766a798d91cb1827b5fadc CLSA-2023:1700593692 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of service could be encountered if a DH key or DH parameters check experience long delays. - debian/patches/CVE-2023-3446.patch: Adds check to prevent the testing of an excessively large modulus in DH_check(). - CVE-2023-3446 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service could be encountered if a DH key or DH parameters check experience long delays. - debian/patches/CVE-2023-3446.patch: Adds check to prevent the testing of an excessively large modulus in DH_check(). - CVE-2023-3446

0 tuxcare-ubuntu18.04-els libssl-dev_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2_amd64.deb 56a4c335827ccadab9c7462eb8f957eba8c15dc5 libssl-doc_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2_all.deb c6b4e422f567748ac5db05ca8bf93ae5dc9ae68e libssl1.1_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2_amd64.deb 03fbeb5003135dd47cef8c84fe44e25eb0301f65 openssl_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2_amd64.deb a3e5c9026823193bde02cec084d4190f56e85aab CLSA-2023:1700835779 TuxCare License Agreement 0 * SECURITY UPDATE: open socket out of the dedicated directory - debian/patches/CVE-2023-3961.patch: prevents a traversal out the dedicated directory - CVE-2023-3961 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: open socket out of the dedicated directory - debian/patches/CVE-2023-3961.patch: prevents a traversal out the dedicated directory - CVE-2023-3961

0 tuxcare-ubuntu18.04-els ctdb_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb e777095aedbc73eb2cbbcbb7058fe8dc4a54c815 libnss-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 344ef583e0e4155b3a6159f5ea29b4d7d18550cc libpam-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb ca16cf3654e55c4628a5f4ad730c777829eeb09c libparse-pidl-perl_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 6eddd98c8c4bc753d3834b0b34650fb4e59fe4d2 libsmbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 6886054959eabd529a8145e9594295dd70fe6ea9 libsmbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb e55ac3a60e5aa20bd3e6873bda3dd9ef85f5b4c1 libwbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb c86bf3e5a528cade05ba7579e29a53ee767d55eb libwbclient0_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 7e58310978f3d7acdde66c5a1a4324d9e5e88fe6 python-samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb d9ade0d44d5039bc3272c90dcc0adc942c1d3c08 registry-tools_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 4799a0fcd6baff7865fd3e717f3787d550767cdb samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb b2a8925b6d0277ad6303b4aac85fd8417bef6fa2 samba-common_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_all.deb c09c361531b02d96dff155d5dedf6200d7c8dd1b samba-common-bin_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 8933173d0f6c93eb86b87c383480c11774006c3e samba-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 2baa947b102f9b959da7125a68e72678815b43a9 samba-dsdb-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb d9b8a0fa24d5332e2ea64ef5e6ba1068a82546e5 samba-libs_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 33c475580f3af2daec3dd9b7ea4a0800fe08984a samba-testsuite_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb e22cc2fdc17e19b55e1b94b09c6bc69578c840bf samba-vfs-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 519e8d38998ecbc8bb0a9ae6f8c3c83cc66584dc smbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 289e467efdafda721a795ebbbd78cb456689b750 winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els4_amd64.deb 9dfc9e89e19a72856632161f9efd0cdd93370c17 CLSA-2023:1701265865 TuxCare License Agreement 0 * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * Jammy update: v5.15.121 upstream stable release (LP: #2032689) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix warning due to null work_func_t function pointer * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix use after free bugs caused by do_submit_urb * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * CVE-url: https://ubuntu.com/security/CVE-2023-1838 - Fix double fget() in vhost_net_set_backend() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1076 - net: add sock_init_data_uid() - tun: tun_chr_open(): correctly initialize socket uid - tap: tap_open(): correctly initialize socket uid * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: set max size RX buffer when store bad packet is enabled * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * Jammy update: v5.15.121 upstream stable release (LP: #2032689) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix warning due to null work_func_t function pointer * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix use after free bugs caused by do_submit_urb * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * CVE-url: https://ubuntu.com/security/CVE-2023-1838 - Fix double fget() in vhost_net_set_backend() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1076 - net: add sock_init_data_uid() - tun: tun_chr_open(): correctly initialize socket uid - tap: tap_open(): correctly initialize socket uid * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: set max size RX buffer when store bad packet is enabled * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 0d1c54f51b33b7824cef06c5efb5b63c3a4d2b6d linux-buildinfo-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb d525940fc5e858470e4ae031f17c98eaecdf7097 linux-cloud-tools-4.15.0-221-tuxcare.els9_4.15.0-221.232_amd64.deb 4fa788e7af22bdb75fae2b51b3f262b86564c475 linux-cloud-tools-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb e8c14f4a267e899947c9bbfe6bb29d489ea9b9ac linux-cloud-tools-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 6900c3980e39c5f66ed437a5cb91235b2ddb209f linux-cloud-tools-common_4.15.0-221.232_all.deb a6e0d2f9b5e73ff4167b3324637d2a8e8f60177d linux-cloud-tools-generic_4.15.0.221.232_amd64.deb 67cfed1dd799342ba09c5787379c36abf5d4ec1e linux-cloud-tools-lowlatency_4.15.0.221.232_amd64.deb fb6eced9c097f08c9469841366443c1d06a62c98 linux-crashdump_4.15.0.221.232_amd64.deb c4ccdb8e760e9f0c9c56f2216a29c8384455bd82 linux-doc_4.15.0-221.232_all.deb ea9c38e3abec7a0f6d2ef01cdf6c7ad9c344c519 linux-generic_4.15.0.221.232_amd64.deb f88ab4c8f73ce3a55425dce5d9faa6ac13b1ca04 linux-headers-4.15.0-221-tuxcare.els9_4.15.0-221.232_all.deb 45cab261ef8baf6af53edbcd57a332fd8e6f5f5c linux-headers-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 11cc28d61d8a8d0d1b3942d61b6d422a791a9b94 linux-headers-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 51e54e55b743d5da426dffbd60ec8e8be91a3570 linux-headers-generic_4.15.0.221.232_amd64.deb ff56de5f1512dc4638dff52d44ec19562fe72e47 linux-headers-lowlatency_4.15.0.221.232_amd64.deb 2808426fcd5bd3527b3004b10ff4c691e8e4f3f8 linux-image-generic_4.15.0.221.232_amd64.deb 8359d3b7c9bf148fe6ec3b44d3fc7ea3952a382b linux-image-lowlatency_4.15.0.221.232_amd64.deb d6e04d9d11edef4580aa210c97f459b29256ba5e linux-image-unsigned-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 525a60a1416233dc604668651ca3cefced8b7899 linux-image-unsigned-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 773b273b55436765542bfbf8345d32b5e77e3249 linux-libc-dev_4.15.0-221.232_amd64.deb f975c1aa29aaeb0d087001c7dff01ce3a3893bc4 linux-lowlatency_4.15.0.221.232_amd64.deb f4438676398d5958e3d04a681796712339084e96 linux-modules-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 1e4fd32ecaedf1d7ee3175dc259a9e9a05298b3f linux-modules-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 9e99af67c22fe538ec5fff2e2394b8ab52fce735 linux-modules-extra-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 9a52bf63b72d09300f47d2d7e8893b06cf3e347e linux-source_4.15.0.221.232_all.deb 4219f90a62f3ba28cab7ce8c7d7767b92c4b511f linux-source-4.15.0_4.15.0-221.232_all.deb 2b1cc0f8830b28c1274ff4e059fb9671ba5ba811 linux-tools-4.15.0-221-tuxcare.els9_4.15.0-221.232_amd64.deb 9353697fdb03bf11a469f173d5c8e5fe716575af linux-tools-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb fa76a281bef95fb4a080eeecfe715022dc597b02 linux-tools-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb cf55a261c309dbb1f071a6dd0060e5378323f22f linux-tools-common_4.15.0-221.232_all.deb f03688723660e87d56d86e6db3cf2d988f533014 linux-tools-generic_4.15.0.221.232_amd64.deb 0bc60e0cbbca8de43c9cefc56352cba7ff2923f7 linux-tools-host_4.15.0-221.232_all.deb a9e341d981894d28e87c312b70f826895578d5c5 linux-tools-lowlatency_4.15.0.221.232_amd64.deb 27cdba9afaf19cad90e6b1d4c8dff3f4efbe228f CLSA-2023:1701266210 TuxCare License Agreement 0 * CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * Jammy update: v5.15.121 upstream stable release (LP: #2032689) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix warning due to null work_func_t function pointer * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix use after free bugs caused by do_submit_urb * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * CVE-url: https://ubuntu.com/security/CVE-2023-1838 - Fix double fget() in vhost_net_set_backend() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1076 - net: add sock_init_data_uid() - tun: tun_chr_open(): correctly initialize socket uid - tap: tap_open(): correctly initialize socket uid * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: set max size RX buffer when store bad packet is enabled * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-31085 // CVE-url: https://ubuntu.com/security/CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * Jammy update: v5.15.121 upstream stable release (LP: #2032689) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix warning due to null work_func_t function pointer * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-4132 - media: usb: siano: Fix use after free bugs caused by do_submit_urb * CVE-2023-5717 // CVE-url: https://ubuntu.com/security/CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * CVE-url: https://ubuntu.com/security/CVE-2023-1838 - Fix double fget() in vhost_net_set_backend() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1077 - sched/rt: pick_next_rt_entity(): check list_entry * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: https://ubuntu.com/security/CVE-2023-1076 - net: add sock_init_data_uid() - tun: tun_chr_open(): correctly initialize socket uid - tap: tap_open(): correctly initialize socket uid * CVE-url: https://ubuntu.com/security/CVE-2023-45863 - kobject: Fix slab-out-of-bounds in fill_kobj_path() * CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: set max size RX buffer when store bad packet is enabled * Jammy update: v5.15.100 upstream stable release (LP: #2020387) // CVE-url: https://ubuntu.com/security/CVE-2023-45862 - USB: ene_usb6250: Allocate enough memory for full object * CVE-url: https://ubuntu.com/security/CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 0d1c54f51b33b7824cef06c5efb5b63c3a4d2b6d linux-buildinfo-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb d525940fc5e858470e4ae031f17c98eaecdf7097 linux-cloud-tools-4.15.0-221-tuxcare.els9_4.15.0-221.232_amd64.deb 4fa788e7af22bdb75fae2b51b3f262b86564c475 linux-cloud-tools-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb e8c14f4a267e899947c9bbfe6bb29d489ea9b9ac linux-cloud-tools-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 6900c3980e39c5f66ed437a5cb91235b2ddb209f linux-cloud-tools-common_4.15.0-221.232_all.deb a6e0d2f9b5e73ff4167b3324637d2a8e8f60177d linux-cloud-tools-generic_4.15.0.221.232_amd64.deb 67cfed1dd799342ba09c5787379c36abf5d4ec1e linux-cloud-tools-lowlatency_4.15.0.221.232_amd64.deb fb6eced9c097f08c9469841366443c1d06a62c98 linux-crashdump_4.15.0.221.232_amd64.deb c4ccdb8e760e9f0c9c56f2216a29c8384455bd82 linux-doc_4.15.0-221.232_all.deb ea9c38e3abec7a0f6d2ef01cdf6c7ad9c344c519 linux-generic_4.15.0.221.232_amd64.deb f88ab4c8f73ce3a55425dce5d9faa6ac13b1ca04 linux-headers-4.15.0-221-tuxcare.els9_4.15.0-221.232_all.deb 45cab261ef8baf6af53edbcd57a332fd8e6f5f5c linux-headers-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 11cc28d61d8a8d0d1b3942d61b6d422a791a9b94 linux-headers-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 51e54e55b743d5da426dffbd60ec8e8be91a3570 linux-headers-generic_4.15.0.221.232_amd64.deb ff56de5f1512dc4638dff52d44ec19562fe72e47 linux-headers-lowlatency_4.15.0.221.232_amd64.deb 2808426fcd5bd3527b3004b10ff4c691e8e4f3f8 linux-image-generic_4.15.0.221.232_amd64.deb 8359d3b7c9bf148fe6ec3b44d3fc7ea3952a382b linux-image-lowlatency_4.15.0.221.232_amd64.deb d6e04d9d11edef4580aa210c97f459b29256ba5e linux-image-unsigned-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 525a60a1416233dc604668651ca3cefced8b7899 linux-image-unsigned-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 773b273b55436765542bfbf8345d32b5e77e3249 linux-libc-dev_4.15.0-221.232_amd64.deb f975c1aa29aaeb0d087001c7dff01ce3a3893bc4 linux-lowlatency_4.15.0.221.232_amd64.deb f4438676398d5958e3d04a681796712339084e96 linux-modules-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 1e4fd32ecaedf1d7ee3175dc259a9e9a05298b3f linux-modules-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb 9e99af67c22fe538ec5fff2e2394b8ab52fce735 linux-modules-extra-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb 9a52bf63b72d09300f47d2d7e8893b06cf3e347e linux-source_4.15.0.221.232_all.deb 4219f90a62f3ba28cab7ce8c7d7767b92c4b511f linux-source-4.15.0_4.15.0-221.232_all.deb 2b1cc0f8830b28c1274ff4e059fb9671ba5ba811 linux-tools-4.15.0-221-tuxcare.els9_4.15.0-221.232_amd64.deb 9353697fdb03bf11a469f173d5c8e5fe716575af linux-tools-4.15.0-221-tuxcare.els9-generic_4.15.0-221.232_amd64.deb fa76a281bef95fb4a080eeecfe715022dc597b02 linux-tools-4.15.0-221-tuxcare.els9-lowlatency_4.15.0-221.232_amd64.deb cf55a261c309dbb1f071a6dd0060e5378323f22f linux-tools-common_4.15.0-221.232_all.deb f03688723660e87d56d86e6db3cf2d988f533014 linux-tools-generic_4.15.0.221.232_amd64.deb 0bc60e0cbbca8de43c9cefc56352cba7ff2923f7 linux-tools-host_4.15.0-221.232_all.deb a9e341d981894d28e87c312b70f826895578d5c5 linux-tools-lowlatency_4.15.0.221.232_amd64.deb 27cdba9afaf19cad90e6b1d4c8dff3f4efbe228f CLSA-2023:1701706316 TuxCare License Agreement 0 * SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016.patch: ps: fix possible buffer overflow in -C option. - CVE-2023-4016 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016.patch: ps: fix possible buffer overflow in -C option. - CVE-2023-4016

0 tuxcare-ubuntu18.04-els libprocps-dev_3.3.12-3ubuntu1.2+tuxcare.els1_amd64.deb 1b8b662c5dee7ceab1dc80eab6b2ade2e80f858b libprocps6_3.3.12-3ubuntu1.2+tuxcare.els1_amd64.deb ebba86581eabbb1bf50d0121af5ccf6845b2a3fb procps_3.3.12-3ubuntu1.2+tuxcare.els1_amd64.deb e3c9b4faee5c3919099ce3164db5448e0cff0061 CLSA-2023:1701971140 TuxCare License Agreement 0 * SECURITY UPDATE: potential DoS attack via CPU and RAM exhaustion - debian/patches/CVE-2022-48564.patch: Improve validation of Plist files that prevent DoS when processing malformed Apple Property List files in binary format - CVE-2022-48564 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: potential DoS attack via CPU and RAM exhaustion - debian/patches/CVE-2022-48564.patch: Improve validation of Plist files that prevent DoS when processing malformed Apple Property List files in binary format - CVE-2022-48564 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_all.deb c9ba3e974cbdb3e2388750f5bfe97f03fec8602e libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb 96fba0299ca73ecfce45b75459f10498097d575f libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb 948b0433ad1b8eb52371d3a1241a6f487b4fdbb1 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb acd243268de39490958004a05027c0665340c711 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb 801e0dd72593f129c6a40ad395100f3abcdfeeae libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_all.deb 276df9593d76280793f854b8865f2b7b5bd0e698 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb fb835b184d094d89bdf2fabfd2d51ecd134f9cf8 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb ebd925dbb1d84ac0809ef0aa8c6589285603e50d python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_all.deb a468491e7af4b4d9b5580fc8254bde2144c68b92 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_all.deb ccbef27c44dc7ed0288b1e0d86f4504e4c7c4a0a python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb 9629918e7991505604855f89eada83f364d0bf33 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els6_amd64.deb d8022a89347abd45285af29c0bd40ad67eae9316 CLSA-2023:1701971229 TuxCare License Agreement 0 * SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: TLS handshake bypass - debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests - CVE-2023-40217

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_all.deb 43903d8b9de64e49541bb0e3e3b0051305fbc69e libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb 6fc153224bac337cd6472c81a8baf28af325b6a4 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb 659316d5fc2c1c614873cbfe3dd5836d813bef2e libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb 4e78296ab21cf19a1a51b7e10d9ff09ec017374f libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb 8a1504a1dd6f54b932380726850bbd1515b80f71 libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_all.deb 23700f94cd91c209b3cf88e4570aad6cb3a92428 python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb 92b00a4a530a711e761eb37816adc8cbdcf7a462 python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb 7c32601eb33f69954f810fa89ba0da5e8176eaa1 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_all.deb 1ce50439e8786844bf8266a8c87b84e9f8750e3e python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_all.deb 5f5627a5aad53a20700ec309cbb0de36f47be9b4 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els5_amd64.deb c8f4ec671abe2fef6bd2e88b0b34af9b446d4c2d CLSA-2023:1702324685 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2023-11-14 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 - CVE-2023-23583, INTEL-SA-00950 * source: update symlinks to reflect id of the latest release, 20231114 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2023-11-14 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 - CVE-2023-23583, INTEL-SA-00950 * source: update symlinks to reflect id of the latest release, 20231114

0 tuxcare-ubuntu18.04-els intel-microcode_3.20231114.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 97f7a0a622c7f5cc01546044f1a24603e328b225 CLSA-2023:1702420474 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service attack against Squid’s Gopher gateway due to a NULL pointer dereference bug - debian/patches/CVE-2023-46728.patch: Remove support for Gopher protocol - CVE-2023-46728 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service attack against Squid’s Gopher gateway due to a NULL pointer dereference bug - debian/patches/CVE-2023-46728.patch: Remove support for Gopher protocol - CVE-2023-46728

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els2_amd64.deb b8153f4ea7fdb84636c71791768ad517d55d1338 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els2_amd64.deb e5ac1f8823fdc24c00a916a3de3b2ef9366e6f26 squid-common_3.5.27-1ubuntu1.14+tuxcare.els2_all.deb e9db25f5a57193db8268752a6f2990d3d3a173a7 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els2_amd64.deb 70ceb28c5e2f24ebabf4a6b9ac9cc23c33ee0dd2 squid3_3.5.27-1ubuntu1.14+tuxcare.els2_all.deb 3f238935a835650141928f819e071a52c426d9ef squidclient_3.5.27-1ubuntu1.14+tuxcare.els2_amd64.deb 0708a47c3b4454b82a4c3c9537dea4cf7d8727eb CLSA-2023:1702573569 TuxCare License Agreement 0 * SECURITY UPDATE: Update to 5.7.44 to fix security issues - CVE-2023-22053, CVE-2023-22084, CVE-2023-22015, CVE-2023-22026, CVE-2023-22028 * debian/patches/off_root_tests.patch: disable mysqld_daemon and mysqld_safe tests under root due to known issues with these tests. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Update to 5.7.44 to fix security issues - CVE-2023-22053, CVE-2023-22084, CVE-2023-22015, CVE-2023-22026, CVE-2023-22028 * debian/patches/off_root_tests.patch: disable mysqld_daemon and mysqld_safe tests under root due to known issues with these tests.

0 tuxcare-ubuntu18.04-els libmysqlclient-dev_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb f73a2d48d133f9f78c0bdb86c8c378a5a4a8f21a libmysqlclient20_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 424df06dcdc94b17208d8777e716631271732495 libmysqld-dev_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb bc0cbb71ec6cdd321c3826457a1f7bc9a4999da4 mysql-client_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_all.deb 2cbca06cffb30b16eb623466cfcc1d1360389692 mysql-client-5.7_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb b8765b5c3f63167013d39f699641a28eff1aa138 mysql-client-core-5.7_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 4797edeaae93be6e5f2e915475968a10c4056219 mysql-server_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_all.deb 23c515322ad73fc945b3a6841c318fe579b58382 mysql-server-5.7_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 7cc1fe1ecd6160b4dc3f6420ea42e25a86ef2b99 mysql-server-core-5.7_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 1e642bb30cfe9175cd49596202a45f4aab23372b mysql-source-5.7_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb e66b8426591201db556757d538cd817fe3e27ccc mysql-testsuite_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_all.deb 3aa82e5dcfa61e694711606ee31e350fdccca17f mysql-testsuite-5.7_5.7.44-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 1bebffff63cfa0dee241b3320dff101a1685d982 CLSA-2023:1702573728 TuxCare License Agreement 0 * SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_all.deb cfbd100bdb194e063eca207e65342f8dabc18915 libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb 992bc8e87d4eedbfcec1d1509783314a26a86e29 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb 6e3013a9c403bf5975b6e6823fddde95e8207e22 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb f5dc17bebfdd20d780eb54089b0c2e1b7b37851d libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb b823361204984c0b1c0f8a761fe26569d654cf60 libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_all.deb a74a7dea2305ff396dc144c4e9c9abe5301690b1 python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb 03c69437d9a8598608dbba53a10043ed91ac7b55 python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb 3072c5085647fa0b8efcd4487d4fb3d7bf5e41ad python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_all.deb 0b8d9d0541936e91757eb0653d1bdb2a9aeeafa7 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_all.deb 976f2837d24b7edd2ab251380b061d893ed90ca5 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els6_amd64.deb 82c051d85c63a3df4d9e76a9c8dec46d1bff27c4 CLSA-2023:1703011710 TuxCare License Agreement 0 * SECURITY UPDATE: A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal - debian/patches/CVE-2022-3437-1.patch: third_party/heimdal: use constant-time memcmp() for arcfour unwrap - debian/patches/CVE-2022-3437-3.patch: third_party/heimdal: check buffer length against overflow for DES{,3} unwrap - debian/patches/CVE-2022-3437-4.patch: third_party/heimdal: don't pass NULL pointers to memcpy() in DES unwrap - debian/patches/CVE-2022-3437-5.patch: third_party/heimdal: use constant-time memcmp() in unwrap_des3() - debian/patches/CVE-2022-3437-7.patch: third_party/heimdal: pass correct length to _gssapi_verify_pad() - debian/patches/CVE-2022-3437-8.patch: third_party/heimdal: check the result of _gsskrb5_get_mech() - debian/patches/CVE-2022-3437-9.patch: third_party/heimdal: remove __func__ compatibility workaround - debian/patches/CVE-2022-3437-10.patch: third_party/heimdal: check for overflow in _gsskrb5_get_mech() - debian/patches/CVE-2022-3437-11.patch: third_party/heimdal: avoid undefined behaviour in _gssapi_verify_pad() - CVE-2022-3437 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal - debian/patches/CVE-2022-3437-1.patch: third_party/heimdal: use constant-time memcmp() for arcfour unwrap - debian/patches/CVE-2022-3437-3.patch: third_party/heimdal: check buffer length against overflow for DES{,3} unwrap - debian/patches/CVE-2022-3437-4.patch: third_party/heimdal: don't pass NULL pointers to memcpy() in DES unwrap - debian/patches/CVE-2022-3437-5.patch: third_party/heimdal: use constant-time memcmp() in unwrap_des3() - debian/patches/CVE-2022-3437-7.patch: third_party/heimdal: pass correct length to _gssapi_verify_pad() - debian/patches/CVE-2022-3437-8.patch: third_party/heimdal: check the result of _gsskrb5_get_mech() - debian/patches/CVE-2022-3437-9.patch: third_party/heimdal: remove __func__ compatibility workaround - debian/patches/CVE-2022-3437-10.patch: third_party/heimdal: check for overflow in _gsskrb5_get_mech() - debian/patches/CVE-2022-3437-11.patch: third_party/heimdal: avoid undefined behaviour in _gssapi_verify_pad() - CVE-2022-3437

0 tuxcare-ubuntu18.04-els ctdb_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 451c0b41e460f8a000db559fdc04fde5a53380f4 libnss-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 70b85481b3e0f19d654a2acfd915230bd2a2e3ae libpam-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 57d472585f1d50d0052825a104820a9dddbe29f7 libparse-pidl-perl_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb dcc90a76cf911a009caba6b68e051e8f7d281096 libsmbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb d03ddff7f7c9da36b1518bff92e752591c6e7882 libsmbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 964cd8a091fcf7654470cde5865c896027d405c9 libwbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 954ce84c7ce7279e07862b1b6fdc4ab0fb318fcf libwbclient0_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 7d698861478e598493905067d71c68045f549e31 python-samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 7e8937ff7a987e2b7d9a0e282eb3737b44fb059d registry-tools_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb aa36c70bcd61a8fd0cdeaf9f02fd308533a1cf7f samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 976a7f7f34a88a3a636b27f985565e69f6f450d9 samba-common_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_all.deb 9756ba343a988d02c4ef09c4442bf2045f5a9f0b samba-common-bin_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb e08fe3b7319c41f59b94e01e121830fabca9f9e8 samba-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb ebfd26652ca8227b81e911c0339706b836ac582b samba-dsdb-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb ff3ed5732f5d63c0d7d3cb4b95ad23e2645e4d82 samba-libs_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 7ae6caca79b52bbeed9d7ff83eec48b7e82977d0 samba-testsuite_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 9924a624e5f694dddad0b97f9b26b046a965137f samba-vfs-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 416d73440f9932189090248cd7b27374fd78ffe5 smbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 8401f7f8539253cf23287f7eff8c884b058fd84e winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els5_amd64.deb 775262cd6e7ce9404284e6e262dd42196aaa47a9 CLSA-2023:1703184336 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 * SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper process startup fails - CVE-2023-49286 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer OverRead in RFC 1123 date/time - debian/patches/CVE-2023-49285.patch: Fix date parsing in RFC 1123 - CVE-2023-49285 * SECURITY UPDATE: Denial of Service attack against Helper process management - debian/patches/CVE-2023-49286.patch: Add exit without asserting when helper process startup fails - CVE-2023-49286

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els3_amd64.deb ee16e2b708eac3237efa87b6924587a536a24b5f squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els3_amd64.deb 7c7fb45acd3e93dfaa23f3b0d6f2e4a11ba57b39 squid-common_3.5.27-1ubuntu1.14+tuxcare.els3_all.deb 475a49e03df43f0e489b549886f2e726e9f8233e squid-purge_3.5.27-1ubuntu1.14+tuxcare.els3_amd64.deb 82227df8cef91e4e29185bc9f87021f552f4e065 squid3_3.5.27-1ubuntu1.14+tuxcare.els3_all.deb 051295b831544b4f36793f5294161367538993a0 squidclient_3.5.27-1ubuntu1.14+tuxcare.els3_amd64.deb c70b2b81c66cb39498552efe998acfbfeb51cf78 CLSA-2023:1703610792 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer overrun from integer overflow in array modification - debian/patches/CVE-2023-5869.patch: detect integer overflow while computing new array dimensions. - CVE-2023-5869 -- Pavel Mayorov <pmayorov@cloudlinux.com> Thu, 21 Dec 2023 14:36:00 +0100 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overrun from integer overflow in array modification - debian/patches/CVE-2023-5869.patch: detect integer overflow while computing new array dimensions. - CVE-2023-5869 -- Pavel Mayorov <pmayorov@cloudlinux.com> Thu, 21 Dec 2023 14:36:00 +0100

0 tuxcare-ubuntu18.04-els libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 2f6a13eafdf51615273d52bbada5c2e0cc8b2476 libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 8170d9a96c6537297eba28f6b756be3e7d443a13 libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb a190c6c36774cdce8b780dccaf3c1d3da4d1dd85 libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb de0078f64d975f8d485fe02d802c1cb49c0a3682 libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 7f34a5b27f6a191aaf8595da63804f860e65ed75 libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 26b598163ebcc5fec78d60416e3b86813fe1911d postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb f922d88043818b614041b9b239f53dfbab86d794 postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 506a353a7984b6ea05f3f2778bb359151effc36a postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_all.deb 761ecff97ae96585a3eff8073a1a0362d55db7e4 postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 6aeac4f8aeed97bf0c5d07a54d3215f381f6b8e8 postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb c1f11879b3a04e599d541ec7d3612114a124d2f5 postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb a80bc5715229e114019a154c41938febbd322cd0 postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb b00379461955fc8a3c5ad28afdd6a80149293c20 postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els2_amd64.deb 0d628543bdda9e9225e292036f36ba5c9d8be9bc CLSA-2023:1703610859 TuxCare License Agreement 0 * SECURITY UPDATE: possible OS command injection - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in command line - CVE-2023-51385 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible OS command injection - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in command line - CVE-2023-51385

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els4_amd64.deb 184bd21c72ade183f0cd0e491a361273d2921941 openssh-server_7.6p1-4ubuntu0.7+tuxcare.els4_amd64.deb 42ac91ad5733239fc9b00bb2d8f849e6a1909dcb openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els4_amd64.deb fbdf0d28382c570a5fd877a905e0c620baf8170a ssh_7.6p1-4ubuntu0.7+tuxcare.els4_all.deb 3f00a7ef956e276ccac859e364598b8f6cb8e380 ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els4_amd64.deb dcb9df21b71c67ec83861a021b54f6ff700cf664 CLSA-2023:1703610997 TuxCare License Agreement 0 * Backport upstream releases 8u392 to 18.04 LTS * CVEs fixed in 8u392: - CVE-2023-22067: IOR deserialization issue in CORBA - CVE-2023-22081: Certificate path validation issue * CVEs fixed in 8u382: - CVE-2023-22045: OpenJDK incorrectly handled array accesses. - CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings. * Drop applied CVE-2022-40433.patch (changes are already in the sources) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream releases 8u392 to 18.04 LTS * CVEs fixed in 8u392: - CVE-2023-22067: IOR deserialization issue in CORBA - CVE-2023-22081: Certificate path validation issue * CVEs fixed in 8u382: - CVE-2023-22045: OpenJDK incorrectly handled array accesses. - CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings. * Drop applied CVE-2022-40433.patch (changes are already in the sources)

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 4f310ca5d1b7f7e64bc84199ecb4561c98636b17 openjdk-8-doc_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_all.deb 4e3f4940b9f029ee6c186edaecc50c6773d6cf99 openjdk-8-jdk_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 5714589159f8e5043939f5c112a258203ee54d0e openjdk-8-jdk-headless_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb b77be1f5f7a877939cfc4776252ad03eb88adb34 openjdk-8-jre_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 1ad44754117280195d3ec621d4eb29b3ace4ed09 openjdk-8-jre-headless_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 9ffa9e12ab76715fa69ec984022153608cefec0b openjdk-8-jre-zero_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb f566038176a22ded2e9ae19039dad21faa33fc6d openjdk-8-source_8u392-ga~us1-0ubuntu1~18.04+tuxcare.els1_all.deb 3719b9af22ccd670cafb37d5883823b8f58a9d4d CLSA-2023:1703611617 TuxCare License Agreement 0 * SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact - debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header - CVE-2023-45539 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact - debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header - CVE-2023-45539

0 tuxcare-ubuntu18.04-els haproxy_1.8.8-1ubuntu0.13.tuxcare.els2_amd64.deb fb5fee13694d583d8db6cb925aa79e9c09d0b5e7 haproxy-doc_1.8.8-1ubuntu0.13.tuxcare.els2_all.deb c21e91a67db7ca70f3d3edc46ec146806820b6bb vim-haproxy_1.8.8-1ubuntu0.13.tuxcare.els2_all.deb 402a63c9d995299152975bab80fa51781992e512 CLSA-2024:1705081413 TuxCare License Agreement 0 * SECURITY UPDATE: Request smuggling - debian/patches/CVE-2023-46589-pre1.patch: Correct a regression in the error page handling that prevented error pages from issuing redirects or taking other action that required the response status code to be changed - debian/patches/CVE-2023-46589-pre2.patch: Align processing of trailer headers with standard processing - debian/patches/CVE-2023-46589-pre3.patch: Differentiate request cancellation from a bad request - debian/patches/CVE-2023-46589-pre4.patch: Use application provided status code for error page if present - debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling - CVE-2023-46589 * Internal tests: - debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs - debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: Skipping tests incompatible with the firewall settings of the build system - debian/test_certs/user1.jks: Update the keystore file from the upstream branch 8.5.x Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Request smuggling - debian/patches/CVE-2023-46589-pre1.patch: Correct a regression in the error page handling that prevented error pages from issuing redirects or taking other action that required the response status code to be changed - debian/patches/CVE-2023-46589-pre2.patch: Align processing of trailer headers with standard processing - debian/patches/CVE-2023-46589-pre3.patch: Differentiate request cancellation from a bad request - debian/patches/CVE-2023-46589-pre4.patch: Use application provided status code for error page if present - debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling - CVE-2023-46589 * Internal tests: - debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs - debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: Skipping tests incompatible with the firewall settings of the build system - debian/test_certs/user1.jks: Update the keystore file from the upstream branch 8.5.x

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb 07cce26a61b69ff6d96df455bb54c72f6bb6435d libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb c211c8671268cbf28d5ede4c8aadb49d67049e8b tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb a79167c4a6f8746020c5f46f6ccc564d8505f3c5 tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb edbfdee19ae0fcb1826ed3191e00a8453fab2049 tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb 0543115c5a34c3d7c70a40e24b03b86a01251e88 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb d5f3459186a0fdaaaf62ed124fab528a9450a830 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb 8c2d9c4547d2449bdac45945f4cebaea0da6aead tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els6_all.deb 7833800a68293661edda75c429796db79c3fc1e0 CLSA-2024:1705081601 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path - netfilter: nft_dynset: disallow object maps * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path - netfilter: nft_dynset: disallow object maps * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 81d52644d120e80c464143f48f8db5a8ab1aeaf2 linux-buildinfo-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 9a8fd017defd7c5ade1e067aa97ee3f8691eaba2 linux-cloud-tools-4.15.0-222-tuxcare.els10_4.15.0-222.233_amd64.deb ad0c021de3c0cf654ead029b6a913c1bc7c40d8a linux-cloud-tools-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb eb7853fcc29e81606b827490535f929de1d2ca39 linux-cloud-tools-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb a3987240e61ddb68a2c8f999daa5aea3230a6f6c linux-cloud-tools-common_4.15.0-222.233_all.deb 38a6575d698305cd9e80dee5001ae5923f9c61b3 linux-cloud-tools-generic_4.15.0.222.233_amd64.deb 20be56112143e27ded7af9bcd2282a648833aeb0 linux-cloud-tools-lowlatency_4.15.0.222.233_amd64.deb 357e75a359b25b84f84fb90fc58c17f2692dd5ff linux-crashdump_4.15.0.222.233_amd64.deb 8c11e0cbf39f96449f819529d43111e36733c1d5 linux-doc_4.15.0-222.233_all.deb 146f4263332dd258ce6befea85ef11e84dbca2a6 linux-generic_4.15.0.222.233_amd64.deb 94ac2b509ce48d66cf5b358c21f4654f51b8d539 linux-headers-4.15.0-222-tuxcare.els10_4.15.0-222.233_all.deb c4129be65a3e990d8d7653843dd2a4ed1d333d53 linux-headers-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 615b890bb96ff7165bc213a54cea69aaab47d443 linux-headers-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 44cb6f1172c2dc267020135db79f8f3f43752e96 linux-headers-generic_4.15.0.222.233_amd64.deb dac0113f2f66fb4c6bd0fe6f7af27dc91f3c3125 linux-headers-lowlatency_4.15.0.222.233_amd64.deb e0d04cabb06be3c0a29cf661412dcfff026d6b50 linux-image-generic_4.15.0.222.233_amd64.deb 6bff0b2e3324e8f9e1e22adc0ff3eacc08fc9124 linux-image-lowlatency_4.15.0.222.233_amd64.deb 17fbf77942a4f8dbfc625a85255ce1474f862fba linux-image-unsigned-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb e377838b937ad3bc8fe5c0d929b0ee55c55faf06 linux-image-unsigned-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 244d26302f6237a355cc48dde0f3053c28efb4b7 linux-libc-dev_4.15.0-222.233_amd64.deb 2188df9c55676d8256077aa0340739b8ab279469 linux-lowlatency_4.15.0.222.233_amd64.deb 2fbcda8f3d12428c086b6eb046d556445fd2ddb6 linux-modules-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 09596800a4e246443c975a6c394b978f1c487e66 linux-modules-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 0961ac6ec98d0942489d1b44b8f29498e37e5c82 linux-modules-extra-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb edebb2b2c4892dc66c2cfbf3a4b678e74f027f45 linux-source_4.15.0.222.233_all.deb 6e01f1cf03b1cb1e389684796d8b2dc0d4861559 linux-source-4.15.0_4.15.0-222.233_all.deb 140e7d9674c0d0d4b78e70f9d829e7e694a36819 linux-tools-4.15.0-222-tuxcare.els10_4.15.0-222.233_amd64.deb 3554a01ba118094cec406cd4b17f1185eee5d6bb linux-tools-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 757a1bd557a7f1cb816d6e83bc4387651db7d053 linux-tools-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 5f8e4d6f17a6186629c2e6e9074c23e55dc4135c linux-tools-common_4.15.0-222.233_all.deb 7f21bb469e827cbe6fea2078e30d3c69dbfa5eb0 linux-tools-generic_4.15.0.222.233_amd64.deb 3f40746182729afdc246f24e4a41dbcbe67efed4 linux-tools-host_4.15.0-222.233_all.deb 9c2da8a912950d44f07e15652714ea788003e14a linux-tools-lowlatency_4.15.0.222.233_amd64.deb 60a67b2a0479c09cf4393eda9960b30fd967d21a CLSA-2024:1705081763 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path - netfilter: nft_dynset: disallow object maps * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-7192 - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() * CVE-url: https://ubuntu.com/security/CVE-2023-6610 - smb: client: fix potential OOB in smb2_dump_detail() * CVE-url: https://ubuntu.com/security/CVE-2023-6606 - smb: client: fix OOB in smbCalcSize() * CVE-url: https://ubuntu.com/security/CVE-2023-6546 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2023-6932 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet * CVE-url: https://ubuntu.com/security/CVE-2023-6931 - perf: Fix perf_event_validate_size() - perf: Fix perf_event_validate_size() lockdep splat * CVE-2023-4244 // CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: GC transaction race with abort path - netfilter: nft_dynset: disallow object maps * CVE-url: https://ubuntu.com/security/CVE-2023-4244 - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() - netfilter: nf_tables: use net_generic infra for transaction data - netfilter: nftables: add nft_pernet() helper function - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: fix chain dependency validation - netfilter: nf_tables: place all set backends in one single module - netfilter: nf_tables: make sets built-in * Miscellaneous Ubuntu changes - [Config] updateconfigs for CONFIG_NFT_SET_RBTREE CONFIG_NFT_SET_HASH CONFIG_NFT_SET_BITMAP

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 81d52644d120e80c464143f48f8db5a8ab1aeaf2 linux-buildinfo-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 9a8fd017defd7c5ade1e067aa97ee3f8691eaba2 linux-cloud-tools-4.15.0-222-tuxcare.els10_4.15.0-222.233_amd64.deb ad0c021de3c0cf654ead029b6a913c1bc7c40d8a linux-cloud-tools-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb eb7853fcc29e81606b827490535f929de1d2ca39 linux-cloud-tools-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb a3987240e61ddb68a2c8f999daa5aea3230a6f6c linux-cloud-tools-common_4.15.0-222.233_all.deb 38a6575d698305cd9e80dee5001ae5923f9c61b3 linux-cloud-tools-generic_4.15.0.222.233_amd64.deb 20be56112143e27ded7af9bcd2282a648833aeb0 linux-cloud-tools-lowlatency_4.15.0.222.233_amd64.deb 357e75a359b25b84f84fb90fc58c17f2692dd5ff linux-crashdump_4.15.0.222.233_amd64.deb 8c11e0cbf39f96449f819529d43111e36733c1d5 linux-doc_4.15.0-222.233_all.deb 146f4263332dd258ce6befea85ef11e84dbca2a6 linux-generic_4.15.0.222.233_amd64.deb 94ac2b509ce48d66cf5b358c21f4654f51b8d539 linux-headers-4.15.0-222-tuxcare.els10_4.15.0-222.233_all.deb c4129be65a3e990d8d7653843dd2a4ed1d333d53 linux-headers-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 615b890bb96ff7165bc213a54cea69aaab47d443 linux-headers-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 44cb6f1172c2dc267020135db79f8f3f43752e96 linux-headers-generic_4.15.0.222.233_amd64.deb dac0113f2f66fb4c6bd0fe6f7af27dc91f3c3125 linux-headers-lowlatency_4.15.0.222.233_amd64.deb e0d04cabb06be3c0a29cf661412dcfff026d6b50 linux-image-generic_4.15.0.222.233_amd64.deb 6bff0b2e3324e8f9e1e22adc0ff3eacc08fc9124 linux-image-lowlatency_4.15.0.222.233_amd64.deb 17fbf77942a4f8dbfc625a85255ce1474f862fba linux-image-unsigned-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb e377838b937ad3bc8fe5c0d929b0ee55c55faf06 linux-image-unsigned-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 244d26302f6237a355cc48dde0f3053c28efb4b7 linux-libc-dev_4.15.0-222.233_amd64.deb 2188df9c55676d8256077aa0340739b8ab279469 linux-lowlatency_4.15.0.222.233_amd64.deb 2fbcda8f3d12428c086b6eb046d556445fd2ddb6 linux-modules-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 09596800a4e246443c975a6c394b978f1c487e66 linux-modules-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 0961ac6ec98d0942489d1b44b8f29498e37e5c82 linux-modules-extra-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb edebb2b2c4892dc66c2cfbf3a4b678e74f027f45 linux-source_4.15.0.222.233_all.deb 6e01f1cf03b1cb1e389684796d8b2dc0d4861559 linux-source-4.15.0_4.15.0-222.233_all.deb 140e7d9674c0d0d4b78e70f9d829e7e694a36819 linux-tools-4.15.0-222-tuxcare.els10_4.15.0-222.233_amd64.deb 3554a01ba118094cec406cd4b17f1185eee5d6bb linux-tools-4.15.0-222-tuxcare.els10-generic_4.15.0-222.233_amd64.deb 757a1bd557a7f1cb816d6e83bc4387651db7d053 linux-tools-4.15.0-222-tuxcare.els10-lowlatency_4.15.0-222.233_amd64.deb 5f8e4d6f17a6186629c2e6e9074c23e55dc4135c linux-tools-common_4.15.0-222.233_all.deb 7f21bb469e827cbe6fea2078e30d3c69dbfa5eb0 linux-tools-generic_4.15.0.222.233_amd64.deb 3f40746182729afdc246f24e4a41dbcbe67efed4 linux-tools-host_4.15.0-222.233_all.deb 9c2da8a912950d44f07e15652714ea788003e14a linux-tools-lowlatency_4.15.0.222.233_amd64.deb 60a67b2a0479c09cf4393eda9960b30fd967d21a CLSA-2024:1705941083 TuxCare License Agreement 0 * Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificares were updated: # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificares were updated: # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"

0 tuxcare-ubuntu18.04-els ca-certificates_20231207ubuntu0.18.04.1+tuxcare.els1_all.deb 9381f6916fe0c4a3912a976f20dcc0d4c9795f8f CLSA-2024:1706026919 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service in HTTP Request parsing - debian/patches/CVE-2023-50269.patch: Limit the number of allowed X-Forwarded-For hops - CVE-2023-50269 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service in HTTP Request parsing - debian/patches/CVE-2023-50269.patch: Limit the number of allowed X-Forwarded-For hops - CVE-2023-50269

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els4_amd64.deb f4d65af0ae59a6953cfd9bc9c8c0f2b5c710c9f6 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els4_amd64.deb ab3cc8b891e61d628bd5b0fd79d3a20cad414237 squid-common_3.5.27-1ubuntu1.14+tuxcare.els4_all.deb f0a37bc642d64519abc73b32e6d8ceb2f4c2aea6 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els4_amd64.deb a6b81bc1770c98e8712bee06e7ee6545d701c029 squid3_3.5.27-1ubuntu1.14+tuxcare.els4_all.deb 5ce4c09beecc3eec0b98113da6f4877dade7b601 squidclient_3.5.27-1ubuntu1.14+tuxcare.els4_amd64.deb 877cbb9374a5c4c32e4f6e94258e76e7b2b32f72 CLSA-2024:1706215424 TuxCare License Agreement 0 * SECURITY UPDATE: Heap-based buffer overflow in sessionReadRecord function of make alltest Handler - debian/patches/CVE-2023-7104.patch: Fix buffer overread in sessions extension when processing corrupt changeset. - CVE-2023-7104 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based buffer overflow in sessionReadRecord function of make alltest Handler - debian/patches/CVE-2023-7104.patch: Fix buffer overread in sessions extension when processing corrupt changeset. - CVE-2023-7104

0 tuxcare-ubuntu18.04-els lemon_3.22.0-1ubuntu0.7+tuxcare.els1_amd64.deb d5ea4ad068d59e614cc378d7f4fd274a26795934 libsqlite3-0_3.22.0-1ubuntu0.7+tuxcare.els1_amd64.deb 96e9d24ae40b3cb959e9efcdca1a880d9ecb67df libsqlite3-dev_3.22.0-1ubuntu0.7+tuxcare.els1_amd64.deb e19f97e0173be8b338e3493e6635d3543a53d07d libsqlite3-tcl_3.22.0-1ubuntu0.7+tuxcare.els1_amd64.deb 3104f95d3af2f60ea4b30b7a55f8e977ed546bdb sqlite3_3.22.0-1ubuntu0.7+tuxcare.els1_amd64.deb 4cc06ed3daeaf885eaa53eec56ca25e0ec24b956 sqlite3-doc_3.22.0-1ubuntu0.7+tuxcare.els1_all.deb d0c406f0e296f44efa162671cd78ee7ce30f5f9e CLSA-2024:1706617379 TuxCare License Agreement 0 * Jammy update: v5.15.140 upstream stable release (LP: #2050038) // CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() * CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: Introduce new 64-bit helper register functions * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) // CVE-url: https://ubuntu.com/security/CVE-2023-1079 - HID: asus: Remove check for same LED brightness on set - HID: asus: use spinlock to protect concurrent accesses - HID: asus: use spinlock to safely schedule workers * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2024-0639 - sctp: fix potential deadlock on &net->sctp.addr_wq_lock * CVE-url: https://ubuntu.com/security/CVE-2023-6915 - ida: Fix crash in ida_free when the bitmap is empty * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2024-0340 - vhost: use kzalloc() instead of kmalloc() followed by memset() * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.140 upstream stable release (LP: #2050038) // CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() * CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: Introduce new 64-bit helper register functions * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) // CVE-url: https://ubuntu.com/security/CVE-2023-1079 - HID: asus: Remove check for same LED brightness on set - HID: asus: use spinlock to protect concurrent accesses - HID: asus: use spinlock to safely schedule workers * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2024-0639 - sctp: fix potential deadlock on &net->sctp.addr_wq_lock * CVE-url: https://ubuntu.com/security/CVE-2023-6915 - ida: Fix crash in ida_free when the bitmap is empty * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2024-0340 - vhost: use kzalloc() instead of kmalloc() followed by memset() * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 08235b6d046208a6cb993392b41b1424cd032ee1 linux-buildinfo-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb cf15c6995f9174db4ea236de46f44cdbd4cddb8f linux-cloud-tools-4.15.0-223-tuxcare.els11_4.15.0-223.234_amd64.deb decd358e44c4fc0d17a6d1d9d108931b27aa031a linux-cloud-tools-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 6a7ceddec872cb2713a884e8c1479b21c482f7fa linux-cloud-tools-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb ab62215d17b901167184e29a2a4713d01b85dcef linux-cloud-tools-common_4.15.0-223.234_all.deb 44a59940bb3a341ffa5c6fecd68ececac781301c linux-cloud-tools-generic_4.15.0.223.234_amd64.deb 28b1e5152bbae2e13b00bf236be4361b13c2de74 linux-cloud-tools-lowlatency_4.15.0.223.234_amd64.deb 3affce90ed59e900828dcf71a1fd0ab7b64430bf linux-crashdump_4.15.0.223.234_amd64.deb f090b65f0e613c376f6d5e3771305cca37a71ab5 linux-doc_4.15.0-223.234_all.deb 4e68dced51b0eb571df47d2898ff08f0cb8e672a linux-generic_4.15.0.223.234_amd64.deb fba64ef1575a752df6625804686209b0e73cccd9 linux-headers-4.15.0-223-tuxcare.els11_4.15.0-223.234_all.deb 7eb8a565c99019b39da777360cd65abcb5b64fdc linux-headers-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 0d8693e16534e833baa86268f115246ba79b654f linux-headers-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb 9af048c1875845c13c5d93f4070fcdb289f84d5a linux-headers-generic_4.15.0.223.234_amd64.deb b83ecd93f85b4e2ef0725b5f586e374c8f2cdde7 linux-headers-lowlatency_4.15.0.223.234_amd64.deb 1518779e2f1b667a4bae0098229c17bf9e7a6ba7 linux-image-generic_4.15.0.223.234_amd64.deb 26530a6278b39dbcae06f87ec332c401b25a0128 linux-image-lowlatency_4.15.0.223.234_amd64.deb 232195be5a119605d4fb42e3c9e66c1e69366cf4 linux-image-unsigned-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 47dcf8a94caa1db97c23291c0b6f30c714bec8d8 linux-image-unsigned-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb ff76141a09420cf19557bf2b49a179fdfd33fdb6 linux-libc-dev_4.15.0-223.234_amd64.deb 28d5663e019fdb8c70e12235a7a1449b4b7ab233 linux-lowlatency_4.15.0.223.234_amd64.deb f315157b0cda18f0374ab135522cba23baa4ba98 linux-modules-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 4882f4a9c62eac99bbde8a3ecf024ba457497c3d linux-modules-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb 8a6664b407f4b5bbd119aee8ce6dae5371b50f05 linux-modules-extra-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb ad496842ad461db6fa2f96669c0cd7a7d125dd39 linux-source_4.15.0.223.234_all.deb 0408f1738edacb5c85fa300dea39c57df7cbc1ef linux-source-4.15.0_4.15.0-223.234_all.deb 8e8b9a5667fa3b3cf9efabc2d3ed02909558827d linux-tools-4.15.0-223-tuxcare.els11_4.15.0-223.234_amd64.deb fa33c917ca4c3638d72f91a405abc1c968584352 linux-tools-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb ebbf9ba0ba354e6f7f5d693a4b64c3909a74b66a linux-tools-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb 1d274ea9de3dba97589b99bb0dc0b3e340554590 linux-tools-common_4.15.0-223.234_all.deb 53cbd152212f3d4347ca025a7bf738b32563f3e5 linux-tools-generic_4.15.0.223.234_amd64.deb 8dbeb3dfb8864feb735ce202f1a1e346c66e6f86 linux-tools-host_4.15.0-223.234_all.deb b1c46c8e90830f485b5c42615642c2493a1c966e linux-tools-lowlatency_4.15.0.223.234_amd64.deb 277022f90ca241b3dfaea808b8bdfbe9b42b6d9d CLSA-2024:1706618382 TuxCare License Agreement 0 * Jammy update: v5.15.140 upstream stable release (LP: #2050038) // CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() * CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: Introduce new 64-bit helper register functions * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) // CVE-url: https://ubuntu.com/security/CVE-2023-1079 - HID: asus: Remove check for same LED brightness on set - HID: asus: use spinlock to protect concurrent accesses - HID: asus: use spinlock to safely schedule workers * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2024-0639 - sctp: fix potential deadlock on &net->sctp.addr_wq_lock * CVE-url: https://ubuntu.com/security/CVE-2023-6915 - ida: Fix crash in ida_free when the bitmap is empty * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2024-0340 - vhost: use kzalloc() instead of kmalloc() followed by memset() * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Jammy update: v5.15.140 upstream stable release (LP: #2050038) // CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() * CVE-url: https://ubuntu.com/security/CVE-2024-0607 - netfilter: nf_tables: Introduce new 64-bit helper register functions * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) // CVE-url: https://ubuntu.com/security/CVE-2023-1079 - HID: asus: Remove check for same LED brightness on set - HID: asus: use spinlock to protect concurrent accesses - HID: asus: use spinlock to safely schedule workers * CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add SM4_1 flag - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurface_v3 - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM4_1 param to user space - drm/vmwgfx: Update the device headers - drm/vmwgfx: Fix shader stage validation * CVE-url: https://ubuntu.com/security/CVE-2024-0639 - sctp: fix potential deadlock on &net->sctp.addr_wq_lock * CVE-url: https://ubuntu.com/security/CVE-2023-6915 - ida: Fix crash in ida_free when the bitmap is empty * CVE-url: https://ubuntu.com/security/CVE-2023-6040 - netfilter: nf_tables: Reject tables of unsupported family * CVE-url: https://ubuntu.com/security/CVE-2023-51780 - atm: Fix Use-After-Free in do_vcc_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51782 - net/rose: Fix Use-After-Free in rose_ioctl * CVE-url: https://ubuntu.com/security/CVE-2023-51781 - appletalk: Fix Use-After-Free in atalk_ioctl * CVE-url: https://ubuntu.com/security/CVE-2024-0340 - vhost: use kzalloc() instead of kmalloc() followed by memset() * CVE-2023-51779 // CVE-url: https://ubuntu.com/security/CVE-2023-51779 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg * Jammy update: v5.15.135 upstream stable release (LP: #2045809) // CVE-url: https://ubuntu.com/security/CVE-2023-34324 - xen/events: replace evtchn_rwlock with RCU * Miscellaneous upstream changes - drm/vmwgfx: Use enum to represent graphics context capabilities

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 08235b6d046208a6cb993392b41b1424cd032ee1 linux-buildinfo-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb cf15c6995f9174db4ea236de46f44cdbd4cddb8f linux-cloud-tools-4.15.0-223-tuxcare.els11_4.15.0-223.234_amd64.deb decd358e44c4fc0d17a6d1d9d108931b27aa031a linux-cloud-tools-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 6a7ceddec872cb2713a884e8c1479b21c482f7fa linux-cloud-tools-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb ab62215d17b901167184e29a2a4713d01b85dcef linux-cloud-tools-common_4.15.0-223.234_all.deb 44a59940bb3a341ffa5c6fecd68ececac781301c linux-cloud-tools-generic_4.15.0.223.234_amd64.deb 28b1e5152bbae2e13b00bf236be4361b13c2de74 linux-cloud-tools-lowlatency_4.15.0.223.234_amd64.deb 3affce90ed59e900828dcf71a1fd0ab7b64430bf linux-crashdump_4.15.0.223.234_amd64.deb f090b65f0e613c376f6d5e3771305cca37a71ab5 linux-doc_4.15.0-223.234_all.deb 4e68dced51b0eb571df47d2898ff08f0cb8e672a linux-generic_4.15.0.223.234_amd64.deb fba64ef1575a752df6625804686209b0e73cccd9 linux-headers-4.15.0-223-tuxcare.els11_4.15.0-223.234_all.deb 7eb8a565c99019b39da777360cd65abcb5b64fdc linux-headers-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 0d8693e16534e833baa86268f115246ba79b654f linux-headers-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb 9af048c1875845c13c5d93f4070fcdb289f84d5a linux-headers-generic_4.15.0.223.234_amd64.deb b83ecd93f85b4e2ef0725b5f586e374c8f2cdde7 linux-headers-lowlatency_4.15.0.223.234_amd64.deb 1518779e2f1b667a4bae0098229c17bf9e7a6ba7 linux-image-generic_4.15.0.223.234_amd64.deb 26530a6278b39dbcae06f87ec332c401b25a0128 linux-image-lowlatency_4.15.0.223.234_amd64.deb 232195be5a119605d4fb42e3c9e66c1e69366cf4 linux-image-unsigned-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 47dcf8a94caa1db97c23291c0b6f30c714bec8d8 linux-image-unsigned-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb ff76141a09420cf19557bf2b49a179fdfd33fdb6 linux-libc-dev_4.15.0-223.234_amd64.deb 28d5663e019fdb8c70e12235a7a1449b4b7ab233 linux-lowlatency_4.15.0.223.234_amd64.deb f315157b0cda18f0374ab135522cba23baa4ba98 linux-modules-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb 4882f4a9c62eac99bbde8a3ecf024ba457497c3d linux-modules-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb 8a6664b407f4b5bbd119aee8ce6dae5371b50f05 linux-modules-extra-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb ad496842ad461db6fa2f96669c0cd7a7d125dd39 linux-source_4.15.0.223.234_all.deb 0408f1738edacb5c85fa300dea39c57df7cbc1ef linux-source-4.15.0_4.15.0-223.234_all.deb 8e8b9a5667fa3b3cf9efabc2d3ed02909558827d linux-tools-4.15.0-223-tuxcare.els11_4.15.0-223.234_amd64.deb fa33c917ca4c3638d72f91a405abc1c968584352 linux-tools-4.15.0-223-tuxcare.els11-generic_4.15.0-223.234_amd64.deb ebbf9ba0ba354e6f7f5d693a4b64c3909a74b66a linux-tools-4.15.0-223-tuxcare.els11-lowlatency_4.15.0-223.234_amd64.deb 1d274ea9de3dba97589b99bb0dc0b3e340554590 linux-tools-common_4.15.0-223.234_all.deb 53cbd152212f3d4347ca025a7bf738b32563f3e5 linux-tools-generic_4.15.0.223.234_amd64.deb 8dbeb3dfb8864feb735ce202f1a1e346c66e6f86 linux-tools-host_4.15.0-223.234_all.deb b1c46c8e90830f485b5c42615642c2493a1c966e linux-tools-lowlatency_4.15.0.223.234_amd64.deb 277022f90ca241b3dfaea808b8bdfbe9b42b6d9d CLSA-2024:1706697759 TuxCare License Agreement 0 * OpenJDK 11.0.21 release, build 9. - CVE-2023-22081 - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-October/026351.html - adjust debian/pathes/exclude-broken-tests.patch Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 11.0.21 release, build 9. - CVE-2023-22081 - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-October/026351.html - adjust debian/pathes/exclude-broken-tests.patch

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 619b781861d28d4f4c492ae14150408781b0dfec openjdk-11-doc_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_all.deb 32aafc8d1bb878c8c9036389950d96940e47cfe6 openjdk-11-jdk_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb be44dd58fdf0273ca7e5a5e49f2a81a6c3601b38 openjdk-11-jdk-headless_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 01d0d049f2d91645f46f09251beb2d59b0c25449 openjdk-11-jre_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 26eea4bb91a8d76f22352901e36a195c8aa30062 openjdk-11-jre-headless_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb dd84882c8d9f606ca172b059c6bb5e0532939230 openjdk-11-jre-zero_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb abee3aa4d47c4396ccf9b2eb8cbbafdc9dd27be3 openjdk-11-source_11.0.21+9-0ubuntu1~18.04.1+tuxcare.els1_all.deb 5847bb1f14ab75a61c525069bb508dddbd52134c CLSA-2024:1707379599 TuxCare License Agreement 0 * Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20231207: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.64. - The following certificates authorities were added: # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "CommScope Public Trust ECC Root-01" # Certificate "CommScope Public Trust ECC Root-02" # Certificate "CommScope Public Trust RSA Root-01" # Certificate "CommScope Public Trust RSA Root-02" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" - The following certificates were removed: # Certificate "E-Tugra Certification Authority" # Certificate "Hongkong Post Root CA 1" # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" # Certificate "TrustCor ECA-1" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"

0 tuxcare-ubuntu18.04-els libnss3_3.35-2ubuntu2.16+tuxcare.els2_amd64.deb 30e60b09a9f41953a6cfe46b7f4d5c16741c9034 libnss3-dev_3.35-2ubuntu2.16+tuxcare.els2_amd64.deb 2983c49353c6c9bba7b0c727e22ba70800ea9a1a libnss3-tools_3.35-2ubuntu2.16+tuxcare.els2_amd64.deb f5c7942a6dec1e63449397d0f132c4165218c8dc CLSA-2024:1707419801 TuxCare License Agreement 0 * SECURITY UPDATE: timing side-channel in the RSA-PSK ClientKeyExchange - debian/patches/nettle-pk-randomness-level.patch: (nettle/pk) use the appropriate level of randomness for each operation. - debian/patches/pk-_gnutls_switch_lib_state.patch: (pk) always use _gnutls_switch_lib_state. - debian/patches/constant-time-cache-pkcs-1-rsa-decryption.patch: Constant time/cache PKCS#1 RSA decryption. - debian/patches/auth-rsa_psk-side-channel.patch: (auth/rsa_psk) side-step potential side-channel. - debian/libgnutls30.symbols: add gnutls_privkey_decrypt_data2. - CVE-2023-5981 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: timing side-channel in the RSA-PSK ClientKeyExchange - debian/patches/nettle-pk-randomness-level.patch: (nettle/pk) use the appropriate level of randomness for each operation. - debian/patches/pk-_gnutls_switch_lib_state.patch: (pk) always use _gnutls_switch_lib_state. - debian/patches/constant-time-cache-pkcs-1-rsa-decryption.patch: Constant time/cache PKCS#1 RSA decryption. - debian/patches/auth-rsa_psk-side-channel.patch: (auth/rsa_psk) side-step potential side-channel. - debian/libgnutls30.symbols: add gnutls_privkey_decrypt_data2. - CVE-2023-5981

0 tuxcare-ubuntu18.04-els gnutls-bin_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb 8073188bb9f01ebf344caf07eb8e95f1e895b099 gnutls-doc_3.5.18-1ubuntu1.6+tuxcare.els1_all.deb 2ac10145a340273d015bff4bc75c65292174eb0d libgnutls-dane0_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb e9f1af5e8186d98c2db3c55aaa6ff24e86515219 libgnutls-openssl27_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb ba88e82082da587a588441422a53482355a3d071 libgnutls28-dev_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb c8531252e5ad001c508fbacf7b97c52e22b186c2 libgnutls30_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb 04b4c16812e9ac9332ab8475a30fe459273efc95 libgnutlsxx28_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb baf81afe409780e3a7471f2a81abb34dad9df650 CLSA-2024:1707420183 TuxCare License Agreement 0 * SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb 80fad61a0116d60636926470bcb0766bcf612813 openssh-server_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb 6b6f1b5bb80f5a782cdc687265ffca1db739c433 openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb 14257e29fc71248d35578f7e42803350dc63b59b ssh_7.6p1-4ubuntu0.7+tuxcare.els5_all.deb bcefabafc745205be509f11568b8128a1119d8a2 ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb 19b4884858cc223616937703af8820467a962e5b CLSA-2024:1707420277 TuxCare License Agreement 0 * SECURITY UPDATE: Incorrect parsing of HTTP trailer headers - debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling - CVE-2023-46589 * Internal tests: - debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs - debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: Skipping tests incompatible with the firewall settings of the build system - debian/test_certs/*, debian/source/include-binaries, debian/rules: Update the keystore files and certificates from the upstream branch 9.0.x to fix internal tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incorrect parsing of HTTP trailer headers - debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling - CVE-2023-46589 * Internal tests: - debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs - debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: Skipping tests incompatible with the firewall settings of the build system - debian/test_certs/*, debian/source/include-binaries, debian/rules: Update the keystore files and certificates from the upstream branch 9.0.x to fix internal tests

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb f841f1b5918f56aea65d19b6ae0d4caf7a9bd248 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb 16d8718e1bc4b9d4faa579a242e6c04945bc69a0 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb 5f9152121f78e376535b2d5d62b6b2c2b505c630 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb f6412f40d46eb24d5bfe0489d1799000b47069fe tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb 34f5637d2d3cec09b9cf385ac01b505196183776 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb 8aa78717e7f36dea95f9afa3da445cc8a82a54cd tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb 3eeddcf7e025f17eab724d0adcf627e742e07a7b tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els4_all.deb c968ddc5a981e99162296be28b3dc394a049fa81 CLSA-2024:1707822783 TuxCare License Agreement 0 * SECURITY UPDATE: Memory disclosure in aggregate function calls - debian/patches/CVE-2023-5868.patch: Compute aggregate argument types correctly in transformAggregateCall(). - CVE-2023-5868 * SECURITY UPDATE: Role "pg_signal_backend" can signal certain superuser processes - debian/patches/CVE-2023-5870.patch: Ban role pg_signal_backend from more superuser backend. - CVE-2023-5870 -- Vladimir D. Seleznev <vseleznev@cloudlinux.com> Thu, 25 Jan 2024 21:31:25 +0200 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Memory disclosure in aggregate function calls - debian/patches/CVE-2023-5868.patch: Compute aggregate argument types correctly in transformAggregateCall(). - CVE-2023-5868 * SECURITY UPDATE: Role "pg_signal_backend" can signal certain superuser processes - debian/patches/CVE-2023-5870.patch: Ban role pg_signal_backend from more superuser backend. - CVE-2023-5870 -- Vladimir D. Seleznev <vseleznev@cloudlinux.com> Thu, 25 Jan 2024 21:31:25 +0200

0 tuxcare-ubuntu18.04-els libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb 57c0bf25cc24e08112a32774972ecd0759083b47 libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb 9efe962f1664a09ec3204716608823a5cf412221 libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb 9609b4993145eb766da321a28a88438d66fae4da libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb b5938cf1b375a216d50079c2e532f5c1a4da904b libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb f0361e43c293b880593a9f1aeb807351ba061ce1 libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb 0c26ac714defd8faa82b21a85c430c33d09bebc9 postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb cc21cf7554f9a598973e8d204e20c0c4dd3961f4 postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb 35c102cbba801fa6ce4b35343dd1646ee9d6fd02 postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_all.deb 150dc376d51deeca4756fb0a06d17bc997780cc1 postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb 9857809e2f7f9f70011ab7308b92d434976217eb postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb cfe522a62f9ed3db3e95e8f66926c756f26ebcff postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb fb37037ad0308da99ea4892d1adac9c33541c80b postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb ae6ad252d2357998563188ce4e41f01a151dde8e postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb d942bfaa5e53362052d9900c9b0804cd70f2ec19 CLSA-2024:1708025673 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2023-12-05: + Update Microcode for 19h family: sig 0x00a10f12, sig 0x00a10f11, sig 0x00aa0f02; + Update Microcode for 17h family: sig 0x00830f10; None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2023-12-05: + Update Microcode for 19h family: sig 0x00a10f12, sig 0x00a10f11, sig 0x00aa0f02; + Update Microcode for 17h family: sig 0x00830f10;

0 tuxcare-ubuntu18.04-els amd64-microcode_3.20231205.1ubuntu0.18.04.1+tuxcare.els1_amd64.deb 4f8bf6390dd2082866712487bd063814ca390a3e CLSA-2024:1708171036 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-23849 - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2023-51042 - drm/amdgpu: Fix potential fence use-after-free v2 * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-23849 - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2023-51042 - drm/amdgpu: Fix potential fence use-after-free v2 * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 10c516c73d8b6cf55294c4d8706b97d51056f1a8 linux-buildinfo-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb fe3f40a321b6dceae1aa37d980ed1b1cd8b43a76 linux-cloud-tools-4.15.0-224-tuxcare.els12_4.15.0-224.235_amd64.deb 1caac998ddb09d80d0ad18a72e147c0ac50816f9 linux-cloud-tools-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 4265791e176a434193d53fc1b5fc886bd291de2a linux-cloud-tools-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb 6dd162e42219864171dd02fc0e25a423ac747ddd linux-cloud-tools-common_4.15.0-224.235_all.deb 0c5d7c097b13f0ceed165844301900bc722c01e8 linux-cloud-tools-generic_4.15.0.224.235_amd64.deb a0ee693eb34bae6087c54926842407ea21ca7c95 linux-cloud-tools-lowlatency_4.15.0.224.235_amd64.deb bb58d2d38817f17e64978d7bd0f9291d9a838808 linux-crashdump_4.15.0.224.235_amd64.deb c18c538e59a081130257912c59ed8b9206547202 linux-doc_4.15.0-224.235_all.deb 03c58b13cabf084923ebf09fe7757aad49678bf7 linux-generic_4.15.0.224.235_amd64.deb d0b4796be6701ed9a8ad4b564be6aea3ea2a119c linux-headers-4.15.0-224-tuxcare.els12_4.15.0-224.235_all.deb 567a54fd58fd3988bfb443460edf3c2ca017ffeb linux-headers-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 638c7f9bfc285e609fcfdbd67c833e1d74f69fb6 linux-headers-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb bd1645312a28b9d8e2010d58b91272ebdb0a8214 linux-headers-generic_4.15.0.224.235_amd64.deb 764498f28bfeb1a1f0db031d447fae14751eb7b9 linux-headers-lowlatency_4.15.0.224.235_amd64.deb 76b1f76ac2bda44484fdd0faa04b4776b8ec5b51 linux-image-generic_4.15.0.224.235_amd64.deb 507925b1440dbc5ce2b96cd50d5e14f1ec698e96 linux-image-lowlatency_4.15.0.224.235_amd64.deb 930a690de898016b7514dc600e773b026fb51799 linux-image-unsigned-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb a175a86de161cccd76d62e724d070dc615d9e981 linux-image-unsigned-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb ca7da598203c21906ad79057488cfb17febce0df linux-libc-dev_4.15.0-224.235_amd64.deb a877adacebb2c268bc3b2f7ce9621f0fbc855157 linux-lowlatency_4.15.0.224.235_amd64.deb 918c46c10ef54b9c847232c52213e3b31b05eeff linux-modules-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 14897bd6403df80c1c7fb1d1d9f2c83a4fbf9c6e linux-modules-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb 8304306ccb25e2ec396bd7cd6e92eefb6af7cf0c linux-modules-extra-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 86c90295d0b988e6c61818684b33108f6ab840f1 linux-source_4.15.0.224.235_all.deb 7b9300d474f3e73b568e6cafb7d93481f5c9f254 linux-source-4.15.0_4.15.0-224.235_all.deb 19faaf44025b3996c2170db3330f565ac186cf02 linux-tools-4.15.0-224-tuxcare.els12_4.15.0-224.235_amd64.deb 8d404270f6101fef9811601e032491da259fee71 linux-tools-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb de0eab382ee0a995bfe91dce6894108b343b06b9 linux-tools-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb bdc2a7f9a2909a67ecdc6fc4ce0e8b27eceac8f5 linux-tools-common_4.15.0-224.235_all.deb f53661c0a357debddc263a4c059e4ba65044c198 linux-tools-generic_4.15.0.224.235_amd64.deb 2b83eb8d325007939529da15a2e067fad503a057 linux-tools-host_4.15.0-224.235_all.deb 62c01cf2d578b95c2fc92867555fdc273a6b8aa7 linux-tools-lowlatency_4.15.0.224.235_amd64.deb c0d85fb9366af4cebcc5a020f8d4606b7158dcbc CLSA-2024:1708171186 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-23849 - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2023-51042 - drm/amdgpu: Fix potential fence use-after-free v2 * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-23851 - dm: limit the number of targets and parameter size area * CVE-url: https://ubuntu.com/security/CVE-2024-23849 - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv * CVE-url: https://ubuntu.com/security/CVE-2024-1086 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-url: https://ubuntu.com/security/CVE-2023-35827 - ravb: Fix use-after-free issue in ravb_tx_timeout_work() * CVE-url: https://ubuntu.com/security/CVE-2023-46838 - xen-netback: don't produce zero-size SKB frags * CVE-url: https://ubuntu.com/security/CVE-2024-22705 - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() * CVE-url: https://ubuntu.com/security/CVE-2023-46343 - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() * CVE-url: https://ubuntu.com/security/CVE-2023-51042 - drm/amdgpu: Fix potential fence use-after-free v2 * CVE-url: https://ubuntu.com/security/CVE-2024-0775 - ext4: improve error recovery code paths in __ext4_remount() * CVE-url: https://ubuntu.com/security/CVE-2023-51043 - drm/atomic: Fix potential use-after-free in nonblocking commits

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 10c516c73d8b6cf55294c4d8706b97d51056f1a8 linux-buildinfo-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb fe3f40a321b6dceae1aa37d980ed1b1cd8b43a76 linux-cloud-tools-4.15.0-224-tuxcare.els12_4.15.0-224.235_amd64.deb 1caac998ddb09d80d0ad18a72e147c0ac50816f9 linux-cloud-tools-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 4265791e176a434193d53fc1b5fc886bd291de2a linux-cloud-tools-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb 6dd162e42219864171dd02fc0e25a423ac747ddd linux-cloud-tools-common_4.15.0-224.235_all.deb 0c5d7c097b13f0ceed165844301900bc722c01e8 linux-cloud-tools-generic_4.15.0.224.235_amd64.deb a0ee693eb34bae6087c54926842407ea21ca7c95 linux-cloud-tools-lowlatency_4.15.0.224.235_amd64.deb bb58d2d38817f17e64978d7bd0f9291d9a838808 linux-crashdump_4.15.0.224.235_amd64.deb c18c538e59a081130257912c59ed8b9206547202 linux-doc_4.15.0-224.235_all.deb 03c58b13cabf084923ebf09fe7757aad49678bf7 linux-generic_4.15.0.224.235_amd64.deb d0b4796be6701ed9a8ad4b564be6aea3ea2a119c linux-headers-4.15.0-224-tuxcare.els12_4.15.0-224.235_all.deb 567a54fd58fd3988bfb443460edf3c2ca017ffeb linux-headers-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 638c7f9bfc285e609fcfdbd67c833e1d74f69fb6 linux-headers-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb bd1645312a28b9d8e2010d58b91272ebdb0a8214 linux-headers-generic_4.15.0.224.235_amd64.deb 764498f28bfeb1a1f0db031d447fae14751eb7b9 linux-headers-lowlatency_4.15.0.224.235_amd64.deb 76b1f76ac2bda44484fdd0faa04b4776b8ec5b51 linux-image-generic_4.15.0.224.235_amd64.deb 507925b1440dbc5ce2b96cd50d5e14f1ec698e96 linux-image-lowlatency_4.15.0.224.235_amd64.deb 930a690de898016b7514dc600e773b026fb51799 linux-image-unsigned-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb a175a86de161cccd76d62e724d070dc615d9e981 linux-image-unsigned-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb ca7da598203c21906ad79057488cfb17febce0df linux-libc-dev_4.15.0-224.235_amd64.deb a877adacebb2c268bc3b2f7ce9621f0fbc855157 linux-lowlatency_4.15.0.224.235_amd64.deb 918c46c10ef54b9c847232c52213e3b31b05eeff linux-modules-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 14897bd6403df80c1c7fb1d1d9f2c83a4fbf9c6e linux-modules-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb 8304306ccb25e2ec396bd7cd6e92eefb6af7cf0c linux-modules-extra-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb 86c90295d0b988e6c61818684b33108f6ab840f1 linux-source_4.15.0.224.235_all.deb 7b9300d474f3e73b568e6cafb7d93481f5c9f254 linux-source-4.15.0_4.15.0-224.235_all.deb 19faaf44025b3996c2170db3330f565ac186cf02 linux-tools-4.15.0-224-tuxcare.els12_4.15.0-224.235_amd64.deb 8d404270f6101fef9811601e032491da259fee71 linux-tools-4.15.0-224-tuxcare.els12-generic_4.15.0-224.235_amd64.deb de0eab382ee0a995bfe91dce6894108b343b06b9 linux-tools-4.15.0-224-tuxcare.els12-lowlatency_4.15.0-224.235_amd64.deb bdc2a7f9a2909a67ecdc6fc4ce0e8b27eceac8f5 linux-tools-common_4.15.0-224.235_all.deb f53661c0a357debddc263a4c059e4ba65044c198 linux-tools-generic_4.15.0.224.235_amd64.deb 2b83eb8d325007939529da15a2e067fad503a057 linux-tools-host_4.15.0-224.235_all.deb 62c01cf2d578b95c2fc92867555fdc273a6b8aa7 linux-tools-lowlatency_4.15.0.224.235_amd64.deb c0d85fb9366af4cebcc5a020f8d4606b7158dcbc CLSA-2024:1708427829 TuxCare License Agreement 0 * SECURITY UPDATE: Use-after-free in xmlValidatePopElement() - debian/patches/CVE-2024-25062.patch: Fix use-after-free if XML Reader with DTD validation and XInclude expansion by not expanding XIncludes when backtracking - CVE-2024-25062 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Use-after-free in xmlValidatePopElement() - debian/patches/CVE-2024-25062.patch: Fix use-after-free if XML Reader with DTD validation and XInclude expansion by not expanding XIncludes when backtracking - CVE-2024-25062

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els1_amd64.deb c7b520634a9cd05149870078f9ebbec27ec6fe33 libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els1_amd64.deb c0cfa0fc23564dbf0cd6ea1679fdd584aef962a5 libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els1_all.deb 1a84d218207ea5d6d646d0e4f0c6abe2de3fbe53 libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els1_amd64.deb a7429edeb39e7893250adf21aa19c1f05da78362 python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els1_amd64.deb 604016e1322fa6559c29f046b66ed51247ef0587 python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els1_amd64.deb c1f118827e38f07e2dd52ccfe23f892a06a5277e CLSA-2024:1708638685 TuxCare License Agreement 0 * SECURITY UPDATE: A flaw fixed when the getaddrinfo function may access memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4806.patch: fix the flaw - CVE-2023-4806 * SECURITY UPDATE: In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4813.patch: fix the flaw - CVE-2023-4813 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: A flaw fixed when the getaddrinfo function may access memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4806.patch: fix the flaw - CVE-2023-4806 * SECURITY UPDATE: In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash - debian/patches/any/CVE-2023-4813.patch: fix the flaw - CVE-2023-4813

0 tuxcare-ubuntu18.04-els glibc-doc_2.27-3ubuntu1.6+tuxcare.els1_all.deb 7d138a581d12f40b543563139ce873c665475582 glibc-source_2.27-3ubuntu1.6+tuxcare.els1_all.deb 41e585f58d2998a97596c14daa3d99b9ae568373 libc-bin_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb fe8c792cf4981c3398a649c6a2d3be3610849423 libc-dev-bin_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb eaae7b539280ea2e74a7ca5412e4278b472412c5 libc6_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 269b3483e83bbe8e725e73ed68bbfbf03ec5a744 libc6-dev_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 88efabaa7e5e97e292ed486b29d7aba4656e7add libc6-dev-i386_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 20cf3956adb93cc3be12738a0fd0deb671de9b10 libc6-dev-x32_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 0da5cec6d3a03b7c11424655127be3212a143fc8 libc6-i386_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 9839108994cc630a9f6327663ee53c1f80c5d045 libc6-pic_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb b8639779c219184c4ee27c9a572700b86f9fedcc libc6-x32_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb b4808216d98cda8853553ce2c4f1c9d7428d0f70 locales_2.27-3ubuntu1.6+tuxcare.els1_all.deb d1c4221fc00f1c2391f5d7463f6aeb99f8fd0153 locales-all_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 47fe7c8e7d50d41422727895da9e9e5cbf112b20 multiarch-support_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 53f2059a16e0f558a4cfc2455d881265df1fd60c nscd_2.27-3ubuntu1.6+tuxcare.els1_amd64.deb 2f8bf7fd4b3f96ef9cbd0fd2513278f303980ee7 CLSA-2024:1708638837 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of service could be encountered when generating excessively long DH keys or checking excessively long DH keys or parameters. - debian/patches/CVE-2023-5678.patch: Make DH_check_pub_key() and DH_generate_key() safer yet. - CVE-2023-5678. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of service could be encountered when generating excessively long DH keys or checking excessively long DH keys or parameters. - debian/patches/CVE-2023-5678.patch: Make DH_check_pub_key() and DH_generate_key() safer yet. - CVE-2023-5678.

0 tuxcare-ubuntu18.04-els libssl-dev_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_amd64.deb 25a41b65214418b27a0166c52017a1cd23ebfdd9 libssl-doc_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_all.deb 3be7d013a04143d3309ccbc1df10903906c40cd0 libssl1.1_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_amd64.deb 1b1fd2fce4ade6d908e0256face04f4fa891afa3 openssl_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3_amd64.deb e6768efbf4e8627d027c59593f4516a61505fde9 CLSA-2024:1709562964 TuxCare License Agreement 0 * SECURITY UPDATE: KeyTrap denial of service vulnerability - debian/patches/CVE-2023-50387-20230-50868.patch: Fix DNSSEC verification complexity issue by updating verification function signatures. - debian/patches/CVE-2023-50387-fix-1.patch: Allow the original CVE-2023-50387 patch to work if multiple threads support is disabled. - debian/patches/CVE-2023-50387-fix-2.patch: Fix a leak. - CVE-2023-50387 - CVE-2023-50868 * a test suite was activated. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: KeyTrap denial of service vulnerability - debian/patches/CVE-2023-50387-20230-50868.patch: Fix DNSSEC verification complexity issue by updating verification function signatures. - debian/patches/CVE-2023-50387-fix-1.patch: Allow the original CVE-2023-50387 patch to work if multiple threads support is disabled. - debian/patches/CVE-2023-50387-fix-2.patch: Fix a leak. - CVE-2023-50387 - CVE-2023-50868 * a test suite was activated.

0 tuxcare-ubuntu18.04-els bind9_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb bb07e566ce161d2fada27ca28c883576f61547a0 bind9-doc_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_all.deb fd34c4962022db6df34f3f49bbf7848435d248cf bind9-host_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 2183c3772d2f0a546d70811bf9fa8453c5e01919 bind9utils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 978569f1bd270a5d85a62641619f30a54f4db745 dnsutils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 16cd6a1b060a545635f0625773c072953e3ea0ba libbind-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 95ed70d1a96239b68bd3c94d131bca4678ada90c libbind-export-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 98709dc29832df014aa8967562204c8cc713a97c libbind9-160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 21a69bd1b3c1687f46c916e232cca3fb152ac874 libdns-export1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 9dbcf8e203cbde4a86305541b807593f6933865b libdns1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 0d98ebca6be15a762bb2104ce74171dfec4b831b libirs-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb e9e327ff58b9b912014e79123163e149af912264 libirs160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb a2e86ac42b347f83ad54f8181dcfe5bd669feb14 libisc-export169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb a17174e36b2ad95ae9741556c29d46a68b779ea7 libisc169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb f36658be34dcb942fc6e67190ac898bf04065c99 libisccc-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb b73d7cc071f2e0479ab07bc18720de89602f1e6b libisccc160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb ba3879ef858f672512f99f1d8c646ac45692fca3 libisccfg-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 9c390a5ea55f7435c94a07089f75db6e2c9f1b86 libisccfg160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 8281f2f80108f701121beb1b9f34d045c594ffa3 liblwres160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els3_amd64.deb 8c5621f41a317dd4892d78b36ce0986cd2b1eb0f CLSA-2024:1709563071 TuxCare License Agreement 0 * SECURITY UPDATE: SMTP smuggling because of <LF>.<CR><LF> support - debian/patches/CVE-2023-51766.patch: reject "dot, LF" as ending data phase. Testcase for "smtp smuggling". - CVE-2023-51766 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: SMTP smuggling because of <LF>.<CR><LF> support - debian/patches/CVE-2023-51766.patch: reject "dot, LF" as ending data phase. Testcase for "smtp smuggling". - CVE-2023-51766

0 tuxcare-ubuntu18.04-els exim4_4.90.1-1ubuntu1.10+tuxcare.els5_all.deb babca38b31d4b5f0a36417a28d61bda6e843e7b6 exim4-base_4.90.1-1ubuntu1.10+tuxcare.els5_amd64.deb 292a4b9add159b07097c49a7314ff9d108ce0bea exim4-config_4.90.1-1ubuntu1.10+tuxcare.els5_all.deb 55aca0c5420b955b96c7d040f1cc7e817f65564b exim4-daemon-heavy_4.90.1-1ubuntu1.10+tuxcare.els5_amd64.deb 8e29e36512659ad77224bfb933dfe32350b0d4a1 exim4-daemon-light_4.90.1-1ubuntu1.10+tuxcare.els5_amd64.deb 1d3ab808904af4d79635ccea7db4d234dfb6d456 exim4-dev_4.90.1-1ubuntu1.10+tuxcare.els5_amd64.deb e888b64daea45391a162f190eca6fb7e80c61eaf eximon4_4.90.1-1ubuntu1.10+tuxcare.els5_amd64.deb 876bc7e06f24de2b7172cd18978260ee95b8ff3a CLSA-2024:1709563150 TuxCare License Agreement 0 * SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to config_parser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault - debian/patches/CVE-2023-6004-02.patch: allow multiple '@' in usernames - debian/patches/CVE-2023-6004-03.patch: simplify the hostname parsing in ssh_options_set - debian/patches/CVE-2023-6004-04.patch: add function to check allowed characters of a hostname - debian/patches/CVE-2023-6004-05.patch: add test for ssh_check_hostname_syntax - debian/patches/CVE-2023-6004-06.patch: check for valid syntax of a hostname if it is a domain name - debian/patches/CVE-2023-6004-07.patch: add test for proxycommand injection - debian/patches/CVE-2023-6004-08.patch: add test for ssh_is_ipaddr - debian/patches/CVE-2023-6004-09.patch: add ipv6 link-local check for an ip address - debian/patches/CVE-2023-6004-10.patch: add tests for ipv6 link-local - debian/patches/CVE-2023-6004-regression1.patch: fix regression in IPv6 addresses in hostname parsing - debian/patches/CVE-2023-6004-regression2.patch: increase test coverage for IPv6 address parsing as hostnames - CVE-2023-6004 * SECURITY UPDATE: Unchecked return values for digests may cause DoS - debian/patches/CVE-2023-6918-1.patch: systematically check return values when calculating digests - debian/patches/CVE-2023-6918-2.patch: detect context init failures - debian/patches/CVE-2023-6918-3.patch: code coverage for ssh_get_pubkey_hash() - CVE-2023-6918 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to config_parser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault - debian/patches/CVE-2023-6004-02.patch: allow multiple '@' in usernames - debian/patches/CVE-2023-6004-03.patch: simplify the hostname parsing in ssh_options_set - debian/patches/CVE-2023-6004-04.patch: add function to check allowed characters of a hostname - debian/patches/CVE-2023-6004-05.patch: add test for ssh_check_hostname_syntax - debian/patches/CVE-2023-6004-06.patch: check for valid syntax of a hostname if it is a domain name - debian/patches/CVE-2023-6004-07.patch: add test for proxycommand injection - debian/patches/CVE-2023-6004-08.patch: add test for ssh_is_ipaddr - debian/patches/CVE-2023-6004-09.patch: add ipv6 link-local check for an ip address - debian/patches/CVE-2023-6004-10.patch: add tests for ipv6 link-local - debian/patches/CVE-2023-6004-regression1.patch: fix regression in IPv6 addresses in hostname parsing - debian/patches/CVE-2023-6004-regression2.patch: increase test coverage for IPv6 address parsing as hostnames - CVE-2023-6004 * SECURITY UPDATE: Unchecked return values for digests may cause DoS - debian/patches/CVE-2023-6918-1.patch: systematically check return values when calculating digests - debian/patches/CVE-2023-6918-2.patch: detect context init failures - debian/patches/CVE-2023-6918-3.patch: code coverage for ssh_get_pubkey_hash() - CVE-2023-6918

0 tuxcare-ubuntu18.04-els libssh-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els1_amd64.deb f284e4310f9a2506222a796588833b60c1cc88b9 libssh-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els1_amd64.deb f6848a8fc8e1d0887171e529c0a005399b5351ed libssh-doc_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els1_all.deb 36e440ba2b42bbafb7a8896240edf042195115fe libssh-gcrypt-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els1_amd64.deb 1363273af9621403437a4b1f64902bce09cd5915 libssh-gcrypt-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els1_amd64.deb 4d747c127ffb3a8311cc17cba69e820bd5f46f61 CLSA-2024:1709839850 TuxCare License Agreement 0 * SECURITY UPDATE: Heap use-after-free flaw in BMP coder - debian/patches/CVE-2023-5341.patch: Check BMP file size to fix ImproperImageHeader issue caused by a provided poc - CVE-2023-5341 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap use-after-free flaw in BMP coder - debian/patches/CVE-2023-5341.patch: Check BMP file size to fix ImproperImageHeader issue caused by a provided poc - CVE-2023-5341

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb e4a7a6a486e1525443e31c2191e7d4cc9943ff08 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb b45b2f039c65135aee7a14a27dc1338480613e09 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb a38edeec10657a53ee70f71f45c1b8626af26e19 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 1927ed9e4c383dbd4203c6d1ad17f9c1c00a094d imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 211101c49c0cd9a8ba22311f33d204986d49e005 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb 9db862439f112c67635869cbf40fc558f671bfec imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb bc4c5498dadce39014e0307a1d88c23597d862fc libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb 20b779bcf52a933cdee9d0f8bcbd92e3b18cfb19 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 691c46be9cd65cb599f8d56006a323443173ed4b libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 7900869291e45149dde4b83559e9250d761f5c0f libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb 408dad4d431cae330470858fd6e87d3d68a7c209 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 17a8c035f5154ced717dd5c231914dfb00ac510f libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb e11e83681793fdd09dd549e94177a99dfec40145 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb b66e0b206a7e14c01af7e321ffcf15b65874af53 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb ea79f89c052acc601bca668e51037b728ad93674 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb f1469fc2baf2db0c428dfd057eb783b0288fd91c libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 624018a5c0c1545b749de9742242aa749fa72f03 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb 1a47210112e0a192d48569233ba49ffb24b30b90 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 24346641f9fcac80f156e94bb769977d6af6bf95 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb e694f494412f679920d777d7223d161b5e85429b libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb ad56c834137f5a2f0914ea6ba65c20a9ec399caa libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 0b883525c40b8072ffefec8bc63dc46cb35d6166 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb b13bb01a009fd97d555b815ee64bec62ad99a67f libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 5cac904542c0676647170d3e7f3a312f6d962c5a libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb e7ed9b966c139948eb96c93490788dc3ca2ee150 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb 4d1147645b6ca78cef5d7ad6914fe16968ecbc3d libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 5d717ae6912c7d622821c6878e381ab74895dec2 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb bd1f43da574873e445180ca5e7c5ac8ffdfc17c5 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 0180b4c73d9148c558b9054673ca2b86161dfc73 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_amd64.deb 5abfe910d2eb8d14f70760a78a75657533efd238 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb a727d2b7bbfbdd006e74a0e462fd1e3739d19ccb perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els4_all.deb 2b0fe572b52a9f0b45e9811427653475547be7e4 CLSA-2024:1710183809 TuxCare License Agreement 0 * SECURITY UPDATE: Potential Denial of Service via maliciously formatted PKCS12 file - debian/patches/CVE-2024-0727.patch: Fix decode error in PKCS12_unpack_p7data, PKCS12_unpack_p7encdata, and PKCS12_unpack_authsafes functions - CVE-2024-0727 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Potential Denial of Service via maliciously formatted PKCS12 file - debian/patches/CVE-2024-0727.patch: Fix decode error in PKCS12_unpack_p7data, PKCS12_unpack_p7encdata, and PKCS12_unpack_authsafes functions - CVE-2024-0727

0 tuxcare-ubuntu18.04-els libssl-dev_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4_amd64.deb e01fbb73f81950e64e591f61fd684d45e471f25f libssl-doc_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4_all.deb 94056195384f3c0e1de10385f82a997f99462b8e libssl1.1_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4_amd64.deb 693af29faf8db7b485c572a03f6b0cf0a91df579 openssl_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4_amd64.deb 67c43b9dd1deec51841c9b8910f0b4a08427814e CLSA-2024:1710436611 TuxCare License Agreement 0 * SECURITY UPDATE: Insecure cookie domain verification - debian/patches/CVE-2023-46218.patch: lowercase domain names before PSL checks to fix cookie domain validation - CVE-2023-46218 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Insecure cookie domain verification - debian/patches/CVE-2023-46218.patch: lowercase domain names before PSL checks to fix cookie domain validation - CVE-2023-46218

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb 8209379e337bb10ed9198ee040b305deea1d20e0 libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb 20298eeb5b8c91536ef7faa889c76fc2f9e5d627 libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb 3a85495ca44fcc31814636e6b8f5f7e89b6b0877 libcurl4_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb a4e032915fad16859c2f83984dae94055be939a0 libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els3_all.deb 2253dcb6f5e6684a4a8f85b4caae4d1ef07900a4 libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb e63a93046d7e90087bb1d4592362ca83531da489 libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb d6b0b1094f74e9fcd07b80e12f1c5124a33fa932 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els3_amd64.deb 9f668501d1b43fdc9cd2c81abd4fa3eacb24f7a0 CLSA-2024:1710436683 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service attack - debian/patches/CVE-2023-39804.patch: Fix handling of extended header prefixes. - CVE-2023-39804 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service attack - debian/patches/CVE-2023-39804.patch: Fix handling of extended header prefixes. - CVE-2023-39804

0 tuxcare-ubuntu18.04-els tar_1.29b-2ubuntu0.4+tuxcare.els1_amd64.deb c058e80f3d4f9e3aa3dafcd2d93aed4bd5eb5a24 tar-scripts_1.29b-2ubuntu0.4+tuxcare.els1_amd64.deb 92ee28918365b200d67f2851d0bcfa3476355dd4 CLSA-2024:1710789017 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els5_amd64.deb 77d3db255b27c0a1c102701b1877cad5d265f5d8 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els5_amd64.deb bedc318d45b7ce4b327ef05d712374f00160b5e3 squid-common_3.5.27-1ubuntu1.14+tuxcare.els5_all.deb 312d16107d1bca4549f22b566cee4cab0be8cc59 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els5_amd64.deb 7574934472c2a3070324ab92f847cf4ebcc82891 squid3_3.5.27-1ubuntu1.14+tuxcare.els5_all.deb 05cf4d47abab3c4fa5a85e0ab10afd91bf201a4d squidclient_3.5.27-1ubuntu1.14+tuxcare.els5_amd64.deb 9b5fb42efa7c59a29125e02def33138183f686b3 CLSA-2024:1710854435 TuxCare License Agreement 0 * OpenJDK 11.0.22 release, build 7. - CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952. - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-January/029215.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 11.0.22 release, build 7. - CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952. - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-January/029215.html

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 9b34c77ae3b80520ee7e627032c091ef0ac00ac9 openjdk-11-doc_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_all.deb daa6940c451c60c4916b4d3e8541a6061edd919c openjdk-11-jdk_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb eae0693272a0ad8652bd2c8e8a41ed5825b62dc2 openjdk-11-jdk-headless_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 5d44ed9815beaeb8c5afd0cbf70bebb88605de50 openjdk-11-jre_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 7090fe82d13605dddee67fe8a81c35e84f253659 openjdk-11-jre-headless_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 14b603e9205d52e5de51e861a66735eabdee28fc openjdk-11-jre-zero_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb fe6d1bf3c1e32a5d5e1697ab4975d2726e625f68 openjdk-11-source_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els1_all.deb f55befa5c1df39d2b7f13635a97e41dd1aa3143b CLSA-2024:1710946883 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2024-26602 - locking: Introduce __cleanup() based infrastructure - dmaengine: ioat: Free up __cleanup() name - sched/membarrier: reduce the ability to hammer on sys_membarrier * CVE-url: https://ubuntu.com/security/CVE-2023-52435 - net: prevent mss overflow in skb_segment() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2021-44879 - f2fs: fix to do sanity check on inode type during garbage collection * CVE-url: https://ubuntu.com/security/CVE-2023-6121 - nvmet: nul-terminate the NQNs passed in the connect command * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2024-26602 - locking: Introduce __cleanup() based infrastructure - dmaengine: ioat: Free up __cleanup() name - sched/membarrier: reduce the ability to hammer on sys_membarrier * CVE-url: https://ubuntu.com/security/CVE-2023-52435 - net: prevent mss overflow in skb_segment() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2021-44879 - f2fs: fix to do sanity check on inode type during garbage collection * CVE-url: https://ubuntu.com/security/CVE-2023-6121 - nvmet: nul-terminate the NQNs passed in the connect command * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 800ba5cb94b8b208355fd6f71949e9526aeca549 linux-buildinfo-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 3b6038d5ddfe4f485848033b10fa6cc619cdfe7b linux-cloud-tools-4.15.0-225-tuxcare.els13_4.15.0-225.236_amd64.deb 64046b4503640a21f4161e85e38bd18624116b11 linux-cloud-tools-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb ff3d75604a870e55bce8db7eaf20b520d99c7b19 linux-cloud-tools-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 4140d5f95f93eebd6b9c9f55462781d4ea5eb873 linux-cloud-tools-common_4.15.0-225.236_all.deb 4e781a37a20ab03e3f1f05b1eb9f254ab5506b35 linux-cloud-tools-generic_4.15.0.225.236_amd64.deb 3fbc9efc6592a1b49a0c4c60792105b8acc62a39 linux-cloud-tools-lowlatency_4.15.0.225.236_amd64.deb c0bf7674f2da943a1af9ce20be0de75f3d035493 linux-crashdump_4.15.0.225.236_amd64.deb 16d331b9a093654c6c6939aa0cfe92116ac7bdbd linux-doc_4.15.0-225.236_all.deb 5f34c466fc20fc0aaf92f756875e3a5d93932f91 linux-generic_4.15.0.225.236_amd64.deb d17ce6808acc6621fbb66b3d521d7918b807f959 linux-headers-4.15.0-225-tuxcare.els13_4.15.0-225.236_all.deb 91fbaeade7966f3901d5224a7c894313a0328200 linux-headers-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 25aa9147c38e36f7874c421501486553fde12f51 linux-headers-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb d114b309401a517303064572a7350ed222581a18 linux-headers-generic_4.15.0.225.236_amd64.deb 5cbec796217f299cb0af383b4228cfa9b5186daa linux-headers-lowlatency_4.15.0.225.236_amd64.deb 1d91577495846feeb8d2134731e9e2382ef43333 linux-image-generic_4.15.0.225.236_amd64.deb 01907e9bc032501a1a13b184e415343f0b1998ea linux-image-lowlatency_4.15.0.225.236_amd64.deb c3fe0c12b3f808bfb1656efbe9744082ffbacdaa linux-image-unsigned-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb cae544feebbd6b92234c77bbafa92826204dbaa9 linux-image-unsigned-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 60914b7a79ed744f3827e2370d45f80226e9a8d8 linux-libc-dev_4.15.0-225.236_amd64.deb 84e4d2e5c0b51dd87418ac266e6285c6cbe9d84b linux-lowlatency_4.15.0.225.236_amd64.deb e7f1deed06c1e476bbd1e22d5222da209f19e44e linux-modules-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 3bc90731eb69acbc9b6ec5324b58ba812015c822 linux-modules-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb a2075368023eae51e8afe054e5dc987cb79d756c linux-modules-extra-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 3f552f9881f67385be0e95beba465dc5557543a3 linux-source_4.15.0.225.236_all.deb f258922d2c46a12399ed1590edbe5391bf65fe0c linux-source-4.15.0_4.15.0-225.236_all.deb 12676a59ce8b1cf1392e9cf2f109d4f6ce0b1353 linux-tools-4.15.0-225-tuxcare.els13_4.15.0-225.236_amd64.deb aad2b4c1106f91a6d2eb040965202ae18a22e63c linux-tools-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb c79c257b38340e0cfd9ba0701b8cf6594ab20ffc linux-tools-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 0e7349bd5242090b3a5a46d5e30d0fea4c537a8e linux-tools-common_4.15.0-225.236_all.deb 3063d0aa0fbecff4af98903c8edc0bc479d998cb linux-tools-generic_4.15.0.225.236_amd64.deb 64f85ee0e6f6d320537c5b61f9e0edfe23b2c475 linux-tools-host_4.15.0-225.236_all.deb 7b67ca0b350718fec08ef0ad6da82828397d143b linux-tools-lowlatency_4.15.0.225.236_amd64.deb 1cefa8c642d5670efcb42e6a2f69baaba64adc3f CLSA-2024:1710947240 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2024-26602 - locking: Introduce __cleanup() based infrastructure - dmaengine: ioat: Free up __cleanup() name - sched/membarrier: reduce the ability to hammer on sys_membarrier * CVE-url: https://ubuntu.com/security/CVE-2023-52435 - net: prevent mss overflow in skb_segment() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2021-44879 - f2fs: fix to do sanity check on inode type during garbage collection * CVE-url: https://ubuntu.com/security/CVE-2023-6121 - nvmet: nul-terminate the NQNs passed in the connect command * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2024-26602 - locking: Introduce __cleanup() based infrastructure - dmaengine: ioat: Free up __cleanup() name - sched/membarrier: reduce the ability to hammer on sys_membarrier * CVE-url: https://ubuntu.com/security/CVE-2023-52435 - net: prevent mss overflow in skb_segment() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2021-44879 - f2fs: fix to do sanity check on inode type during garbage collection * CVE-url: https://ubuntu.com/security/CVE-2023-6121 - nvmet: nul-terminate the NQNs passed in the connect command * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 800ba5cb94b8b208355fd6f71949e9526aeca549 linux-buildinfo-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 3b6038d5ddfe4f485848033b10fa6cc619cdfe7b linux-cloud-tools-4.15.0-225-tuxcare.els13_4.15.0-225.236_amd64.deb 64046b4503640a21f4161e85e38bd18624116b11 linux-cloud-tools-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb ff3d75604a870e55bce8db7eaf20b520d99c7b19 linux-cloud-tools-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 4140d5f95f93eebd6b9c9f55462781d4ea5eb873 linux-cloud-tools-common_4.15.0-225.236_all.deb 4e781a37a20ab03e3f1f05b1eb9f254ab5506b35 linux-cloud-tools-generic_4.15.0.225.236_amd64.deb 3fbc9efc6592a1b49a0c4c60792105b8acc62a39 linux-cloud-tools-lowlatency_4.15.0.225.236_amd64.deb c0bf7674f2da943a1af9ce20be0de75f3d035493 linux-crashdump_4.15.0.225.236_amd64.deb 16d331b9a093654c6c6939aa0cfe92116ac7bdbd linux-doc_4.15.0-225.236_all.deb 5f34c466fc20fc0aaf92f756875e3a5d93932f91 linux-generic_4.15.0.225.236_amd64.deb d17ce6808acc6621fbb66b3d521d7918b807f959 linux-headers-4.15.0-225-tuxcare.els13_4.15.0-225.236_all.deb 91fbaeade7966f3901d5224a7c894313a0328200 linux-headers-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 25aa9147c38e36f7874c421501486553fde12f51 linux-headers-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb d114b309401a517303064572a7350ed222581a18 linux-headers-generic_4.15.0.225.236_amd64.deb 5cbec796217f299cb0af383b4228cfa9b5186daa linux-headers-lowlatency_4.15.0.225.236_amd64.deb 1d91577495846feeb8d2134731e9e2382ef43333 linux-image-generic_4.15.0.225.236_amd64.deb 01907e9bc032501a1a13b184e415343f0b1998ea linux-image-lowlatency_4.15.0.225.236_amd64.deb c3fe0c12b3f808bfb1656efbe9744082ffbacdaa linux-image-unsigned-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb cae544feebbd6b92234c77bbafa92826204dbaa9 linux-image-unsigned-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 60914b7a79ed744f3827e2370d45f80226e9a8d8 linux-libc-dev_4.15.0-225.236_amd64.deb 84e4d2e5c0b51dd87418ac266e6285c6cbe9d84b linux-lowlatency_4.15.0.225.236_amd64.deb e7f1deed06c1e476bbd1e22d5222da209f19e44e linux-modules-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 3bc90731eb69acbc9b6ec5324b58ba812015c822 linux-modules-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb a2075368023eae51e8afe054e5dc987cb79d756c linux-modules-extra-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb 3f552f9881f67385be0e95beba465dc5557543a3 linux-source_4.15.0.225.236_all.deb f258922d2c46a12399ed1590edbe5391bf65fe0c linux-source-4.15.0_4.15.0-225.236_all.deb 12676a59ce8b1cf1392e9cf2f109d4f6ce0b1353 linux-tools-4.15.0-225-tuxcare.els13_4.15.0-225.236_amd64.deb aad2b4c1106f91a6d2eb040965202ae18a22e63c linux-tools-4.15.0-225-tuxcare.els13-generic_4.15.0-225.236_amd64.deb c79c257b38340e0cfd9ba0701b8cf6594ab20ffc linux-tools-4.15.0-225-tuxcare.els13-lowlatency_4.15.0-225.236_amd64.deb 0e7349bd5242090b3a5a46d5e30d0fea4c537a8e linux-tools-common_4.15.0-225.236_all.deb 3063d0aa0fbecff4af98903c8edc0bc479d998cb linux-tools-generic_4.15.0.225.236_amd64.deb 64f85ee0e6f6d320537c5b61f9e0edfe23b2c475 linux-tools-host_4.15.0-225.236_all.deb 7b67ca0b350718fec08ef0ad6da82828397d143b linux-tools-lowlatency_4.15.0.225.236_amd64.deb 1cefa8c642d5670efcb42e6a2f69baaba64adc3f CLSA-2024:1711564698 TuxCare License Agreement 0 * New upstream 2024a version: - Kazakhstan unifies on UTC+5 beginning 2024-03-01. - Palestine springs forward a week later after Ramadan. - zic no longer pretends to support indefinite-past DST. - localtime no longer mishandles Ciudad Juárez in 2422. * New upstream 2023d version: - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. - Vostok, Antarctica changed time zones on 2023-12-18. - Casey, Antarctica changed time zones five times since 2020. - Code and data fixes for Palestine timestamps starting in 2072. - A new data file zonenow.tab for timestamps starting now. * Add autopkgtest test case for 2023d, 2024a releases. * Install zonenow.tab. * Update make-systemv.patch. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New upstream 2024a version: - Kazakhstan unifies on UTC+5 beginning 2024-03-01. - Palestine springs forward a week later after Ramadan. - zic no longer pretends to support indefinite-past DST. - localtime no longer mishandles Ciudad Juárez in 2422. * New upstream 2023d version: - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. - Vostok, Antarctica changed time zones on 2023-12-18. - Casey, Antarctica changed time zones five times since 2020. - Code and data fixes for Palestine timestamps starting in 2072. - A new data file zonenow.tab for timestamps starting now. * Add autopkgtest test case for 2023d, 2024a releases. * Install zonenow.tab. * Update make-systemv.patch.

0 tuxcare-ubuntu18.04-els tzdata_2024a-0ubuntu0.18.04+tuxcare.els1_all.deb f437e451e3d287e917e1497b5566bde2525dc699 CLSA-2024:1711648823 TuxCare License Agreement 0 * OpenJDK 8u402 release, build 6. - CVE-2024-20918, CVE-2024-20919, CVE-2024-20921: Unauthorized access in Hotspot. - CVE-2024-20926: Unauthorized access in Scripting. - CVE-2024-20945, CVE-2024-20952: Unauthorized access in Security. - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2024-January/017883.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u402 release, build 6. - CVE-2024-20918, CVE-2024-20919, CVE-2024-20921: Unauthorized access in Hotspot. - CVE-2024-20926: Unauthorized access in Scripting. - CVE-2024-20945, CVE-2024-20952: Unauthorized access in Security. - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2024-January/017883.html

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u402-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb a85bde64ef731c24adb6531f2db25dd2be26a820 openjdk-8-doc_8u402-ga-0ubuntu1~18.04+tuxcare.els1_all.deb bc0fa1984d0d6d557bdb473b5470cec47bc4a6ec openjdk-8-jdk_8u402-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 8717fd4c9bbd865703c0ac00cedcfefa2aa1a32b openjdk-8-jdk-headless_8u402-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb bd232209bf562dbf9091cc38618d6d69c96b1ee2 openjdk-8-jre_8u402-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 8fd4fd79dfda0e7fbe92ff048c77cc3b5b0ca937 openjdk-8-jre-headless_8u402-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb e3e66ef1e22e4bd8668dd99f119b2c80f804dca3 openjdk-8-jre-zero_8u402-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 9bba3367f6ef5aede8450d47be4c7c70c8b16b7d openjdk-8-source_8u402-ga-0ubuntu1~18.04+tuxcare.els1_all.deb efe72971883b53f4f2a165162f9a399f433d6c2e CLSA-2024:1713333661 TuxCare License Agreement 0 * SECURITY UPDATE: - debian/patches/CVE-2024-2398.patch: http2: push headers better cleanup provide common cleanup method for push headers - CVE-2024-2398 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: - debian/patches/CVE-2024-2398.patch: http2: push headers better cleanup provide common cleanup method for push headers - CVE-2024-2398

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb 47a22714c85ff96f8aa728511b64093de4d35057 libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb 7afabefea35075ebc02dbefabb09c3b9cc2a659a libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb 41b4c9d239b808f39088e2a8a25cde6d6f3f900d libcurl4_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb c85f38ff1f519e64917a00fdb4e0c99c2cd5d3e8 libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els4_all.deb 327083179d85958e47e8b376b500ff66964d81cf libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb 311abb6a52081bc4239b0d6c1537d69a9e1d1977 libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb 5ac37f4590e3cb43ea7f23352fff3e4d08455015 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els4_amd64.deb 3c8c4b22b7bb022419105ba53c54b6970f689cc4 CLSA-2024:1713333823 TuxCare License Agreement 0 * Backport 031bb5a5d0d950253b68138b498dc93be69a64cb: fix CVE-2024-22365 - debian/patches-applied/CVE-2024-22365.patch: pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations - CVE-2024-22365 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport 031bb5a5d0d950253b68138b498dc93be69a64cb: fix CVE-2024-22365 - debian/patches-applied/CVE-2024-22365.patch: pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations - CVE-2024-22365

0 tuxcare-ubuntu18.04-els libpam-cracklib_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_amd64.deb 6a908d7516840f47159315047cf441910e523d51 libpam-doc_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_all.deb 6c6476791b5d334d131776144e118c791353101f libpam-modules_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_amd64.deb 041b20056801feccdfe3f5d1a32c3235875bb858 libpam-modules-bin_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_amd64.deb b9a6732418c7f7ca388492684eb69eb60b4830e7 libpam-runtime_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_all.deb ed0fdf8a5096abd264a3d674c202ac2017132b4a libpam0g_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_amd64.deb 7908b20bcb250793d49c884d036a623dba4e1cff libpam0g-dev_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els1_amd64.deb 09b93ba1aac5d3a1fedbd0e56e93689b4847434c CLSA-2024:1713791231 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of tx_pend waits in socket closing - net/smc: fix kernel panic caused by race of smc_sock * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46941 - usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc - usb: dwc3: core: Do core softreset when switch mode * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52439 - uio: Fix use-after-free in uio_open * CVE-url: https://ubuntu.com/security/CVE-2023-52612 - crypto: scomp - fix req->dst buffer overflow * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52464 - EDAC/thunderx: Fix possible out-of-bounds string access * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of tx_pend waits in socket closing - net/smc: fix kernel panic caused by race of smc_sock * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46941 - usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc - usb: dwc3: core: Do core softreset when switch mode * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52439 - uio: Fix use-after-free in uio_open * CVE-url: https://ubuntu.com/security/CVE-2023-52612 - crypto: scomp - fix req->dst buffer overflow * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52464 - EDAC/thunderx: Fix possible out-of-bounds string access * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device()

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 46d2974d58783cb63f303687c4c4da1883eda62a linux-buildinfo-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb 8c3befd6fcbe71084e709fd50a994ad5276f7c9e linux-cloud-tools-4.15.0-226-tuxcare.els14_4.15.0-226.237_amd64.deb 8ef2c5169409974c1ee9a8cf312c66dc3007fcae linux-cloud-tools-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 028c2e4e698bb6b532cbca654140d41b08d29c5e linux-cloud-tools-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb eef0c6bc09405ac1f1d1b574384f9364b7e51d74 linux-cloud-tools-common_4.15.0-226.237_all.deb dd4732ecbb91e95934bfd907dcbd55950f4acbf9 linux-cloud-tools-generic_4.15.0.226.237_amd64.deb 2eeed0cad6f5ed0319729dd359c13f5a24b375e4 linux-cloud-tools-lowlatency_4.15.0.226.237_amd64.deb 64dfe5fb724d7a7401a1e2395ac15cf4b4ba5a7d linux-crashdump_4.15.0.226.237_amd64.deb d0d0425ce14685a756f252c911b78a28bc00b3fe linux-doc_4.15.0-226.237_all.deb 7c2fad47f6175ac205d2d9866800bc9b3149e2ec linux-generic_4.15.0.226.237_amd64.deb 50da12212b993849a9145612de41a5b2eec94c52 linux-headers-4.15.0-226-tuxcare.els14_4.15.0-226.237_all.deb 3f2f5ce2574c87729f122e4bb16b0b92d02f8095 linux-headers-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb d701a7c39461d9ddcedee8f0f4a3d3af764274d3 linux-headers-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb b786fd851c2767e85e5faff6b03f27d713b08a3a linux-headers-generic_4.15.0.226.237_amd64.deb cdd3d8b48cdad7af87258598c653a72f2617ff9c linux-headers-lowlatency_4.15.0.226.237_amd64.deb 71bb127eb03336b384b55c7545962881bfae7ae7 linux-image-generic_4.15.0.226.237_amd64.deb f8bcf480f278863f94e98e11b73492ca3e5ee245 linux-image-lowlatency_4.15.0.226.237_amd64.deb 114ce5882383ad9d5a012dd8b8044f0e0e10a134 linux-image-unsigned-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 235143b2eab786f50222683d5cbf3bed19256dd1 linux-image-unsigned-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb 64010e72c6c89c92464f56aa343bcc3554b3fa7e linux-libc-dev_4.15.0-226.237_amd64.deb c00cb4b8fbb69b19690078c04c4f46a6aef077c9 linux-lowlatency_4.15.0.226.237_amd64.deb cfeeba9a9005c84bc60f2ed9a8d3e6216370292e linux-modules-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 6c10c764e3a1ccd10c768469fefdf3896a759703 linux-modules-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb b85d21f6123ac1b7358df664791ea4529c9f2509 linux-modules-extra-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 546de6ee0cbaeaddf1b818f0a81f9b46e290cc51 linux-source_4.15.0.226.237_all.deb 3eb7ba32e307871ff72b3a00bc0e7b29cad2ac08 linux-source-4.15.0_4.15.0-226.237_all.deb c6cd10adf01e8195eb0864cf923a7c3a10dcc006 linux-tools-4.15.0-226-tuxcare.els14_4.15.0-226.237_amd64.deb 52a8beb31b93a0195633b7538b101b94af077753 linux-tools-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 344914d7673ade88df451034f671dfb8ea627c92 linux-tools-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb 092ac10f9ed531e0d991c375e6d6f1b2ed14d17e linux-tools-common_4.15.0-226.237_all.deb b5b7584006f824c3719c8bd039520e1d2ed150c2 linux-tools-generic_4.15.0.226.237_amd64.deb 4fe08fee14ff68b3c4d026281460d41560e93ffd linux-tools-host_4.15.0-226.237_all.deb ecb3978c090e0910bc3158192a6dadcd689c2ae1 linux-tools-lowlatency_4.15.0.226.237_amd64.deb c1d0213559240a98d73e3642d48ca67fe2178f20 CLSA-2024:1713791454 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of tx_pend waits in socket closing - net/smc: fix kernel panic caused by race of smc_sock * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46941 - usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc - usb: dwc3: core: Do core softreset when switch mode * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52439 - uio: Fix use-after-free in uio_open * CVE-url: https://ubuntu.com/security/CVE-2023-52612 - crypto: scomp - fix req->dst buffer overflow * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52464 - EDAC/thunderx: Fix possible out-of-bounds string access * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device() None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of tx_pend waits in socket closing - net/smc: fix kernel panic caused by race of smc_sock * CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5_cache_count * CVE-url: https://ubuntu.com/security/CVE-2021-46941 - usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc - usb: dwc3: core: Do core softreset when switch mode * CVE-url: https://ubuntu.com/security/CVE-2023-52469 - drivers/amd/pm: fix a use-after-free in kv_parse_power_table * CVE-url: https://ubuntu.com/security/CVE-2024-26633 - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() * CVE-url: https://ubuntu.com/security/CVE-2023-52439 - uio: Fix use-after-free in uio_open * CVE-url: https://ubuntu.com/security/CVE-2023-52612 - crypto: scomp - fix req->dst buffer overflow * CVE-url: https://ubuntu.com/security/CVE-2023-52340 - net: add a route cache full diagnostic message - net/dst: use a smaller percpu_counter batch for dst entries accounting - ipv6: remove max_size check inline with ipv4 * CVE-url: https://ubuntu.com/security/CVE-2023-52436 - f2fs: explicitly null-terminate the xattr list * CVE-url: https://ubuntu.com/security/CVE-2023-52470 - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52464 - EDAC/thunderx: Fix possible out-of-bounds string access * CVE-url: https://ubuntu.com/security/CVE-2022-45884 - media: dvbdev: remove double-unlock - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - media: dvbdev: fix error logic at dvb_register_device() - media: dvb-core: Fix use-after-free due to race at dvb_register_device()

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 46d2974d58783cb63f303687c4c4da1883eda62a linux-buildinfo-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb 8c3befd6fcbe71084e709fd50a994ad5276f7c9e linux-cloud-tools-4.15.0-226-tuxcare.els14_4.15.0-226.237_amd64.deb 8ef2c5169409974c1ee9a8cf312c66dc3007fcae linux-cloud-tools-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 028c2e4e698bb6b532cbca654140d41b08d29c5e linux-cloud-tools-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb eef0c6bc09405ac1f1d1b574384f9364b7e51d74 linux-cloud-tools-common_4.15.0-226.237_all.deb dd4732ecbb91e95934bfd907dcbd55950f4acbf9 linux-cloud-tools-generic_4.15.0.226.237_amd64.deb 2eeed0cad6f5ed0319729dd359c13f5a24b375e4 linux-cloud-tools-lowlatency_4.15.0.226.237_amd64.deb 64dfe5fb724d7a7401a1e2395ac15cf4b4ba5a7d linux-crashdump_4.15.0.226.237_amd64.deb d0d0425ce14685a756f252c911b78a28bc00b3fe linux-doc_4.15.0-226.237_all.deb 7c2fad47f6175ac205d2d9866800bc9b3149e2ec linux-generic_4.15.0.226.237_amd64.deb 50da12212b993849a9145612de41a5b2eec94c52 linux-headers-4.15.0-226-tuxcare.els14_4.15.0-226.237_all.deb 3f2f5ce2574c87729f122e4bb16b0b92d02f8095 linux-headers-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb d701a7c39461d9ddcedee8f0f4a3d3af764274d3 linux-headers-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb b786fd851c2767e85e5faff6b03f27d713b08a3a linux-headers-generic_4.15.0.226.237_amd64.deb cdd3d8b48cdad7af87258598c653a72f2617ff9c linux-headers-lowlatency_4.15.0.226.237_amd64.deb 71bb127eb03336b384b55c7545962881bfae7ae7 linux-image-generic_4.15.0.226.237_amd64.deb f8bcf480f278863f94e98e11b73492ca3e5ee245 linux-image-lowlatency_4.15.0.226.237_amd64.deb 114ce5882383ad9d5a012dd8b8044f0e0e10a134 linux-image-unsigned-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 235143b2eab786f50222683d5cbf3bed19256dd1 linux-image-unsigned-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb 64010e72c6c89c92464f56aa343bcc3554b3fa7e linux-libc-dev_4.15.0-226.237_amd64.deb c00cb4b8fbb69b19690078c04c4f46a6aef077c9 linux-lowlatency_4.15.0.226.237_amd64.deb cfeeba9a9005c84bc60f2ed9a8d3e6216370292e linux-modules-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 6c10c764e3a1ccd10c768469fefdf3896a759703 linux-modules-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb b85d21f6123ac1b7358df664791ea4529c9f2509 linux-modules-extra-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 546de6ee0cbaeaddf1b818f0a81f9b46e290cc51 linux-source_4.15.0.226.237_all.deb 3eb7ba32e307871ff72b3a00bc0e7b29cad2ac08 linux-source-4.15.0_4.15.0-226.237_all.deb c6cd10adf01e8195eb0864cf923a7c3a10dcc006 linux-tools-4.15.0-226-tuxcare.els14_4.15.0-226.237_amd64.deb 52a8beb31b93a0195633b7538b101b94af077753 linux-tools-4.15.0-226-tuxcare.els14-generic_4.15.0-226.237_amd64.deb 344914d7673ade88df451034f671dfb8ea627c92 linux-tools-4.15.0-226-tuxcare.els14-lowlatency_4.15.0-226.237_amd64.deb 092ac10f9ed531e0d991c375e6d6f1b2ed14d17e linux-tools-common_4.15.0-226.237_all.deb b5b7584006f824c3719c8bd039520e1d2ed150c2 linux-tools-generic_4.15.0.226.237_amd64.deb 4fe08fee14ff68b3c4d026281460d41560e93ffd linux-tools-host_4.15.0-226.237_all.deb ecb3978c090e0910bc3158192a6dadcd689c2ae1 linux-tools-lowlatency_4.15.0.226.237_amd64.deb c1d0213559240a98d73e3642d48ca67fe2178f20 CLSA-2024:1714065005 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb c09b351868112279d7958080b564be7db2bf0396 linux-buildinfo-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 7fc4eb1049d5df948b914f0e1b397dd779d0152a linux-cloud-tools-4.15.0-227-tuxcare.els15_4.15.0-227.238_amd64.deb 0d05626a120e78a99f00eaa35d3bac641faadd51 linux-cloud-tools-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 124aa1a1036f8788d1d8aff9bf0665919c7a6377 linux-cloud-tools-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb d4293cbdd4ffddd855073f0cfdc20cdb51e11fe9 linux-cloud-tools-common_4.15.0-227.238_all.deb 3f1b6bc4b3e887621d5443785b602bf40b9b528c linux-cloud-tools-generic_4.15.0.227.238_amd64.deb db7bcd937aa99e9b10dc9a7c1eff1bf05d684262 linux-cloud-tools-lowlatency_4.15.0.227.238_amd64.deb b65ff7ac9bd4ae66033b65deaf5de575af3df7ec linux-crashdump_4.15.0.227.238_amd64.deb 5bcff224b7e6473acb8b9d1c4a2ceb89741a8b75 linux-doc_4.15.0-227.238_all.deb 76068232d4045478d65fdf02f33a5123ff1168a7 linux-generic_4.15.0.227.238_amd64.deb d007c35ae663f508b36fb4d1e25472e25210d0fd linux-headers-4.15.0-227-tuxcare.els15_4.15.0-227.238_all.deb ca7b7e24ab6dfea7a90439b5fa7b4ecfd887625f linux-headers-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 6c96309154cb19f1dfec1fe9bf26e5c1a0670f0c linux-headers-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 70559f0a488c2170cf6dbc9d0ce2b69f5cfcee8d linux-headers-generic_4.15.0.227.238_amd64.deb 20f9a0ec9051cf7a6609c312813d80c7c343e5d3 linux-headers-lowlatency_4.15.0.227.238_amd64.deb d5b5ebfee880ddca32dd972a1df8fc5dea0af27b linux-image-generic_4.15.0.227.238_amd64.deb 6b6b6e547ef2e14ed62fbe82041b5849cb0f2da0 linux-image-lowlatency_4.15.0.227.238_amd64.deb 76be15d8087225f183dbd644afdd449ee1d299f7 linux-image-unsigned-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 6c24f086ce51384f7b1c00017981db09d7cbd655 linux-image-unsigned-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 23e3ae58f7f50caaebf971d51e17030ace928bd4 linux-libc-dev_4.15.0-227.238_amd64.deb 6b641f07bb08e8c5c14e1789e418097837a40319 linux-lowlatency_4.15.0.227.238_amd64.deb c73db064193154c77627f6dc6013771dcff1c93e linux-modules-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 84d9c0fc0733542863d42565c0111646e5905730 linux-modules-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb dbe13a080ee251a474b293ddd5801e523b95a5b4 linux-modules-extra-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb d7f6c024bde43da43fba99d77769ae7ab56a5914 linux-source_4.15.0.227.238_all.deb 77f799b9ff199abda01930622a485eb542cac191 linux-source-4.15.0_4.15.0-227.238_all.deb 4499e9d42bb850696cb71f0aea32b390a21d853f linux-tools-4.15.0-227-tuxcare.els15_4.15.0-227.238_amd64.deb 683308d0e9d250f9ec027465323cd09da1ebd998 linux-tools-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 29219165f8f48a32f3971bfb9d8c3f34328049b2 linux-tools-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 763dd257d5eece5c4161cbd8a40a99e981447567 linux-tools-common_4.15.0-227.238_all.deb 0ec56e00fa1fdf0901d3048f3ad10d0873ad480c linux-tools-generic_4.15.0.227.238_amd64.deb 178c3a8f0165089947f269814523ea7dd64c3155 linux-tools-host_4.15.0-227.238_all.deb 07458449fe7aa739c62890e526238690a7781105 linux-tools-lowlatency_4.15.0.227.238_amd64.deb 94acb815468ae5989a8a7d8a3edf07c7e462cef6 CLSA-2024:1714065191 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS * CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of supported queues - scsi: pm80xx: Remove DMA memory allocation for ccb and device structures - scsi: pm80xx: Increase the number of outstanding I/O supported to 1024 - scsi: pm80xx: Fix memory leak during rmmod * CVE-url: https://ubuntu.com/security/CVE-2021-47198 - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine * CVE-url: https://ubuntu.com/security/CVE-2023-52458 - block: add check that partition length needs to be aligned with block size * CVE-url: https://ubuntu.com/security/CVE-2023-52600 - jfs: fix uaf in jfs_evict_inode * CVE-url: https://ubuntu.com/security/CVE-2023-24023 - Bluetooth: Add debug setting for changing minimum encryption key size - Bluetooth: Add more enc key size check * CVE-url: https://ubuntu.com/security/CVE-2023-52603 - UBSAN: array-index-out-of-bounds in dtSplitRoot * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26600 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb c09b351868112279d7958080b564be7db2bf0396 linux-buildinfo-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 7fc4eb1049d5df948b914f0e1b397dd779d0152a linux-cloud-tools-4.15.0-227-tuxcare.els15_4.15.0-227.238_amd64.deb 0d05626a120e78a99f00eaa35d3bac641faadd51 linux-cloud-tools-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 124aa1a1036f8788d1d8aff9bf0665919c7a6377 linux-cloud-tools-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb d4293cbdd4ffddd855073f0cfdc20cdb51e11fe9 linux-cloud-tools-common_4.15.0-227.238_all.deb 3f1b6bc4b3e887621d5443785b602bf40b9b528c linux-cloud-tools-generic_4.15.0.227.238_amd64.deb db7bcd937aa99e9b10dc9a7c1eff1bf05d684262 linux-cloud-tools-lowlatency_4.15.0.227.238_amd64.deb b65ff7ac9bd4ae66033b65deaf5de575af3df7ec linux-crashdump_4.15.0.227.238_amd64.deb 5bcff224b7e6473acb8b9d1c4a2ceb89741a8b75 linux-doc_4.15.0-227.238_all.deb 76068232d4045478d65fdf02f33a5123ff1168a7 linux-generic_4.15.0.227.238_amd64.deb d007c35ae663f508b36fb4d1e25472e25210d0fd linux-headers-4.15.0-227-tuxcare.els15_4.15.0-227.238_all.deb ca7b7e24ab6dfea7a90439b5fa7b4ecfd887625f linux-headers-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 6c96309154cb19f1dfec1fe9bf26e5c1a0670f0c linux-headers-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 70559f0a488c2170cf6dbc9d0ce2b69f5cfcee8d linux-headers-generic_4.15.0.227.238_amd64.deb 20f9a0ec9051cf7a6609c312813d80c7c343e5d3 linux-headers-lowlatency_4.15.0.227.238_amd64.deb d5b5ebfee880ddca32dd972a1df8fc5dea0af27b linux-image-generic_4.15.0.227.238_amd64.deb 6b6b6e547ef2e14ed62fbe82041b5849cb0f2da0 linux-image-lowlatency_4.15.0.227.238_amd64.deb 76be15d8087225f183dbd644afdd449ee1d299f7 linux-image-unsigned-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 6c24f086ce51384f7b1c00017981db09d7cbd655 linux-image-unsigned-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 23e3ae58f7f50caaebf971d51e17030ace928bd4 linux-libc-dev_4.15.0-227.238_amd64.deb 6b641f07bb08e8c5c14e1789e418097837a40319 linux-lowlatency_4.15.0.227.238_amd64.deb c73db064193154c77627f6dc6013771dcff1c93e linux-modules-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 84d9c0fc0733542863d42565c0111646e5905730 linux-modules-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb dbe13a080ee251a474b293ddd5801e523b95a5b4 linux-modules-extra-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb d7f6c024bde43da43fba99d77769ae7ab56a5914 linux-source_4.15.0.227.238_all.deb 77f799b9ff199abda01930622a485eb542cac191 linux-source-4.15.0_4.15.0-227.238_all.deb 4499e9d42bb850696cb71f0aea32b390a21d853f linux-tools-4.15.0-227-tuxcare.els15_4.15.0-227.238_amd64.deb 683308d0e9d250f9ec027465323cd09da1ebd998 linux-tools-4.15.0-227-tuxcare.els15-generic_4.15.0-227.238_amd64.deb 29219165f8f48a32f3971bfb9d8c3f34328049b2 linux-tools-4.15.0-227-tuxcare.els15-lowlatency_4.15.0-227.238_amd64.deb 763dd257d5eece5c4161cbd8a40a99e981447567 linux-tools-common_4.15.0-227.238_all.deb 0ec56e00fa1fdf0901d3048f3ad10d0873ad480c linux-tools-generic_4.15.0.227.238_amd64.deb 178c3a8f0165089947f269814523ea7dd64c3155 linux-tools-host_4.15.0-227.238_all.deb 07458449fe7aa739c62890e526238690a7781105 linux-tools-lowlatency_4.15.0.227.238_amd64.deb 94acb815468ae5989a8a7d8a3edf07c7e462cef6 CLSA-2024:1714066220 TuxCare License Agreement 0 * SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. - CVE-2022-48624 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. - CVE-2022-48624

0 tuxcare-ubuntu18.04-els less_487-0.1+tuxcare.els1_amd64.deb 6e3c1aff5616d93403a2145c41e183e407a88fe1 CLSA-2024:1714066325 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2024-3096.patch: Disallow null character in bcrypt password to fix bug causing password_verify to erroneously return true - CVE-2024-3096 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability in package - debian/patches/CVE-2024-3096.patch: Disallow null character in bcrypt password to fix bug causing password_verify to erroneously return true - CVE-2024-3096

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 6389df092574c3195bf06c7509d15fb68f539d09 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb c36caf30f82ad983a72a31f0f236cd5cdab5fc92 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_all.deb 3fd27e5dd69afa5e7db2997e32f3373d3c6fa20a php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 244ea9fa584d8ef122ad6666cee23b9412d40c96 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb c548216a9ca5e674465f293d273c24f63ff07831 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb e7634b9ba46de5573231df468b1f3113a991076a php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 23922d479a786eb55a6b7571ac857c79d43f2349 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb ad432bf2426322141ee905d86bd721515da7d59b php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb ca3fb2f48a4d7a8268704b6735b12ec1236eb14c php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 245aea4980334c8c71a63156c556de355c866036 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 2d4a3c9263099f010ffabf1778512ae0d422b781 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb ea446df987c49aaa08226d68a81fe0114b68a75c php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 3ceffaca95e6714ce4a207d1fda6f5b911080bd0 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 393170ed7249bfd17eca5a4b148051f1f6a0a669 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb efde7bf3c847ddb21b3ee2c92aa4c8b307565c5c php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 4458ce51fb023efbcc6d0670fcb31a930ef3fc31 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 93459789bc23dcf60e12c28d1acb8dde016832eb php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 7546bc0f9cc283e88e357ee6d439a872182ba7b3 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb c8ae7a85db1aeeb08f1e6f1adc5593fc5c79f132 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb a3bfc2bc102bf2088fc07cccb06cec307f902e62 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 74cbea50e69e95551a38ef7e170113eac0c28277 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 869e749595a9cbabbcb9085c0aaa671486adc478 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 1b3cc57bf163180e24eb1c4f95ada95dde32cdf3 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 53cb90662af378c6327a0477983c0cda715f6322 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb f7a92e6365bcf1154809652b0c172e450990e9a8 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 4880cbe336a20cf6cf7319176a7123d56029e891 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb c322a4ff67adae293ea1da9862e1abf4e49b8e1b php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 7280f798dfe4785f8b64a3c6a8a2ce8be2367ac7 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb b8bffa4bb2d625745e6df6165dc83b0dda28f3a6 php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 37af4e858958a4240b9b20ccfeadf5a140ebcfc7 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 762d9f50daf40e4005004703010b42ae539532b1 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 3324ecaf8b5833305c9897b288c49cd6b33b2c40 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb a8a8db1ed6f49c0740efaf61feaf743bcfbbc8ed php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb 64c05f4a84ca6213cd2bf6a1c7c094726fbb7bdb php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb c99220a299328a6c64f2d6fe6fcc16488bc75b1b php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb baa839c98693ecc8b9e84df35e6795644dc8fbf5 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_all.deb 4931c20caf09071a42417a3e24ab6234b69cfb4f php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els3_amd64.deb b93677f5365ee44fe1804de880b2d1c678545f95 CLSA-2024:1714462008 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintention freeing in TRACE request handler - CVE-2023-49288 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintention freeing in TRACE request handler - CVE-2023-49288

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els6_amd64.deb 12af1f6388cd6ef6ea66a3cbc6fe9c8a5b0afa97 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els6_amd64.deb ce9d5d3d6e4cce9db0913a2c272317a53134a1fd squid-common_3.5.27-1ubuntu1.14+tuxcare.els6_all.deb 2f3ff54665a0a7a0937b346c5c5efc225d8bde2b squid-purge_3.5.27-1ubuntu1.14+tuxcare.els6_amd64.deb c90f7aa24e6b4b59ee9ff19a335611d88fc1cb4b squid3_3.5.27-1ubuntu1.14+tuxcare.els6_all.deb 38a88f25f0a7c4977b24e3b96c4040d3f92dd01c squidclient_3.5.27-1ubuntu1.14+tuxcare.els6_amd64.deb d1813b4b6132f6efdbf74093bf62f07f8572ff44 CLSA-2024:1714462946 TuxCare License Agreement 0 * SECURITY UPDATE: PostgreSQL driver: Fix incompatible pointer-to-integer types - debian/patches/CVE-2024-1013.patch: Fix out-of-bounds stack write by adjusting byte size in callee function - CVE-2024-1013 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: PostgreSQL driver: Fix incompatible pointer-to-integer types - debian/patches/CVE-2024-1013.patch: Fix out-of-bounds stack write by adjusting byte size in callee function - CVE-2024-1013

0 tuxcare-ubuntu18.04-els libodbc1_2.3.4-1.1ubuntu3+tuxcare.els1_amd64.deb ac2e9f3b3ae0d30490e5d7d7303222880d95f6c0 odbcinst_2.3.4-1.1ubuntu3+tuxcare.els1_amd64.deb d28e81573377c3419316c4094bd6b5c639d0598c odbcinst1debian2_2.3.4-1.1ubuntu3+tuxcare.els1_amd64.deb 9b38db9e64d45dbd8fdcafd645a28a1f5825a756 unixodbc_2.3.4-1.1ubuntu3+tuxcare.els1_amd64.deb 7ae1d94c7b30c1ad8c190d7af1779d5f1ff635a2 unixodbc-dev_2.3.4-1.1ubuntu3+tuxcare.els1_amd64.deb 5ce4b6d3e4d4e81389b3cc8f13b79279ce897798 CLSA-2024:1714728328 TuxCare License Agreement 0 * SECURITY UPDATE: possible insecure cookie abuse - debian/patches/php-7.3-CVE-2024-2756.patch: fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix - CVE-2024-2756 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible insecure cookie abuse - debian/patches/php-7.3-CVE-2024-2756.patch: fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix - CVE-2024-2756

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 4f3f0bd96ac4284170a135428941b045777a1b8a libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb afc3ab28a0f79812114324317710c840e51629ad php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_all.deb f611704d7ff4d78b5ae84a0e0757a5f999a8847e php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 7bbf45b1c2f77166df04c71cee25fca4ff9ba58a php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 7ab6756468cf9e9ff0f6ff5f59f07f3c94cdbcb0 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 3ed3988987374fb1e85b53b21e2e54de1d413c37 php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 4f5d2ac176be07d494a7f95a0563af74ae6333fa php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb ecda23ad0f7af32e0d9a8d5ffa725a468c4d01fc php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 336c2c282051ee46d6c8a50830cd53e54ce9d55c php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 418088d96bfff40b95523a0d536e049e62ac1e82 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 15809219a234d8500eced8db0aac0746d93688d8 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb ef20a88d4359747f880d0510364c02c857e2559e php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 22b5f21dd35f4528626f6e7154c93c09aff955a6 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 589b96329cb1984acf824a456e26b9c79b957505 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 0c929155d245cec6f26530e6c5f5beedf4599201 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 46a16ef488626af4ef72582249f511353f12b2c7 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb fbf326370d082c513f021e6d9197b5eb3c4153a9 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 77b12833afe1a55e059ff6d277379ffe14a7e540 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb cd52b4690e13769d3a9c31423e2c839aac9b216d php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 95df39036d0a07a667e3aa133eef57fcf635165a php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb e668b05ad80c625bbfcdcbd62bf1d9745772cff6 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 2ed90a85c4b384aba37b25d2cffb9a6ed95f57e7 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 0fc5016e493abef182a34ba10d9687e54234c446 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 5d1ac2b81f142ea2310e744bab030b4a8eb71262 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 0de0e50445f2e8b2adff1611e7c971264ad9b11a php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 0871f38cdd20b1f4b1ae1382fbaa4f93d10fe757 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb dff74dec5ceedc4462ea9185d176c193b8bc6496 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 5dfea06a10bfb1d2b3af9beb8ea2e963faf66f65 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 31d9930e5a09f4595faf7e4d28645e45a47ced5e php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 8189b6d5ac98a22ce2fa4ec074bb6c68d345f614 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb e748531a3dcd8c2c7ab5cd0c6cdfcdb1cdc4b161 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 33e11197c46c251b2b71c86b69553c11407bbdf1 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 638905850a1dc289757eb2a994557b9d1592f00d php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 2601f0961b9965fd9486cbfde80fc9a94954dedc php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb 9b54ac275fd1627e74ff743945ef6c6f1cd0bf05 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb e7d3c69780306a0ae9c901bba5c5ea09ddbdbd57 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_all.deb b8bd18453273923d9afbdc0a8e92119240e8dc4e php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els4_amd64.deb aa40a34c6670c39bb5ec6354d4ff704b54d3dae5 CLSA-2024:1715947224 TuxCare License Agreement 0 * SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487

0 tuxcare-ubuntu18.04-els less_487-0.1+tuxcare.els2_amd64.deb 9da5b0376bc0a0ec0804e4d80ff620a3de4c05b8 CLSA-2024:1716270232 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2024-26735 - ipv6: sr: fix possible use-after-free and null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2021-46981 - nbd: Fix NULL pointer in flush_workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() - timers: Update kernel-doc for various functions - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Silently ignore timers with a NULL function - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - netfilter: ipset: fix performance regression in swap operation * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2023-52617 - switchtec: Improve MRPC efficiency by enabling write combining - switchtec: Add MRPC DMA mode support - PCI: switchtec: Fix stdev_release() crash after surprise hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26920 - tracing/trigger: Fix to return error if failed to alloc snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2023-52583 - ceph: fix deadlock or deadcode of misusing dget() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2024-26663 - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52623 - SUNRPC: Fix a suspicious RCU usage warning * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26883 - bpf: Fix stackmap overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2024-26735 - ipv6: sr: fix possible use-after-free and null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2021-46981 - nbd: Fix NULL pointer in flush_workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() - timers: Update kernel-doc for various functions - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Silently ignore timers with a NULL function - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - netfilter: ipset: fix performance regression in swap operation * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2023-52617 - switchtec: Improve MRPC efficiency by enabling write combining - switchtec: Add MRPC DMA mode support - PCI: switchtec: Fix stdev_release() crash after surprise hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26920 - tracing/trigger: Fix to return error if failed to alloc snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2023-52583 - ceph: fix deadlock or deadcode of misusing dget() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2024-26663 - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52623 - SUNRPC: Fix a suspicious RCU usage warning * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26883 - bpf: Fix stackmap overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 2ea36646ad79f45877c52f3335ca924df99e4a7e linux-buildinfo-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb fc491224f4a1a39834d774bd2220b9b0e62b87e1 linux-cloud-tools-4.15.0-228-tuxcare.els16_4.15.0-228.239_amd64.deb bbae36d9d5a7712ee18d1d665bc3b398dddc90e2 linux-cloud-tools-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 0689ae4d055dd849f933225c74f7b31cd151c747 linux-cloud-tools-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb e5897a674895855fcbbf8e7dce8ddb87fbf85a14 linux-cloud-tools-common_4.15.0-228.239_all.deb a4b95149495ac6560995efa387e34dafb1522642 linux-cloud-tools-generic_4.15.0.228.239_amd64.deb e39bddc4f60c6f8d16f6eb6e2e1690e80538e24a linux-cloud-tools-lowlatency_4.15.0.228.239_amd64.deb 37c860e4370300aac76777a1bf3f5f5b2f9ca521 linux-crashdump_4.15.0.228.239_amd64.deb 789713917e9748e033a54760efb503a304b69d45 linux-doc_4.15.0-228.239_all.deb fd8dcdc6d93474f584f266608fc4472ea45d5123 linux-generic_4.15.0.228.239_amd64.deb 2e585ecee711e99909d156efe12b9b5f50f6d105 linux-headers-4.15.0-228-tuxcare.els16_4.15.0-228.239_all.deb 58f2cd2cc739d7dd7ff6c9e30cb50cf454e68d92 linux-headers-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb ae2d159bff5ebd337b858ba51fa4a9103caad7c7 linux-headers-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb 1e31d118e07e292685ec43d9c9fda26b4404c35c linux-headers-generic_4.15.0.228.239_amd64.deb b8176618d055916c1c739612e6e9beaaa14e52f2 linux-headers-lowlatency_4.15.0.228.239_amd64.deb 96297c74c31320e0f47662f1e035f909b577608a linux-image-generic_4.15.0.228.239_amd64.deb a4c8eab8e7f88f0dc22dfa6a917651aa1f60fc7c linux-image-lowlatency_4.15.0.228.239_amd64.deb c23584ad22f867805b18c13db9adfe80bacbfa14 linux-image-unsigned-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb bbc17c91b8b119893f06933309368f171e4b10df linux-image-unsigned-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb b18fa11fbb4ac16d2e9a9d7ec30e1c97c1a9c0f2 linux-libc-dev_4.15.0-228.239_amd64.deb 4a023a2939db858167ef768bc6df312f6f75f3dd linux-lowlatency_4.15.0.228.239_amd64.deb 998001520b8725ebb7fb05ca2341351f18c80c03 linux-modules-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 1adacd5740438b2c4a25d567ee3e3d47c03e2373 linux-modules-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb 4c21d4ae6cbc7dd9eefd227775c3fb42eb993497 linux-modules-extra-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 35797b1b9256f88a38e01d6ac4a99534ca9d8dc4 linux-source_4.15.0.228.239_all.deb f2a73319525a92e5f146f1f3be9a315d4def06c7 linux-source-4.15.0_4.15.0-228.239_all.deb 954f3cf10136c08a82feaa9576727fdcf38ddfee linux-tools-4.15.0-228-tuxcare.els16_4.15.0-228.239_amd64.deb bbb72701794691f7c47cbdab19406c6a1ea9a3ca linux-tools-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 61a0e9b31b12505769c19ec4746b4877f8d79b29 linux-tools-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb 5af64c47b1c3b6ff4070d9d9c29ab503725d0fdd linux-tools-common_4.15.0-228.239_all.deb 4d5c837adb72280b733d5914c1c13d77f0aabf36 linux-tools-generic_4.15.0.228.239_amd64.deb 965bf8b4377b144f8524ac9afc190606fef4f120 linux-tools-host_4.15.0-228.239_all.deb ed462563931885eed68c27dc31ff987de108fc82 linux-tools-lowlatency_4.15.0.228.239_amd64.deb 8d914243737157348f935673acbff5eebfc7c1a3 CLSA-2024:1716270655 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2024-26735 - ipv6: sr: fix possible use-after-free and null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2021-46981 - nbd: Fix NULL pointer in flush_workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() - timers: Update kernel-doc for various functions - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Silently ignore timers with a NULL function - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - netfilter: ipset: fix performance regression in swap operation * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2023-52617 - switchtec: Improve MRPC efficiency by enabling write combining - switchtec: Add MRPC DMA mode support - PCI: switchtec: Fix stdev_release() crash after surprise hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26920 - tracing/trigger: Fix to return error if failed to alloc snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2023-52583 - ceph: fix deadlock or deadcode of misusing dget() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2024-26663 - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52623 - SUNRPC: Fix a suspicious RCU usage warning * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26883 - bpf: Fix stackmap overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2024-26735 - ipv6: sr: fix possible use-after-free and null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2021-46981 - nbd: Fix NULL pointer in flush_workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() - timers: Update kernel-doc for various functions - timers: Use del_timer_sync() even on UP - timers: Rename del_timer_sync() to timer_delete_sync() - timers: Rename del_timer() to timer_delete() - timers: Silently ignore timers with a NULL function - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode - timers: Add shutdown mechanism to the internal functions - timers: Provide timer_shutdown[_sync]() - netfilter: ipset: fix performance regression in swap operation * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2023-52617 - switchtec: Improve MRPC efficiency by enabling write combining - switchtec: Add MRPC DMA mode support - PCI: switchtec: Fix stdev_release() crash after surprise hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26920 - tracing/trigger: Fix to return error if failed to alloc snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2023-52583 - ceph: fix deadlock or deadcode of misusing dget() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2024-26663 - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52623 - SUNRPC: Fix a suspicious RCU usage warning * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26883 - bpf: Fix stackmap overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 2ea36646ad79f45877c52f3335ca924df99e4a7e linux-buildinfo-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb fc491224f4a1a39834d774bd2220b9b0e62b87e1 linux-cloud-tools-4.15.0-228-tuxcare.els16_4.15.0-228.239_amd64.deb bbae36d9d5a7712ee18d1d665bc3b398dddc90e2 linux-cloud-tools-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 0689ae4d055dd849f933225c74f7b31cd151c747 linux-cloud-tools-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb e5897a674895855fcbbf8e7dce8ddb87fbf85a14 linux-cloud-tools-common_4.15.0-228.239_all.deb a4b95149495ac6560995efa387e34dafb1522642 linux-cloud-tools-generic_4.15.0.228.239_amd64.deb e39bddc4f60c6f8d16f6eb6e2e1690e80538e24a linux-cloud-tools-lowlatency_4.15.0.228.239_amd64.deb 37c860e4370300aac76777a1bf3f5f5b2f9ca521 linux-crashdump_4.15.0.228.239_amd64.deb 789713917e9748e033a54760efb503a304b69d45 linux-doc_4.15.0-228.239_all.deb fd8dcdc6d93474f584f266608fc4472ea45d5123 linux-generic_4.15.0.228.239_amd64.deb 2e585ecee711e99909d156efe12b9b5f50f6d105 linux-headers-4.15.0-228-tuxcare.els16_4.15.0-228.239_all.deb 58f2cd2cc739d7dd7ff6c9e30cb50cf454e68d92 linux-headers-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb ae2d159bff5ebd337b858ba51fa4a9103caad7c7 linux-headers-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb 1e31d118e07e292685ec43d9c9fda26b4404c35c linux-headers-generic_4.15.0.228.239_amd64.deb b8176618d055916c1c739612e6e9beaaa14e52f2 linux-headers-lowlatency_4.15.0.228.239_amd64.deb 96297c74c31320e0f47662f1e035f909b577608a linux-image-generic_4.15.0.228.239_amd64.deb a4c8eab8e7f88f0dc22dfa6a917651aa1f60fc7c linux-image-lowlatency_4.15.0.228.239_amd64.deb c23584ad22f867805b18c13db9adfe80bacbfa14 linux-image-unsigned-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb bbc17c91b8b119893f06933309368f171e4b10df linux-image-unsigned-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb b18fa11fbb4ac16d2e9a9d7ec30e1c97c1a9c0f2 linux-libc-dev_4.15.0-228.239_amd64.deb 4a023a2939db858167ef768bc6df312f6f75f3dd linux-lowlatency_4.15.0.228.239_amd64.deb 998001520b8725ebb7fb05ca2341351f18c80c03 linux-modules-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 1adacd5740438b2c4a25d567ee3e3d47c03e2373 linux-modules-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb 4c21d4ae6cbc7dd9eefd227775c3fb42eb993497 linux-modules-extra-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 35797b1b9256f88a38e01d6ac4a99534ca9d8dc4 linux-source_4.15.0.228.239_all.deb f2a73319525a92e5f146f1f3be9a315d4def06c7 linux-source-4.15.0_4.15.0-228.239_all.deb 954f3cf10136c08a82feaa9576727fdcf38ddfee linux-tools-4.15.0-228-tuxcare.els16_4.15.0-228.239_amd64.deb bbb72701794691f7c47cbdab19406c6a1ea9a3ca linux-tools-4.15.0-228-tuxcare.els16-generic_4.15.0-228.239_amd64.deb 61a0e9b31b12505769c19ec4746b4877f8d79b29 linux-tools-4.15.0-228-tuxcare.els16-lowlatency_4.15.0-228.239_amd64.deb 5af64c47b1c3b6ff4070d9d9c29ab503725d0fdd linux-tools-common_4.15.0-228.239_all.deb 4d5c837adb72280b733d5914c1c13d77f0aabf36 linux-tools-generic_4.15.0.228.239_amd64.deb 965bf8b4377b144f8524ac9afc190606fef4f120 linux-tools-host_4.15.0-228.239_all.deb ed462563931885eed68c27dc31ff987de108fc82 linux-tools-lowlatency_4.15.0.228.239_amd64.deb 8d914243737157348f935673acbff5eebfc7c1a3 CLSA-2024:1716485825 TuxCare License Agreement 0 * SECURITY UPDATE: template injection allows code injection through specially crafted files - debian/patches/CVE-2023-5764.patch: avoid evaluate unsafe conditions - debian/patches/CVE-2023-5764-ext-tests.patch: addional tests - CVE-2023-5764 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: template injection allows code injection through specially crafted files - debian/patches/CVE-2023-5764.patch: avoid evaluate unsafe conditions - debian/patches/CVE-2023-5764-ext-tests.patch: addional tests - CVE-2023-5764

0 tuxcare-ubuntu18.04-els ansible_2.5.1+dfsg-1ubuntu0.1+tuxcare.els2_all.deb 5e39f62a47aeba72959255a9fcc44483deb983b6 CLSA-2024:1716485905 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-6992.patch: in deflace.c fix incorrectly calculated min size of block. - CVE-2023-6992 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-6992.patch: in deflace.c fix incorrectly calculated min size of block. - CVE-2023-6992

0 tuxcare-ubuntu18.04-els lib32z1_1.2.11.dfsg-0ubuntu2.2+tuxcare.els2_amd64.deb c1efded1fa7520191320dcc8cfb1d92eb81c1e48 lib32z1-dev_1.2.11.dfsg-0ubuntu2.2+tuxcare.els2_amd64.deb a4b9266e2c63290dc26c66899b7b8e24cf1359b2 libx32z1_1.2.11.dfsg-0ubuntu2.2+tuxcare.els2_amd64.deb 4d1a2f92378344a5b774779706fb6886095bfef7 libx32z1-dev_1.2.11.dfsg-0ubuntu2.2+tuxcare.els2_amd64.deb a72c022ba8478d5f6e47e19fd665dfa36b21ba80 zlib1g_1.2.11.dfsg-0ubuntu2.2+tuxcare.els2_amd64.deb 89f30a237b90c724a3eb7622f6847fa73304bb02 zlib1g-dev_1.2.11.dfsg-0ubuntu2.2+tuxcare.els2_amd64.deb 1403a2539930c88f21c2c1f489068dd3d8fe720e CLSA-2024:1716981167 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2022-48673 - net/smc: Fix possible access to freed memory in link clear * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2022-48687 - ipv6: sr: fix out-of-bounds read when setting HMAC data. * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2024-27019 - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52753 - drm/amd/display: Avoid NULL dereference of timing generator * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2023-52802 - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2022-48673 - net/smc: Fix possible access to freed memory in link clear * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2022-48687 - ipv6: sr: fix out-of-bounds read when setting HMAC data. * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2024-27019 - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52753 - drm/amd/display: Avoid NULL dereference of timing generator * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2023-52802 - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 631d6ccff9f161a62299656adfbe18195dca0d02 linux-buildinfo-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb 075bac237b6fa1b2c64a6b8d764d2a27497a7989 linux-cloud-tools-4.15.0-229-tuxcare.els17_4.15.0-229.240_amd64.deb 8591ec43e76a08bedfc6a330929dcabe306e3e62 linux-cloud-tools-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb f70b5e1240acee3154580845e7b97ac26d59a9cb linux-cloud-tools-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb b4eb206be8b3325174c0fed5e86789aeb2ecd687 linux-cloud-tools-common_4.15.0-229.240_all.deb 7769a4d1d2d81d4d8766e58a75aa159eea44b611 linux-cloud-tools-generic_4.15.0.229.240_amd64.deb be1a62d9d6621e58b51ce41c255397f3446f79d8 linux-cloud-tools-lowlatency_4.15.0.229.240_amd64.deb 0d80763631b1b59693aba1f039ad1e753330f1b4 linux-crashdump_4.15.0.229.240_amd64.deb 5682ebfbb498413235c2f3c4e34d58cc7363ae14 linux-doc_4.15.0-229.240_all.deb ddc4d8f4ad740144d111c7e95f2df91a4cc5f5c0 linux-generic_4.15.0.229.240_amd64.deb 9bf7b2965f6c084ae732f66cc5be9461699342a3 linux-headers-4.15.0-229-tuxcare.els17_4.15.0-229.240_all.deb 16cfb00806a42272808ba3ad85da815c8e1a11bb linux-headers-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb a40ffa8009c10628888dc266fc8c8bf775f69d4d linux-headers-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb bd16d16cd558f16f009bac59c8075876d3a9dcfe linux-headers-generic_4.15.0.229.240_amd64.deb fb7f7061930be77be4cc1f42f07a2d3d24393511 linux-headers-lowlatency_4.15.0.229.240_amd64.deb 4927e6cb0074d6b125fa948488be047396deb156 linux-image-generic_4.15.0.229.240_amd64.deb 2f11fe3faca6379bcdc2ad932534c7c87c6e05f0 linux-image-lowlatency_4.15.0.229.240_amd64.deb 593dbeb758bbd94d5fcbcc6aec12728117822863 linux-image-unsigned-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb ceb3696bcb12792ecccb90233473e22d693a033c linux-image-unsigned-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb 647bf25d123b8f967d334eece5311ef5f72ca7f2 linux-libc-dev_4.15.0-229.240_amd64.deb a06e448209a31ec9a527e343a606f47dbe073d93 linux-lowlatency_4.15.0.229.240_amd64.deb 8267479cd0897fa4d68026e29d3c0883ba931ab7 linux-modules-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 58b0762ad493fdb604532148064ff6815dc0583f linux-modules-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb f683d3026da41fe58f61170177bc07914b0c07fd linux-modules-extra-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 0322e39249290946c78cffa3bb31ce76e3209b37 linux-source_4.15.0.229.240_all.deb 0e65fb618922bdb8547bc706a1b8ae104d2592f9 linux-source-4.15.0_4.15.0-229.240_all.deb 342825009f26ce95afe9f8d62eb091ac64a3719d linux-tools-4.15.0-229-tuxcare.els17_4.15.0-229.240_amd64.deb 3e0dda6dc8e711922f0dad07cbe1abb594790056 linux-tools-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 904c7c5a374a1fdde1ef5618994ff76673c2c971 linux-tools-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb e5a796ff26863faf3fdb5a29cb3b82043bd0bdf8 linux-tools-common_4.15.0-229.240_all.deb de6feb82c8264e5961b23da1b93d8fbcc09316dc linux-tools-generic_4.15.0.229.240_amd64.deb 5236172c35f564f12d47f151b034c5a3d183215b linux-tools-host_4.15.0-229.240_all.deb 55960be6c1591283f694b7bd3c73cfc30e600e3c linux-tools-lowlatency_4.15.0.229.240_amd64.deb d8c88c0b82c486e3ba84c642a5ab508a74647ef1 CLSA-2024:1716981762 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2022-48673 - net/smc: Fix possible access to freed memory in link clear * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2022-48687 - ipv6: sr: fix out-of-bounds read when setting HMAC data. * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2024-27019 - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52753 - drm/amd/display: Avoid NULL dereference of timing generator * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2023-52802 - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe() None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2022-48673 - net/smc: Fix possible access to freed memory in link clear * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2022-48687 - ipv6: sr: fix out-of-bounds read when setting HMAC data. * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2024-27019 - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52753 - drm/amd/display: Avoid NULL dereference of timing generator * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2023-52802 - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 631d6ccff9f161a62299656adfbe18195dca0d02 linux-buildinfo-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb 075bac237b6fa1b2c64a6b8d764d2a27497a7989 linux-cloud-tools-4.15.0-229-tuxcare.els17_4.15.0-229.240_amd64.deb 8591ec43e76a08bedfc6a330929dcabe306e3e62 linux-cloud-tools-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb f70b5e1240acee3154580845e7b97ac26d59a9cb linux-cloud-tools-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb b4eb206be8b3325174c0fed5e86789aeb2ecd687 linux-cloud-tools-common_4.15.0-229.240_all.deb 7769a4d1d2d81d4d8766e58a75aa159eea44b611 linux-cloud-tools-generic_4.15.0.229.240_amd64.deb be1a62d9d6621e58b51ce41c255397f3446f79d8 linux-cloud-tools-lowlatency_4.15.0.229.240_amd64.deb 0d80763631b1b59693aba1f039ad1e753330f1b4 linux-crashdump_4.15.0.229.240_amd64.deb 5682ebfbb498413235c2f3c4e34d58cc7363ae14 linux-doc_4.15.0-229.240_all.deb ddc4d8f4ad740144d111c7e95f2df91a4cc5f5c0 linux-generic_4.15.0.229.240_amd64.deb 9bf7b2965f6c084ae732f66cc5be9461699342a3 linux-headers-4.15.0-229-tuxcare.els17_4.15.0-229.240_all.deb 16cfb00806a42272808ba3ad85da815c8e1a11bb linux-headers-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb a40ffa8009c10628888dc266fc8c8bf775f69d4d linux-headers-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb bd16d16cd558f16f009bac59c8075876d3a9dcfe linux-headers-generic_4.15.0.229.240_amd64.deb fb7f7061930be77be4cc1f42f07a2d3d24393511 linux-headers-lowlatency_4.15.0.229.240_amd64.deb 4927e6cb0074d6b125fa948488be047396deb156 linux-image-generic_4.15.0.229.240_amd64.deb 2f11fe3faca6379bcdc2ad932534c7c87c6e05f0 linux-image-lowlatency_4.15.0.229.240_amd64.deb 593dbeb758bbd94d5fcbcc6aec12728117822863 linux-image-unsigned-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb ceb3696bcb12792ecccb90233473e22d693a033c linux-image-unsigned-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb 647bf25d123b8f967d334eece5311ef5f72ca7f2 linux-libc-dev_4.15.0-229.240_amd64.deb a06e448209a31ec9a527e343a606f47dbe073d93 linux-lowlatency_4.15.0.229.240_amd64.deb 8267479cd0897fa4d68026e29d3c0883ba931ab7 linux-modules-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 58b0762ad493fdb604532148064ff6815dc0583f linux-modules-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb f683d3026da41fe58f61170177bc07914b0c07fd linux-modules-extra-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 0322e39249290946c78cffa3bb31ce76e3209b37 linux-source_4.15.0.229.240_all.deb 0e65fb618922bdb8547bc706a1b8ae104d2592f9 linux-source-4.15.0_4.15.0-229.240_all.deb 342825009f26ce95afe9f8d62eb091ac64a3719d linux-tools-4.15.0-229-tuxcare.els17_4.15.0-229.240_amd64.deb 3e0dda6dc8e711922f0dad07cbe1abb594790056 linux-tools-4.15.0-229-tuxcare.els17-generic_4.15.0-229.240_amd64.deb 904c7c5a374a1fdde1ef5618994ff76673c2c971 linux-tools-4.15.0-229-tuxcare.els17-lowlatency_4.15.0-229.240_amd64.deb e5a796ff26863faf3fdb5a29cb3b82043bd0bdf8 linux-tools-common_4.15.0-229.240_all.deb de6feb82c8264e5961b23da1b93d8fbcc09316dc linux-tools-generic_4.15.0.229.240_amd64.deb 5236172c35f564f12d47f151b034c5a3d183215b linux-tools-host_4.15.0-229.240_all.deb 55960be6c1591283f694b7bd3c73cfc30e600e3c linux-tools-lowlatency_4.15.0.229.240_amd64.deb d8c88c0b82c486e3ba84c642a5ab508a74647ef1 CLSA-2024:1718192341 TuxCare License Agreement 0 * Bump epoch * Disable ESM notification after installation: - remove ESM hook for apt-system - remove ESM infra/apps repositories from apt sources list * Automatically mark some pytest to skip if FIPS kernel is running in a disabled state (they always fail in this mode) None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump epoch * Disable ESM notification after installation: - remove ESM hook for apt-system - remove ESM infra/apps repositories from apt sources list * Automatically mark some pytest to skip if FIPS kernel is running in a disabled state (they always fail in this mode)

0 tuxcare-ubuntu18.04-els ubuntu-advantage-pro_32.3~18.04+tuxcare.els1_all.deb 36af327cf5fd6c59894dbd832bf037cbe39c130c ubuntu-advantage-tools_32.3~18.04+tuxcare.els1_all.deb 22e2e434eae43b8c9a22856834a91f2467064ac0 ubuntu-pro-auto-attach_32.3~18.04+tuxcare.els1_all.deb 8b0400a648dec3a993095841199abb10a0e81f7d ubuntu-pro-client_32.3~18.04+tuxcare.els1_amd64.deb 8b75fe94e2e9daea1a3cb3b10a85743ac88a23d3 ubuntu-pro-client-l10n_32.3~18.04+tuxcare.els1_amd64.deb 138b0b07372cb65b9c1afaba3d669df45d3c2ae4 CLSA-2024:1718270850 TuxCare License Agreement 0 * SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016-2.patch: ps: extended fix of the CVE-2023-4016 - fix possible buffer overflow in -C option. - CVE-2023-4016 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016-2.patch: ps: extended fix of the CVE-2023-4016 - fix possible buffer overflow in -C option. - CVE-2023-4016

0 tuxcare-ubuntu18.04-els libprocps-dev_3.3.12-3ubuntu1.2+tuxcare.els2_amd64.deb d3428e0bd27293d9f4a1e081c52f6a9868b58368 libprocps6_3.3.12-3ubuntu1.2+tuxcare.els2_amd64.deb 2998e4a8b69e64a712cde7a54dde97aa4974d010 procps_3.3.12-3ubuntu1.2+tuxcare.els2_amd64.deb eef2455d27b39b4cdfae3c9159f727bf33b0cc17 CLSA-2024:1718789955 TuxCare License Agreement 0 * SECURITY UPDATE: filter bypass in filter_var FILTER_VALIDATE_URL - debian/patches/CVE-2024-5458.patch: Fix early-out for ipv6 hostname validation, ensure full check is performed - CVE-2024-5458 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: filter bypass in filter_var FILTER_VALIDATE_URL - debian/patches/CVE-2024-5458.patch: Fix early-out for ipv6 hostname validation, ensure full check is performed - CVE-2024-5458

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb f575f5082da93b90a8ea592eb3b3e160f8cdaf43 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 7e20304c269010702daf62cef14d65f774c7ce12 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_all.deb 2b0341b6015f873bf50d179699afa32f08581340 php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 5bf2e574531bc4d7c957926fd367776986496e83 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 86ca50a4d12ef437f5f6e2f3502411e0ba10673d php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb ff65800d903a1c0988c6104d7b63bd8dcfe4539b php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 2fc9c12de12fbf16f58d48522668680deec7e2eb php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 06094cac29c347d6c1214748ea59ce4d9f21df10 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 25ec9b85e0d191fc551f0655851601e804388334 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 323ff3e5f4af4a4f8b20c55788530b5ed782ac81 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 6abf3583567a603ba05ba6a1283b142e1536fa40 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 46fb6da4f3f729e79488d4ad2e0bffc7a2ae3cea php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 2a62076ab63f46c432361531e131b3b7ab79fd50 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 9e057bed9c618ea249dc7d7ae427d1f02543caa0 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 32b4409bf90ee39067868d49583702c8a187efb1 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 005a76e9dad1f09e8dcae3d9cbd076e72da63e3d php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 368869243042734f9bfdf7e496857dc1a3fb4950 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb a0979b606edc1c333c09cb7a4ef0c59fc1d4749b php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb f9ac88183bf9eaa8d4ac323e320a6d398f8b77a9 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb edf2f1d5a68f8f68d37251932ddc2d8bc00d391c php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 12b07a407e3c3baff753e1b052d889583a42088d php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb aca4b1dba75233e3b2b646cad5c7d97a8e439e43 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 6e7f3f7bb523844b43ef05ef5b72479795b52b7c php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 304351bd0052bd616cff426140d1d0229342d6e9 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 126f390170b66a073f6b099cc80694b479149440 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 280fbf2f40fd9e7cbe860334c307ff25a91e1a6a php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 62b820083825887b7ae2df05367bdbd3672b42cd php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 18c9e726b92353a8364e6e68aad44464ddf29c20 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb e66ecb1f9c7b2c9faf291a18d207541c5c3b5c59 php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 5d3032333e3bf123c0d90940b97ba57379a53d6c php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 850c58801957a938c46628ef00e78c992152930e php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb c38525d6c8c3d73a7c4d754a8f8cb7ee026b87a9 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 879ffb2fdd053388f39658591fb6b604427bbcb6 php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb e27fdaf6cee6c0301ddbf3446980d77e21760b28 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb aa85eb61d6c8f24c96bfd2d89de48e24b5024429 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 4278c793d5c324551b1b399369082f4785f83981 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_all.deb c8de064deca27544a92d6c93c09fc127dc831c25 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els5_amd64.deb 4e8f2867425e52a1edd9bd96ff186a731265a290 CLSA-2024:1718950178 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - aio: remove the extra get_file/fput pair in io_submit_one - aio: refactor read/write iocb setup - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * CVE-url: https://ubuntu.com/security/CVE-2024-36971 - net: fix __dst_negative_advice() race * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2021-47543 - perf report: Fix memory leaks around perf_tip() * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2021-47063 - drm: bridge/panel: Cleanup connector on bridge detach * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26793 - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-26754 - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-27413 - efi/capsule-loader: fix incorrect allocation size * CVE-url: https://ubuntu.com/security/CVE-2024-26736 - afs: Increase buffer size in afs_update_volume_status() * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26763 - dm-crypt: don't modify the data when using authenticated encryption * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - aio: remove the extra get_file/fput pair in io_submit_one - aio: refactor read/write iocb setup - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * CVE-url: https://ubuntu.com/security/CVE-2024-36971 - net: fix __dst_negative_advice() race * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2021-47543 - perf report: Fix memory leaks around perf_tip() * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2021-47063 - drm: bridge/panel: Cleanup connector on bridge detach * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26793 - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-26754 - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-27413 - efi/capsule-loader: fix incorrect allocation size * CVE-url: https://ubuntu.com/security/CVE-2024-26736 - afs: Increase buffer size in afs_update_volume_status() * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26763 - dm-crypt: don't modify the data when using authenticated encryption * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 639bfc7071dd57a25e8f2fd0482aaa7984db3aa7 linux-buildinfo-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb dea595cfaf30adba356b8cc33290c930d7960616 linux-cloud-tools-4.15.0-230-tuxcare.els18_4.15.0-230.241_amd64.deb 2194ab8cbca3130221ca409b49f07915b3651c88 linux-cloud-tools-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 875a4d9ef95d33995dec9b8b931c5024f4853955 linux-cloud-tools-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb 4fb398044c53cb63af6f78f4103b0a44b58eaffe linux-cloud-tools-common_4.15.0-230.241_all.deb 678c33538c4e33bbc588711a7e7d615935a42962 linux-cloud-tools-generic_4.15.0.230.241_amd64.deb f56d4c543923bcd5ae832cb25eb49a805afe9eb6 linux-cloud-tools-lowlatency_4.15.0.230.241_amd64.deb c43104db67d040fe33c42c496ac7798541694c8f linux-crashdump_4.15.0.230.241_amd64.deb 4108fafdd656338a3e3ec3da1c13e976b4a7cf4d linux-doc_4.15.0-230.241_all.deb 09731439a97441dc273e17e08de9d817b63fa92d linux-generic_4.15.0.230.241_amd64.deb 1a6f0f9d32f6a92a5ed4d7b222838a7f831ee1bb linux-headers-4.15.0-230-tuxcare.els18_4.15.0-230.241_all.deb 91668b52cdd30d21d0cfe547e328a3440ad46b38 linux-headers-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 01ccaa566fbd660588ef51f5dec98c34fa6ac011 linux-headers-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb 1fbd56b136cbb4913ea7460f81079b700369eeda linux-headers-generic_4.15.0.230.241_amd64.deb 7ed761bcdad6fcc661c72e238b81d6e499dfc99b linux-headers-lowlatency_4.15.0.230.241_amd64.deb a25a9d853855166906f870cfaf4ccec391154b25 linux-image-generic_4.15.0.230.241_amd64.deb 38b934c695c9ff488591217c3588f1468ee68d89 linux-image-lowlatency_4.15.0.230.241_amd64.deb bb50276ed8de4c68122aae3c977a82f016e3e2eb linux-image-unsigned-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb f8868c2f07b7b5095dd6040b616149bc783339ce linux-image-unsigned-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb 180d0f190f875ba9f7ba35413c33151909c24618 linux-libc-dev_4.15.0-230.241_amd64.deb 5d9a7b011cc60d37d7946a5b1065a8801a5753c6 linux-lowlatency_4.15.0.230.241_amd64.deb e0f9a96fa32424ef2e0d33e67a8bd3e79c5888ce linux-modules-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 8d0f9dd86e69106e72c4c351e3958986ddfc4110 linux-modules-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb da5188dc1e3ec2ced1fd73d7b7bf9564fc7e5b45 linux-modules-extra-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 54776c83898a3b72628fe2dc3bbd50112d3e49e0 linux-source_4.15.0.230.241_all.deb 7101de97be0ce238f42282d422abfcc383719260 linux-source-4.15.0_4.15.0-230.241_all.deb b58ccc31d0b6c444cb2bcedaae8499364bb04bdb linux-tools-4.15.0-230-tuxcare.els18_4.15.0-230.241_amd64.deb e5780940a687b1ad9f844bd45d032688d26f31fc linux-tools-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 4fd687306b5b519601180b6cb5e16c8e7820b59e linux-tools-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb fcced4c69a4d73e24e8ff107fafaf2f1d256fd43 linux-tools-common_4.15.0-230.241_all.deb 1c5f696d6faf7fb434aff97c2ea76850432bf6a3 linux-tools-generic_4.15.0.230.241_amd64.deb bf504e7fe6194448b911ffce4d510d7ed011b1dc linux-tools-host_4.15.0-230.241_all.deb c7ff66b202c57cdc79a6f8a4be963b577e6272d1 linux-tools-lowlatency_4.15.0.230.241_amd64.deb 9d5676a48f4bd1e3f2decbde6532e4183e5c8b5f CLSA-2024:1718950656 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - aio: remove the extra get_file/fput pair in io_submit_one - aio: refactor read/write iocb setup - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * CVE-url: https://ubuntu.com/security/CVE-2024-36971 - net: fix __dst_negative_advice() race * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2021-47543 - perf report: Fix memory leaks around perf_tip() * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2021-47063 - drm: bridge/panel: Cleanup connector on bridge detach * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26793 - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-26754 - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-27413 - efi/capsule-loader: fix incorrect allocation size * CVE-url: https://ubuntu.com/security/CVE-2024-26736 - afs: Increase buffer size in afs_update_volume_status() * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26763 - dm-crypt: don't modify the data when using authenticated encryption * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUG_ON and comment in aio_complete - aio: remove the extra get_file/fput pair in io_submit_one - aio: refactor read/write iocb setup - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio * CVE-url: https://ubuntu.com/security/CVE-2024-36971 - net: fix __dst_negative_advice() race * CVE-url: https://ubuntu.com/security/CVE-2024-26840 - cachefiles: fix memory leak in cachefiles_add_cache() * CVE-url: https://ubuntu.com/security/CVE-2021-47543 - perf report: Fix memory leaks around perf_tip() * CVE-url: https://ubuntu.com/security/CVE-2024-27405 - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs * CVE-url: https://ubuntu.com/security/CVE-2024-26779 - wifi: mac80211: fix race condition on enabling fast-xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26772 - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() * CVE-url: https://ubuntu.com/security/CVE-2024-26845 - scsi: target: core: Add TMF to tmr_list handling * CVE-url: https://ubuntu.com/security/CVE-2021-47063 - drm: bridge/panel: Cleanup connector on bridge detach * CVE-url: https://ubuntu.com/security/CVE-2024-26804 - net: ip_tunnel: prevent perpetual headroom growth * CVE-url: https://ubuntu.com/security/CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change * CVE-url: https://ubuntu.com/security/CVE-2024-26793 - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() * CVE-url: https://ubuntu.com/security/CVE-2024-26754 - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() * CVE-url: https://ubuntu.com/security/CVE-2024-26839 - IB/hfi1: Fix a memleak in init_credit_return * CVE-url: https://ubuntu.com/security/CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() * CVE-url: https://ubuntu.com/security/CVE-2024-27413 - efi/capsule-loader: fix incorrect allocation size * CVE-url: https://ubuntu.com/security/CVE-2024-26736 - afs: Increase buffer size in afs_update_volume_status() * CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26778 - fbdev: savage: Error out if pixclock equals zero * CVE-url: https://ubuntu.com/security/CVE-2024-26763 - dm-crypt: don't modify the data when using authenticated encryption * CVE-url: https://ubuntu.com/security/CVE-2024-26733 - arp: Prevent overflow in arp_req_get(). * CVE-url: https://ubuntu.com/security/CVE-2024-26791 - btrfs: dev-replace: properly validate device names

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 639bfc7071dd57a25e8f2fd0482aaa7984db3aa7 linux-buildinfo-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb dea595cfaf30adba356b8cc33290c930d7960616 linux-cloud-tools-4.15.0-230-tuxcare.els18_4.15.0-230.241_amd64.deb 2194ab8cbca3130221ca409b49f07915b3651c88 linux-cloud-tools-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 875a4d9ef95d33995dec9b8b931c5024f4853955 linux-cloud-tools-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb 4fb398044c53cb63af6f78f4103b0a44b58eaffe linux-cloud-tools-common_4.15.0-230.241_all.deb 678c33538c4e33bbc588711a7e7d615935a42962 linux-cloud-tools-generic_4.15.0.230.241_amd64.deb f56d4c543923bcd5ae832cb25eb49a805afe9eb6 linux-cloud-tools-lowlatency_4.15.0.230.241_amd64.deb c43104db67d040fe33c42c496ac7798541694c8f linux-crashdump_4.15.0.230.241_amd64.deb 4108fafdd656338a3e3ec3da1c13e976b4a7cf4d linux-doc_4.15.0-230.241_all.deb 09731439a97441dc273e17e08de9d817b63fa92d linux-generic_4.15.0.230.241_amd64.deb 1a6f0f9d32f6a92a5ed4d7b222838a7f831ee1bb linux-headers-4.15.0-230-tuxcare.els18_4.15.0-230.241_all.deb 91668b52cdd30d21d0cfe547e328a3440ad46b38 linux-headers-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 01ccaa566fbd660588ef51f5dec98c34fa6ac011 linux-headers-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb 1fbd56b136cbb4913ea7460f81079b700369eeda linux-headers-generic_4.15.0.230.241_amd64.deb 7ed761bcdad6fcc661c72e238b81d6e499dfc99b linux-headers-lowlatency_4.15.0.230.241_amd64.deb a25a9d853855166906f870cfaf4ccec391154b25 linux-image-generic_4.15.0.230.241_amd64.deb 38b934c695c9ff488591217c3588f1468ee68d89 linux-image-lowlatency_4.15.0.230.241_amd64.deb bb50276ed8de4c68122aae3c977a82f016e3e2eb linux-image-unsigned-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb f8868c2f07b7b5095dd6040b616149bc783339ce linux-image-unsigned-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb 180d0f190f875ba9f7ba35413c33151909c24618 linux-libc-dev_4.15.0-230.241_amd64.deb 5d9a7b011cc60d37d7946a5b1065a8801a5753c6 linux-lowlatency_4.15.0.230.241_amd64.deb e0f9a96fa32424ef2e0d33e67a8bd3e79c5888ce linux-modules-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 8d0f9dd86e69106e72c4c351e3958986ddfc4110 linux-modules-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb da5188dc1e3ec2ced1fd73d7b7bf9564fc7e5b45 linux-modules-extra-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 54776c83898a3b72628fe2dc3bbd50112d3e49e0 linux-source_4.15.0.230.241_all.deb 7101de97be0ce238f42282d422abfcc383719260 linux-source-4.15.0_4.15.0-230.241_all.deb b58ccc31d0b6c444cb2bcedaae8499364bb04bdb linux-tools-4.15.0-230-tuxcare.els18_4.15.0-230.241_amd64.deb e5780940a687b1ad9f844bd45d032688d26f31fc linux-tools-4.15.0-230-tuxcare.els18-generic_4.15.0-230.241_amd64.deb 4fd687306b5b519601180b6cb5e16c8e7820b59e linux-tools-4.15.0-230-tuxcare.els18-lowlatency_4.15.0-230.241_amd64.deb fcced4c69a4d73e24e8ff107fafaf2f1d256fd43 linux-tools-common_4.15.0-230.241_all.deb 1c5f696d6faf7fb434aff97c2ea76850432bf6a3 linux-tools-generic_4.15.0.230.241_amd64.deb bf504e7fe6194448b911ffce4d510d7ed011b1dc linux-tools-host_4.15.0-230.241_all.deb c7ff66b202c57cdc79a6f8a4be963b577e6272d1 linux-tools-lowlatency_4.15.0.230.241_amd64.deb 9d5676a48f4bd1e3f2decbde6532e4183e5c8b5f CLSA-2024:1719568307 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add new word for scattered features - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26922 - drm/amdgpu: validate the parameters of bo mapping operations more clearly * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - [Config] updateconfigs for CONFIG_BHI_{AUTO|OFF|ON} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add new word for scattered features - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26922 - drm/amdgpu: validate the parameters of bo mapping operations more clearly * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - [Config] updateconfigs for CONFIG_BHI_{AUTO|OFF|ON}

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 9b36a8d70a2f288fb3851ce40237c472d14624c4 linux-buildinfo-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb 3e2baeafe8912d92a0a18ec78e3db29c84849ceb linux-cloud-tools-4.15.0-231-tuxcare.els19_4.15.0-231.242_amd64.deb 33796ae806befe960fc73e1d85d1d25f6e60b392 linux-cloud-tools-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 1df18a0c9eb71c285a7cbca0306d471260c32e10 linux-cloud-tools-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb 5ffb262c5672199330362bbf4ffbc4c243234e00 linux-cloud-tools-common_4.15.0-231.242_all.deb 2605f3fe4a6790f0d9bce11dc2eb35a257ff773f linux-cloud-tools-generic_4.15.0.231.242_amd64.deb 9b988d2f8939ee387dcacb863b60ba895dfcd7ac linux-cloud-tools-lowlatency_4.15.0.231.242_amd64.deb f14fb3e1ccefb106229d8becb17038510ebd3168 linux-crashdump_4.15.0.231.242_amd64.deb 1f6908a64d5c50da927763ccd22012cfb9bc0d86 linux-doc_4.15.0-231.242_all.deb 2e1d77dbd2752ecade1ef090abca627e4442a492 linux-generic_4.15.0.231.242_amd64.deb 2d2792a6efdff849bfaa34f7f5683b0a7eb101f8 linux-headers-4.15.0-231-tuxcare.els19_4.15.0-231.242_all.deb 2c6ef2ba6dfc6ec38aa8bb5bd23f86a156a63180 linux-headers-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 0e424d9db1d21e6ef7912ff2c7373f4c2cf08686 linux-headers-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb dc1ddd8f0a3bde8a6152018c7c6e7bb524c859a9 linux-headers-generic_4.15.0.231.242_amd64.deb 5bca1cc4e3952bc100ddf1016fbbf9fce481b505 linux-headers-lowlatency_4.15.0.231.242_amd64.deb 12668c76deb28ca24ed345df75cc45df32f96e88 linux-image-generic_4.15.0.231.242_amd64.deb a15c583bb7653f415883863abed31c1f626686ef linux-image-lowlatency_4.15.0.231.242_amd64.deb 0fc1a09c8dd90c02b7902723557b6b35d154e26f linux-image-unsigned-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 22ca36b84135433ffb14e9478f6399f8fff5c763 linux-image-unsigned-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb eff41021a4b1cf86832d535cf4acaf9709f5521c linux-libc-dev_4.15.0-231.242_amd64.deb 40ed6ccb1d8c9506b78c0f9fc72c4b15ab7f422c linux-lowlatency_4.15.0.231.242_amd64.deb 16414031b2aa11c16d465aba988cea6cead057c9 linux-modules-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 10b383771fd8e6cb3e3642626aaf5825f929e27e linux-modules-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb a0103372a5d2bfbd2571f4cf9c6f18d0f852827c linux-modules-extra-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 066bf5bb7810ca0726e89fcbcbe0da98fc13e676 linux-source_4.15.0.231.242_all.deb eb14c451c817cd6324672ef0ae5350bcd59c3a64 linux-source-4.15.0_4.15.0-231.242_all.deb b7203ef57b31f4f6adcf19caf51b860d952a5d8b linux-tools-4.15.0-231-tuxcare.els19_4.15.0-231.242_amd64.deb a6a99e9cf25dd91f08b8ba24e0105efb13dae30c linux-tools-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 48b6b7e80b6d83e955df15d5599ac763570c683b linux-tools-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb c118322c1da639b113ac0f5b6f680f26829d52d4 linux-tools-common_4.15.0-231.242_all.deb 383b424a448d6bfcf52c0f370e18727cf2f8389a linux-tools-generic_4.15.0.231.242_amd64.deb 210b55f223785c190c3219053a1509d4456a8c21 linux-tools-host_4.15.0-231.242_all.deb 66e24278a6f31f09cc09ba84adbfb27504b5ddd2 linux-tools-lowlatency_4.15.0.231.242_amd64.deb 762f244f31af0e532ba7f463db87cbddfd97167d CLSA-2024:1719568519 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add new word for scattered features - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26922 - drm/amdgpu: validate the parameters of bo mapping operations more clearly * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - [Config] updateconfigs for CONFIG_BHI_{AUTO|OFF|ON} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-2201 - x86/cpufeatures: Add new word for scattered features - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file - x86/bhi: Add support for clearing branch history at syscall entry - x86/bhi: Define SPEC_CTRL_BHI_DIS_S - x86/bhi: Enumerate Branch History Injection (BHI) bug - x86/bhi: Add BHI mitigation knob - x86/bhi: Mitigate KVM by default - x86/bugs: Fix BHI documentation - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' - x86/bugs: Fix BHI handling of RRSBA - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation - x86/bugs: Fix BHI retpoline check * CVE-url: https://ubuntu.com/security/CVE-2024-26922 - drm/amdgpu: validate the parameters of bo mapping operations more clearly * CVE-url: https://ubuntu.com/security/CVE-2024-26642 - netfilter: nf_tables: disallow anonymous set with timeout flag * CVE-url: https://ubuntu.com/security/CVE-2021-33631 - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' * CVE-url: https://ubuntu.com/security/CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() * CVE-url: https://ubuntu.com/security/CVE-2024-36901 - ipv6: prevent NULL dereference in ip6_output() * Miscellaneous upstream changes - media: xc4000: Fix atomicity violation in xc4000_get_frequency - [Config] updateconfigs for CONFIG_BHI_{AUTO|OFF|ON}

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 9b36a8d70a2f288fb3851ce40237c472d14624c4 linux-buildinfo-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb 3e2baeafe8912d92a0a18ec78e3db29c84849ceb linux-cloud-tools-4.15.0-231-tuxcare.els19_4.15.0-231.242_amd64.deb 33796ae806befe960fc73e1d85d1d25f6e60b392 linux-cloud-tools-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 1df18a0c9eb71c285a7cbca0306d471260c32e10 linux-cloud-tools-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb 5ffb262c5672199330362bbf4ffbc4c243234e00 linux-cloud-tools-common_4.15.0-231.242_all.deb 2605f3fe4a6790f0d9bce11dc2eb35a257ff773f linux-cloud-tools-generic_4.15.0.231.242_amd64.deb 9b988d2f8939ee387dcacb863b60ba895dfcd7ac linux-cloud-tools-lowlatency_4.15.0.231.242_amd64.deb f14fb3e1ccefb106229d8becb17038510ebd3168 linux-crashdump_4.15.0.231.242_amd64.deb 1f6908a64d5c50da927763ccd22012cfb9bc0d86 linux-doc_4.15.0-231.242_all.deb 2e1d77dbd2752ecade1ef090abca627e4442a492 linux-generic_4.15.0.231.242_amd64.deb 2d2792a6efdff849bfaa34f7f5683b0a7eb101f8 linux-headers-4.15.0-231-tuxcare.els19_4.15.0-231.242_all.deb 2c6ef2ba6dfc6ec38aa8bb5bd23f86a156a63180 linux-headers-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 0e424d9db1d21e6ef7912ff2c7373f4c2cf08686 linux-headers-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb dc1ddd8f0a3bde8a6152018c7c6e7bb524c859a9 linux-headers-generic_4.15.0.231.242_amd64.deb 5bca1cc4e3952bc100ddf1016fbbf9fce481b505 linux-headers-lowlatency_4.15.0.231.242_amd64.deb 12668c76deb28ca24ed345df75cc45df32f96e88 linux-image-generic_4.15.0.231.242_amd64.deb a15c583bb7653f415883863abed31c1f626686ef linux-image-lowlatency_4.15.0.231.242_amd64.deb 0fc1a09c8dd90c02b7902723557b6b35d154e26f linux-image-unsigned-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 22ca36b84135433ffb14e9478f6399f8fff5c763 linux-image-unsigned-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb eff41021a4b1cf86832d535cf4acaf9709f5521c linux-libc-dev_4.15.0-231.242_amd64.deb 40ed6ccb1d8c9506b78c0f9fc72c4b15ab7f422c linux-lowlatency_4.15.0.231.242_amd64.deb 16414031b2aa11c16d465aba988cea6cead057c9 linux-modules-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 10b383771fd8e6cb3e3642626aaf5825f929e27e linux-modules-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb a0103372a5d2bfbd2571f4cf9c6f18d0f852827c linux-modules-extra-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 066bf5bb7810ca0726e89fcbcbe0da98fc13e676 linux-source_4.15.0.231.242_all.deb eb14c451c817cd6324672ef0ae5350bcd59c3a64 linux-source-4.15.0_4.15.0-231.242_all.deb b7203ef57b31f4f6adcf19caf51b860d952a5d8b linux-tools-4.15.0-231-tuxcare.els19_4.15.0-231.242_amd64.deb a6a99e9cf25dd91f08b8ba24e0105efb13dae30c linux-tools-4.15.0-231-tuxcare.els19-generic_4.15.0-231.242_amd64.deb 48b6b7e80b6d83e955df15d5599ac763570c683b linux-tools-4.15.0-231-tuxcare.els19-lowlatency_4.15.0-231.242_amd64.deb c118322c1da639b113ac0f5b6f680f26829d52d4 linux-tools-common_4.15.0-231.242_all.deb 383b424a448d6bfcf52c0f370e18727cf2f8389a linux-tools-generic_4.15.0.231.242_amd64.deb 210b55f223785c190c3219053a1509d4456a8c21 linux-tools-host_4.15.0-231.242_all.deb 66e24278a6f31f09cc09ba84adbfb27504b5ddd2 linux-tools-lowlatency_4.15.0.231.242_amd64.deb 762f244f31af0e532ba7f463db87cbddfd97167d CLSA-2024:1719569907 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer overflow in iconv() function when converting to ISO-2022-CN-EXT character set - debian/patches/any/CVE-2024-2961.patch: Fix out-of-bound writes in ISO-2022-CN-EXT escape sequences - CVE-2024-2961 * SECURITY UPDATE: stack-based buffer overflow in netgroup cache - debian/patches/any/CVE-2024-33599.patch: fix buffer overflow in netgroup cache - CVE-2024-33599 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overflow in iconv() function when converting to ISO-2022-CN-EXT character set - debian/patches/any/CVE-2024-2961.patch: Fix out-of-bound writes in ISO-2022-CN-EXT escape sequences - CVE-2024-2961 * SECURITY UPDATE: stack-based buffer overflow in netgroup cache - debian/patches/any/CVE-2024-33599.patch: fix buffer overflow in netgroup cache - CVE-2024-33599

0 tuxcare-ubuntu18.04-els glibc-doc_2.27-3ubuntu1.6+tuxcare.els2_all.deb 3b8bf974e85bbe9e309d9938762ca640652cc478 glibc-source_2.27-3ubuntu1.6+tuxcare.els2_all.deb 6679f4f02de5a829a6e4504040d973b72a36225e libc-bin_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 212204c1d03824d5386659f3b46aaa5df899d64a libc-dev-bin_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 5d2e12dd8e1be4c10fd0a649e160ab10b24a3d79 libc6_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 4427da6f3337c4ccc00a2ae46325da1509de4f65 libc6-dev_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb cb73dcd680ccf0e6b17e770ed3fe3b6168d5aaeb libc6-dev-i386_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 9774b767863cb47ca98f41a26cdbf9a3462eaf90 libc6-dev-x32_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 80275d71f99347848212a9c7deee390ff3fc5b6f libc6-i386_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 2d1ec6c366f698e050347af3daa383fd75d1e552 libc6-pic_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb ee9add7e317b4346fea51fc4f5e712da5e625170 libc6-x32_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 3f454c23b180297c99ab45500213bd4cb78830a2 locales_2.27-3ubuntu1.6+tuxcare.els2_all.deb d334e724ccd01a16ff29ea3fd01e818f585acab1 locales-all_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 9a5f0e235bb609df1a1580a4efecc9021930723f multiarch-support_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 8545822597e339942f5009424da481e4ab96d4d8 nscd_2.27-3ubuntu1.6+tuxcare.els2_amd64.deb 02c938185218a43dc81f87b2a70ae0cd4950bab4 CLSA-2024:1719943366 TuxCare License Agreement 0 * SECURITY UPDATE: Potential arbitrary code execution - debian/patches/CVE-2024-32004.patch: Enhance ownership checks to detect dubious local repositories during cloning, warning users of potential risks. This change affects multiple Git commands to improve overall security. - CVE-2024-32004 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Potential arbitrary code execution - debian/patches/CVE-2024-32004.patch: Enhance ownership checks to detect dubious local repositories during cloning, warning users of potential risks. This change affects multiple Git commands to improve overall security. - CVE-2024-32004

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els1_amd64.deb 0cbfe9ba313728996d70be97e35ec684af5c5bb8 git-all_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb c75ee39e9370d978b9c227e87b1a1f5664b5f1ce git-cvs_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb fa84df241fddcd5c45b6cd7bbefef9b2ed9c8df8 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb f884dc0efec0c339ea01fa862cc49c4716303fac git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb 775fe5b8cea645d1f3484654a626d0b8815f76d0 git-doc_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb c62fe66a832304f9c9a604c36227fff87df1ecfc git-el_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb a2e7421f9324edde9fa93dceb093829c94e29a11 git-email_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb f1b562e11913bb4ac888b8a27dfc6ebbc8352044 git-gui_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb 918747c7bcea753fa888b462111d14e93f969580 git-man_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb 13a15d01122becec2b9700b8fcbee707159223ab git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb 67000385f7075b00bf8eaef6de3482eae4a4ada7 git-svn_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb 227a8cd0d926a0e1a493dad18ddd2373f578960f gitk_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb 2a0579a6029d0553997c0752421aebfc96c68fcb gitweb_2.17.1-1ubuntu0.18+tuxcare.els1_all.deb e308890f58ed7272fac05e1140faf7908e640fe0 CLSA-2024:1719943644 TuxCare License Agreement 0 * debian/patches/any/fix-25425.patch: call __resolv_context_put in case of the strdup failure None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* debian/patches/any/fix-25425.patch: call __resolv_context_put in case of the strdup failure

0 tuxcare-ubuntu18.04-els glibc-doc_2.27-3ubuntu1.6+tuxcare.els4_all.deb a05c78a6769834b92e98bd8616b661c920fd41b3 glibc-source_2.27-3ubuntu1.6+tuxcare.els4_all.deb beab14c6376dbec0cdcff1ba74092a616405b394 libc-bin_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 382768c8a13e75786e4f9da91c2343ffc25a75d6 libc-dev-bin_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 414f75c8c915dabd1b68b02c824bffdc9f5b697e libc6_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 6a8cf62af74e1174d583219053914aa205b8c570 libc6-dev_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 160e13936b6be9785d74009554c7b40d2db6b771 libc6-dev-i386_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb fa4109641fbf07eef3947239ce7beb7c978d0875 libc6-dev-x32_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb a2aa17280bfd1d27667cb3f243e14cf65147f524 libc6-i386_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 040ec2d4819ac8dc7df3e4aa9066114523e501f0 libc6-pic_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 5859c1719dcae2fda95f28d1486373d0e1725cc3 libc6-x32_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb ae9ffe17e0eeea73df1c72fea99df1f3e7e0367b locales_2.27-3ubuntu1.6+tuxcare.els4_all.deb 5680e3a17ba923208daea9f66cad2c28294e937d locales-all_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 5d4d93a58129e9b6f91271154fae76167cb69c06 multiarch-support_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 72fe0dd65ce422d7eeb6d8ee286b0e5e20cdfefd nscd_2.27-3ubuntu1.6+tuxcare.els4_amd64.deb 377448fd4878396b6201a7b38d1194755e5dc99e CLSA-2024:1720178308 TuxCare License Agreement 0 * SECURITY UPDATE: New microcode data file 2024-05-14 - New microcodes: sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192 sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888 sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200 sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008 sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800 sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800 sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688 sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448 sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496 sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480 sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808 sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496 sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240 sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 * source: update symlinks to reflect id of the latest release, 20240514 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: New microcode data file 2024-05-14 - New microcodes: sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192 sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888 sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200 sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008 sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800 sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800 sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688 sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448 sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496 sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400 sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632 sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480 sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808 sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472 sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496 sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496 sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280 sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256 sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160 sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240 sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256 * source: update symlinks to reflect id of the latest release, 20240514

0 tuxcare-ubuntu18.04-els intel-microcode_3.20240514.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 4881d065456735c6e765a4dc57bc78d94ef841ed CLSA-2024:1720547899 TuxCare License Agreement 0 * Resolve multiple test failures - debian/rules: re-build test certificates before dh_auto_test, remove silencing of failing tests - debian/control: build-depend on libnsspem to be able to read PEM certificates in build-nss - debian/patches/update-test-certs-generation.patch: update keysize and digest algo to 2048 and sha256 - debian/patches/fix-test-325.patch: fix url in test 325 - debian/patches/fix-test-2041.patch: read --pinnedpubkey option from file - debian/patches/disable-test-323.patch: disable test 323 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Resolve multiple test failures - debian/rules: re-build test certificates before dh_auto_test, remove silencing of failing tests - debian/control: build-depend on libnsspem to be able to read PEM certificates in build-nss - debian/patches/update-test-certs-generation.patch: update keysize and digest algo to 2048 and sha256 - debian/patches/fix-test-325.patch: fix url in test 325 - debian/patches/fix-test-2041.patch: read --pinnedpubkey option from file - debian/patches/disable-test-323.patch: disable test 323

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb be3455c74d162be3a324bfc6a9a697640d0093b2 libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb 9e678c1e645ad0b16555e09159a1d6a4fd2b6bfd libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb 08b9219185e19402a7adbb1b17da7713e12028e7 libcurl4_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb f4b27db20e174847068c898fd20898b0a04e4c14 libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els5_all.deb 9a726e17cbc92f8a805315bbbd62fa88f68ab814 libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb 5ca0a7e8d0193943119ad22422a4a338f277e694 libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb 6a8684eacef1f0747dc98f4279002ffa94d63dc3 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els5_amd64.deb 5ebbbbe1b9f0750f52cb360b5ab612d5fa66e169 CLSA-2024:1721401573 TuxCare License Agreement 0 * SECURITY UPDATE: eval() on content received via HTTP in test suite - debian/patches/CVE-2020-27619.patch: No longer call eval() on content received via HTTP in the CJK codec tests - CVE-2020-27619 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: eval() on content received via HTTP in test suite - debian/patches/CVE-2020-27619.patch: No longer call eval() on content received via HTTP in the CJK codec tests - CVE-2020-27619

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_all.deb b86396e2a2bf17006a11fdb5de3a0b9e9da5c48c libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb c64f2af2bc84203000171bcc689f5415683213e3 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb fb004c77d9481a76a0a1c2213e32f24172229a52 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb 47bc19f7fd87ce0f8a7fb479c9f9c9cb4f558ca1 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb 3fc5b45130b94b742d8b032e75ae2931a0a17db0 libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_all.deb 52301568f541c95728332a898bfc3ec3a54a2598 python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb 9580ca5e3ff435b786754612091be23c26bc0f51 python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb 1f7df2955c1e79bd9bc414ef430a20882b45f4d8 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_all.deb f002443aa2af46494a63807b6dc690f221f341a6 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_all.deb 1628effcb2cfb6e26df1acb3cc4fd33c13d60a42 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els7_amd64.deb be658a539fbb04677619cac614211ffc8d3488af CLSA-2024:1721659604 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-35893 - net: sched: change type of reference and bind counters - net: sched: act_skbmod: remove dependency on rtnl lock - net/sched: act_skbmod: prevent kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-35823 - vt: preserve unicode values corresponding to screen characters - vt: fix unicode buffer corruption when deleting characters * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: Replace mutex with rw semaphore - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-27004 - clk: core: clarify the check for runtime PM - clk: Get runtime PM before walking tree during disable_unused * CVE-url: https://ubuntu.com/security/CVE-2024-26852 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vc: separate state - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper - tcp: properly terminate timers for kernel sockets * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-27024 - RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr - net/rds: fix WARNING in rds_conn_connect_if_down * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26984 - nouveau: fix instmem race condition around ptr stores * CVE-url: https://ubuntu.com/security/CVE-2024-36020 - i40e: fix vf may be used uninitialized in this function warning * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2024-35819 - soc: fsl: qbman: Use raw spinlock for cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2024-35806 - soc: fsl: qbman: Always disable interrupts when taking cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-26878 - quota: Fix potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-26957 - s390/zcrypt: fix reference counting on zcrypt card objects * CVE-url: https://ubuntu.com/security/CVE-2024-35973 - geneve: fix header validation in geneve[6]_xmit_skb * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-27028 - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35822 - usb: udc: remove warning when queue disabled ep * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-35925 - block: prevent division by zero in blk_rq_stat_sum() * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-35955 - kprobes: Fix possible use-after-free issue on kprobe registration * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-35847 - irqchip/gic-v3-its: Prevent double free on error * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-27396 - net: gtp: Fix Use-After-Free in gtp_dellink * CVE-url: https://ubuntu.com/security/CVE-2024-26874 - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-36004 - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-35789 - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-35960 - net/mlx5: Properly link new fs rules into the tree * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-35893 - net: sched: change type of reference and bind counters - net: sched: act_skbmod: remove dependency on rtnl lock - net/sched: act_skbmod: prevent kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-35823 - vt: preserve unicode values corresponding to screen characters - vt: fix unicode buffer corruption when deleting characters * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: Replace mutex with rw semaphore - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-27004 - clk: core: clarify the check for runtime PM - clk: Get runtime PM before walking tree during disable_unused * CVE-url: https://ubuntu.com/security/CVE-2024-26852 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vc: separate state - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper - tcp: properly terminate timers for kernel sockets * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-27024 - RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr - net/rds: fix WARNING in rds_conn_connect_if_down * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26984 - nouveau: fix instmem race condition around ptr stores * CVE-url: https://ubuntu.com/security/CVE-2024-36020 - i40e: fix vf may be used uninitialized in this function warning * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2024-35819 - soc: fsl: qbman: Use raw spinlock for cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2024-35806 - soc: fsl: qbman: Always disable interrupts when taking cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-26878 - quota: Fix potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-26957 - s390/zcrypt: fix reference counting on zcrypt card objects * CVE-url: https://ubuntu.com/security/CVE-2024-35973 - geneve: fix header validation in geneve[6]_xmit_skb * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-27028 - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35822 - usb: udc: remove warning when queue disabled ep * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-35925 - block: prevent division by zero in blk_rq_stat_sum() * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-35955 - kprobes: Fix possible use-after-free issue on kprobe registration * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-35847 - irqchip/gic-v3-its: Prevent double free on error * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-27396 - net: gtp: Fix Use-After-Free in gtp_dellink * CVE-url: https://ubuntu.com/security/CVE-2024-26874 - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-36004 - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-35789 - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-35960 - net/mlx5: Properly link new fs rules into the tree * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb d4fe86b91a261d57229a544006bdd6fde2ca2070 linux-buildinfo-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb c47aac6c04c0429fbe2fee6a6f0ba925202b3318 linux-cloud-tools-4.15.0-232-tuxcare.els20_4.15.0-232.243_amd64.deb cbfd0c7fcd82c99b387174272bbf6a13eda05540 linux-cloud-tools-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 7adccefa8c3c8a09bda51b601ca1e7efc49a2e03 linux-cloud-tools-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb 5b6ec47b69895373d942df211ab05652f2eb2d7d linux-cloud-tools-common_4.15.0-232.243_all.deb e7f499fc1701423b82c8144922b61cc9fd0ce26c linux-cloud-tools-generic_4.15.0.232.243_amd64.deb 8ba6e7c5682e9e4d94414e7ac4dfd9683915c71d linux-cloud-tools-lowlatency_4.15.0.232.243_amd64.deb 25416156652bd0c5b678990db124c68757469f16 linux-crashdump_4.15.0.232.243_amd64.deb b34c14fea02fd2ada8c2bfb6990956272fd89e91 linux-doc_4.15.0-232.243_all.deb 7b9795769903dc963ad930def83d15c1671bdf3a linux-generic_4.15.0.232.243_amd64.deb 51ccae76cf82d939f6603996af045a0bd25a4053 linux-headers-4.15.0-232-tuxcare.els20_4.15.0-232.243_all.deb 9f68bad740b30ad80703c120818b645ae276c44b linux-headers-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 3e265e5b92805ea45fb6705e4dd9bb4771b70a72 linux-headers-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb e33a9ca20c75226172eeb14494906163cafa802f linux-headers-generic_4.15.0.232.243_amd64.deb bb439940ee1795c3c8223d0f439df0337606c4f2 linux-headers-lowlatency_4.15.0.232.243_amd64.deb a004d910c12c0b699a1453077acea3cd7cf26618 linux-image-generic_4.15.0.232.243_amd64.deb bc945f24c1b88d6e15f09e0233f4cdcb35429505 linux-image-lowlatency_4.15.0.232.243_amd64.deb ac15465141375993ea8c24acec884dc765babf4f linux-image-unsigned-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 34c8473f7050380619636f8cf468921e603e7474 linux-image-unsigned-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb 4d528b524f80536a53da5b467146103e232eb878 linux-libc-dev_4.15.0-232.243_amd64.deb 4197348cf305421fdc98d7545800a69b3ec0a4fb linux-lowlatency_4.15.0.232.243_amd64.deb 9e15fb86f3733d5e497edc48f1bf8c2612afb67f linux-modules-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb ba84ff949ef11db34fcab815eb2b9946482a3d30 linux-modules-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb 9d44689c5a636746bc20613a89f5f5935e3c49b1 linux-modules-extra-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 8e7c20eeb0d323e2fbbc926a479249b4a9cf53fd linux-source_4.15.0.232.243_all.deb 279f75ac5a34ff709347d5708cff429fa3d601d2 linux-source-4.15.0_4.15.0-232.243_all.deb a9dbb012d1657b2b0b22d905e89efa61b50f2bdc linux-tools-4.15.0-232-tuxcare.els20_4.15.0-232.243_amd64.deb 54b9a5abd0dc5dab8cf117c49a27d09751c40648 linux-tools-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb f71fcf3791c567ac1c73545e640b4c32b7ff6e97 linux-tools-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb bdee1406644d0ce919ddf1d30ce266094ab7c491 linux-tools-common_4.15.0-232.243_all.deb e5fb0ea94105b1dc316285024659a4cf4ab9c67c linux-tools-generic_4.15.0.232.243_amd64.deb 2967036c46c5fe1a7b9c77968d8de1d3e5de4b84 linux-tools-host_4.15.0-232.243_all.deb a6e51de5cfb3cd14a3f0bc130d67f4159aa21140 linux-tools-lowlatency_4.15.0.232.243_amd64.deb 6745973e2c68b2e1a1ac702dbe92f90a3d88467f CLSA-2024:1721660263 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-35893 - net: sched: change type of reference and bind counters - net: sched: act_skbmod: remove dependency on rtnl lock - net/sched: act_skbmod: prevent kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-35823 - vt: preserve unicode values corresponding to screen characters - vt: fix unicode buffer corruption when deleting characters * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: Replace mutex with rw semaphore - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-27004 - clk: core: clarify the check for runtime PM - clk: Get runtime PM before walking tree during disable_unused * CVE-url: https://ubuntu.com/security/CVE-2024-26852 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vc: separate state - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper - tcp: properly terminate timers for kernel sockets * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-27024 - RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr - net/rds: fix WARNING in rds_conn_connect_if_down * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26984 - nouveau: fix instmem race condition around ptr stores * CVE-url: https://ubuntu.com/security/CVE-2024-36020 - i40e: fix vf may be used uninitialized in this function warning * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2024-35819 - soc: fsl: qbman: Use raw spinlock for cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2024-35806 - soc: fsl: qbman: Always disable interrupts when taking cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-26878 - quota: Fix potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-26957 - s390/zcrypt: fix reference counting on zcrypt card objects * CVE-url: https://ubuntu.com/security/CVE-2024-35973 - geneve: fix header validation in geneve[6]_xmit_skb * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-27028 - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35822 - usb: udc: remove warning when queue disabled ep * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-35925 - block: prevent division by zero in blk_rq_stat_sum() * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-35955 - kprobes: Fix possible use-after-free issue on kprobe registration * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-35847 - irqchip/gic-v3-its: Prevent double free on error * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-27396 - net: gtp: Fix Use-After-Free in gtp_dellink * CVE-url: https://ubuntu.com/security/CVE-2024-26874 - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-36004 - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-35789 - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-35960 - net/mlx5: Properly link new fs rules into the tree * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-26687 - xen/events: close evtchn after mapping cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-35893 - net: sched: change type of reference and bind counters - net: sched: act_skbmod: remove dependency on rtnl lock - net/sched: act_skbmod: prevent kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-35823 - vt: preserve unicode values corresponding to screen characters - vt: fix unicode buffer corruption when deleting characters * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: Replace mutex with rw semaphore - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-27004 - clk: core: clarify the check for runtime PM - clk: Get runtime PM before walking tree during disable_unused * CVE-url: https://ubuntu.com/security/CVE-2024-26852 - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2022-48627 - vc: separate state - vt: fix memory overlapping when deleting chars in the buffer * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper - tcp: properly terminate timers for kernel sockets * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-27024 - RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr - net/rds: fix WARNING in rds_conn_connect_if_down * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26984 - nouveau: fix instmem race condition around ptr stores * CVE-url: https://ubuntu.com/security/CVE-2024-36020 - i40e: fix vf may be used uninitialized in this function warning * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2024-35819 - soc: fsl: qbman: Use raw spinlock for cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2024-35806 - soc: fsl: qbman: Always disable interrupts when taking cgr_lock * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-26878 - quota: Fix potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security//CVE-2024-35825 - usb: gadget: ncm: Fix handling of zero block length packets * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-26957 - s390/zcrypt: fix reference counting on zcrypt card objects * CVE-url: https://ubuntu.com/security/CVE-2024-35973 - geneve: fix header validation in geneve[6]_xmit_skb * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-27028 - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26654 - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35822 - usb: udc: remove warning when queue disabled ep * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-26857 - geneve: make sure to pull inner header in geneve_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-35925 - block: prevent division by zero in blk_rq_stat_sum() * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-35955 - kprobes: Fix possible use-after-free issue on kprobe registration * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-35847 - irqchip/gic-v3-its: Prevent double free on error * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-27396 - net: gtp: Fix Use-After-Free in gtp_dellink * CVE-url: https://ubuntu.com/security/CVE-2024-26874 - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-36004 - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue * CVE-url: https://ubuntu.com/security/CVE-2024-35789 - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-35960 - net/mlx5: Properly link new fs rules into the tree * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb d4fe86b91a261d57229a544006bdd6fde2ca2070 linux-buildinfo-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb c47aac6c04c0429fbe2fee6a6f0ba925202b3318 linux-cloud-tools-4.15.0-232-tuxcare.els20_4.15.0-232.243_amd64.deb cbfd0c7fcd82c99b387174272bbf6a13eda05540 linux-cloud-tools-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 7adccefa8c3c8a09bda51b601ca1e7efc49a2e03 linux-cloud-tools-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb 5b6ec47b69895373d942df211ab05652f2eb2d7d linux-cloud-tools-common_4.15.0-232.243_all.deb e7f499fc1701423b82c8144922b61cc9fd0ce26c linux-cloud-tools-generic_4.15.0.232.243_amd64.deb 8ba6e7c5682e9e4d94414e7ac4dfd9683915c71d linux-cloud-tools-lowlatency_4.15.0.232.243_amd64.deb 25416156652bd0c5b678990db124c68757469f16 linux-crashdump_4.15.0.232.243_amd64.deb b34c14fea02fd2ada8c2bfb6990956272fd89e91 linux-doc_4.15.0-232.243_all.deb 7b9795769903dc963ad930def83d15c1671bdf3a linux-generic_4.15.0.232.243_amd64.deb 51ccae76cf82d939f6603996af045a0bd25a4053 linux-headers-4.15.0-232-tuxcare.els20_4.15.0-232.243_all.deb 9f68bad740b30ad80703c120818b645ae276c44b linux-headers-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 3e265e5b92805ea45fb6705e4dd9bb4771b70a72 linux-headers-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb e33a9ca20c75226172eeb14494906163cafa802f linux-headers-generic_4.15.0.232.243_amd64.deb bb439940ee1795c3c8223d0f439df0337606c4f2 linux-headers-lowlatency_4.15.0.232.243_amd64.deb a004d910c12c0b699a1453077acea3cd7cf26618 linux-image-generic_4.15.0.232.243_amd64.deb bc945f24c1b88d6e15f09e0233f4cdcb35429505 linux-image-lowlatency_4.15.0.232.243_amd64.deb ac15465141375993ea8c24acec884dc765babf4f linux-image-unsigned-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 34c8473f7050380619636f8cf468921e603e7474 linux-image-unsigned-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb 4d528b524f80536a53da5b467146103e232eb878 linux-libc-dev_4.15.0-232.243_amd64.deb 4197348cf305421fdc98d7545800a69b3ec0a4fb linux-lowlatency_4.15.0.232.243_amd64.deb 9e15fb86f3733d5e497edc48f1bf8c2612afb67f linux-modules-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb ba84ff949ef11db34fcab815eb2b9946482a3d30 linux-modules-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb 9d44689c5a636746bc20613a89f5f5935e3c49b1 linux-modules-extra-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb 8e7c20eeb0d323e2fbbc926a479249b4a9cf53fd linux-source_4.15.0.232.243_all.deb 279f75ac5a34ff709347d5708cff429fa3d601d2 linux-source-4.15.0_4.15.0-232.243_all.deb a9dbb012d1657b2b0b22d905e89efa61b50f2bdc linux-tools-4.15.0-232-tuxcare.els20_4.15.0-232.243_amd64.deb 54b9a5abd0dc5dab8cf117c49a27d09751c40648 linux-tools-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb f71fcf3791c567ac1c73545e640b4c32b7ff6e97 linux-tools-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb bdee1406644d0ce919ddf1d30ce266094ab7c491 linux-tools-common_4.15.0-232.243_all.deb e5fb0ea94105b1dc316285024659a4cf4ab9c67c linux-tools-generic_4.15.0.232.243_amd64.deb 2967036c46c5fe1a7b9c77968d8de1d3e5de4b84 linux-tools-host_4.15.0-232.243_all.deb a6e51de5cfb3cd14a3f0bc130d67f4159aa21140 linux-tools-lowlatency_4.15.0.232.243_amd64.deb 6745973e2c68b2e1a1ac702dbe92f90a3d88467f CLSA-2024:1721929982 TuxCare License Agreement 0 * SECURITY UPDATE: stack buffer overflow in ada_decode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 * SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build - CVE-2023-39129 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2023-39130.patch: bfd IO functions give warnings - CVE-2023-39130 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack buffer overflow in ada_decode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 * SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build - CVE-2023-39129 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2023-39130.patch: bfd IO functions give warnings - CVE-2023-39130

0 tuxcare-ubuntu18.04-els gdb_8.1.1-0ubuntu1+tuxcare.els1_amd64.deb a41829f02518fb0178d66f534c679b0423927a57 gdb-doc_8.1.1-0ubuntu1+tuxcare.els1_all.deb c90e52b533cdc06c91fa6af7c1f4e85511b16223 gdb-multiarch_8.1.1-0ubuntu1+tuxcare.els1_amd64.deb 670349f3b4154c4c160105b9fbc85e31b0a3c890 gdb-source_8.1.1-0ubuntu1+tuxcare.els1_all.deb 1f8c79a281deb6ecc6c2ec26f3218fa2168526b5 gdbserver_8.1.1-0ubuntu1+tuxcare.els1_amd64.deb a82928da7908e6bbe05f9e1541986fcdff8762a5 CLSA-2024:1722512538 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-25744 - x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c - x86: Introduce ia32_enabled() - x86/coco: Disable 32-bit emulation by default on TDX and SEV * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2023-52474 - IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order - IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests * CVE-url: https://ubuntu.com/security/CVE-2024-26907 - stddef: Introduce DECLARE_FLEX_ARRAY() helper - RDMA/mlx5: Fix fortify source warning while accessing Eth segment * CVE-url: https://ubuntu.com/security/CVE-2024-39495 - greybus: Fix use-after-free bug in gb_interface_release due to race condition. * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48865 - tipc: fix kernel panic when enabling bearer * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-25744 - x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c - x86: Introduce ia32_enabled() - x86/coco: Disable 32-bit emulation by default on TDX and SEV * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2023-52474 - IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order - IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests * CVE-url: https://ubuntu.com/security/CVE-2024-26907 - stddef: Introduce DECLARE_FLEX_ARRAY() helper - RDMA/mlx5: Fix fortify source warning while accessing Eth segment * CVE-url: https://ubuntu.com/security/CVE-2024-39495 - greybus: Fix use-after-free bug in gb_interface_release due to race condition. * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48865 - tipc: fix kernel panic when enabling bearer * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 3d103a628fd77e7e3faab96acf87ba347dfd58d2 linux-buildinfo-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb dc88afde5a9542320cb50f9ae4b7be66174de25f linux-cloud-tools-4.15.0-233-tuxcare.els21_4.15.0-233.244_amd64.deb 888484b24dbcc2c64b6d115e52753483e9b8dd45 linux-cloud-tools-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 465f18fc4e16041da53c85e239fda57ef8cfe24a linux-cloud-tools-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb a6293cf42c2c4726f02fcc2ef230ddf846faf3f2 linux-cloud-tools-common_4.15.0-233.244_all.deb 47a496341089f729d1ae41c0490ea5a5cbf029c4 linux-cloud-tools-generic_4.15.0.233.244_amd64.deb 5235fa805e93204047d6ed51750fd0140b1e60f6 linux-cloud-tools-lowlatency_4.15.0.233.244_amd64.deb 229f1ad5e9c5842e06530120daaf5672dc2b1055 linux-crashdump_4.15.0.233.244_amd64.deb 7549eef1c4fa34b9100f86ebce0ec45f20f910fc linux-doc_4.15.0-233.244_all.deb 838a46ed06221d0b611e70b313eae9d96aa95eb4 linux-generic_4.15.0.233.244_amd64.deb 12bd051e7b2255334bbe105a4b5dc346538d6248 linux-headers-4.15.0-233-tuxcare.els21_4.15.0-233.244_all.deb 34ebadf1c009665a9d5e92619d436f1addbd27c3 linux-headers-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb c7f9889cd7bb44f059175acca3378e6db1280594 linux-headers-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb c48e5c83753f179235dd23c9f114d4d19993525d linux-headers-generic_4.15.0.233.244_amd64.deb 019e8667e51ff928f5a6745a1ea6da43af5eb44f linux-headers-lowlatency_4.15.0.233.244_amd64.deb 9178f4feeb356d9935c3baa1ae26122061fbd4c7 linux-image-generic_4.15.0.233.244_amd64.deb 9726e2c0e70ee89764d8106dc3e958dfee34dce7 linux-image-lowlatency_4.15.0.233.244_amd64.deb 0e66bbb5c57637e886ca5e7d6337482d97416799 linux-image-unsigned-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 11a14e0a06d6eaa8d7b33cd34da5aebbd97215bc linux-image-unsigned-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb 0da03cc23d221903a3c10709895f06b4e0dc1382 linux-libc-dev_4.15.0-233.244_amd64.deb 95174155a40407c4cb29a9c36659005b6f53564c linux-lowlatency_4.15.0.233.244_amd64.deb 9ee2405878553034f246d74a35ce038b669f85ce linux-modules-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 6f9a1823256760a7fa603759aa73920a3b870abe linux-modules-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb 77960b4934fb87b093ab50fcac66b3b9520cdc86 linux-modules-extra-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 1a81a71d120e96b478d4bad28c82e651e0592462 linux-source_4.15.0.233.244_all.deb dbe87cc0b65c63edff08db619aec86536e447850 linux-source-4.15.0_4.15.0-233.244_all.deb 57005a5dea980ccee03e210e94cf83f3454d2092 linux-tools-4.15.0-233-tuxcare.els21_4.15.0-233.244_amd64.deb 1973468fd5b9c445c7f48835b19e1bf14325b3c8 linux-tools-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb a78ec471e7bd35d0ae21e284bcadc7e8e3253d59 linux-tools-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb 1700f1f954dacf61c67f3d02840a9c37bcdc7ee1 linux-tools-common_4.15.0-233.244_all.deb b037c1862d97827e27bc92169b5f65391fd572c7 linux-tools-generic_4.15.0.233.244_amd64.deb f878354e75ef7fd50da1b78a1c3dff39bd4593ea linux-tools-host_4.15.0-233.244_all.deb a471ce73c8f32d58766a0872cf260418e5897449 linux-tools-lowlatency_4.15.0.233.244_amd64.deb 71a3f2711cb9e76a4cfccb0219bca8b8f759d8aa CLSA-2024:1722523708 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-25744 - x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c - x86: Introduce ia32_enabled() - x86/coco: Disable 32-bit emulation by default on TDX and SEV * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2023-52474 - IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order - IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests * CVE-url: https://ubuntu.com/security/CVE-2024-26907 - stddef: Introduce DECLARE_FLEX_ARRAY() helper - RDMA/mlx5: Fix fortify source warning while accessing Eth segment * CVE-url: https://ubuntu.com/security/CVE-2024-39495 - greybus: Fix use-after-free bug in gb_interface_release due to race condition. * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48865 - tipc: fix kernel panic when enabling bearer * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-25744 - x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c - x86: Introduce ia32_enabled() - x86/coco: Disable 32-bit emulation by default on TDX and SEV * CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: n_gsm: fix frame reception handling - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() * CVE-url: https://ubuntu.com/security/CVE-2023-52474 - IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order - IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests * CVE-url: https://ubuntu.com/security/CVE-2024-26907 - stddef: Introduce DECLARE_FLEX_ARRAY() helper - RDMA/mlx5: Fix fortify source warning while accessing Eth segment * CVE-url: https://ubuntu.com/security/CVE-2024-39495 - greybus: Fix use-after-free bug in gb_interface_release due to race condition. * CVE-url: https://ubuntu.com/security/CVE-2024-39494 - ima: Fix use-after-free on a dentry's dname.name * CVE-url: https://ubuntu.com/security/CVE-2024-40902 - jfs: xattr: fix buffer overflow for invalid xattr * CVE-url: https://ubuntu.com/security/CVE-2022-48865 - tipc: fix kernel panic when enabling bearer * CVE-url: https://ubuntu.com/security/CVE-2022-48863 - mISDN: Fix memory leak in dsp_pipeline_build() * CVE-url: https://ubuntu.com/security/CVE-2024-35950 - drm/client: Fully protect modes[] with dev->mode_config.mutex

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 3d103a628fd77e7e3faab96acf87ba347dfd58d2 linux-buildinfo-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb dc88afde5a9542320cb50f9ae4b7be66174de25f linux-cloud-tools-4.15.0-233-tuxcare.els21_4.15.0-233.244_amd64.deb 888484b24dbcc2c64b6d115e52753483e9b8dd45 linux-cloud-tools-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 465f18fc4e16041da53c85e239fda57ef8cfe24a linux-cloud-tools-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb a6293cf42c2c4726f02fcc2ef230ddf846faf3f2 linux-cloud-tools-common_4.15.0-233.244_all.deb 47a496341089f729d1ae41c0490ea5a5cbf029c4 linux-cloud-tools-generic_4.15.0.233.244_amd64.deb 5235fa805e93204047d6ed51750fd0140b1e60f6 linux-cloud-tools-lowlatency_4.15.0.233.244_amd64.deb 229f1ad5e9c5842e06530120daaf5672dc2b1055 linux-crashdump_4.15.0.233.244_amd64.deb 7549eef1c4fa34b9100f86ebce0ec45f20f910fc linux-doc_4.15.0-233.244_all.deb 838a46ed06221d0b611e70b313eae9d96aa95eb4 linux-generic_4.15.0.233.244_amd64.deb 12bd051e7b2255334bbe105a4b5dc346538d6248 linux-headers-4.15.0-233-tuxcare.els21_4.15.0-233.244_all.deb 34ebadf1c009665a9d5e92619d436f1addbd27c3 linux-headers-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb c7f9889cd7bb44f059175acca3378e6db1280594 linux-headers-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb c48e5c83753f179235dd23c9f114d4d19993525d linux-headers-generic_4.15.0.233.244_amd64.deb 019e8667e51ff928f5a6745a1ea6da43af5eb44f linux-headers-lowlatency_4.15.0.233.244_amd64.deb 9178f4feeb356d9935c3baa1ae26122061fbd4c7 linux-image-generic_4.15.0.233.244_amd64.deb 9726e2c0e70ee89764d8106dc3e958dfee34dce7 linux-image-lowlatency_4.15.0.233.244_amd64.deb 0e66bbb5c57637e886ca5e7d6337482d97416799 linux-image-unsigned-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 11a14e0a06d6eaa8d7b33cd34da5aebbd97215bc linux-image-unsigned-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb 0da03cc23d221903a3c10709895f06b4e0dc1382 linux-libc-dev_4.15.0-233.244_amd64.deb 95174155a40407c4cb29a9c36659005b6f53564c linux-lowlatency_4.15.0.233.244_amd64.deb 9ee2405878553034f246d74a35ce038b669f85ce linux-modules-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 6f9a1823256760a7fa603759aa73920a3b870abe linux-modules-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb 77960b4934fb87b093ab50fcac66b3b9520cdc86 linux-modules-extra-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb 1a81a71d120e96b478d4bad28c82e651e0592462 linux-source_4.15.0.233.244_all.deb dbe87cc0b65c63edff08db619aec86536e447850 linux-source-4.15.0_4.15.0-233.244_all.deb 57005a5dea980ccee03e210e94cf83f3454d2092 linux-tools-4.15.0-233-tuxcare.els21_4.15.0-233.244_amd64.deb 1973468fd5b9c445c7f48835b19e1bf14325b3c8 linux-tools-4.15.0-233-tuxcare.els21-generic_4.15.0-233.244_amd64.deb a78ec471e7bd35d0ae21e284bcadc7e8e3253d59 linux-tools-4.15.0-233-tuxcare.els21-lowlatency_4.15.0-233.244_amd64.deb 1700f1f954dacf61c67f3d02840a9c37bcdc7ee1 linux-tools-common_4.15.0-233.244_all.deb b037c1862d97827e27bc92169b5f65391fd572c7 linux-tools-generic_4.15.0.233.244_amd64.deb f878354e75ef7fd50da1b78a1c3dff39bd4593ea linux-tools-host_4.15.0-233.244_all.deb a471ce73c8f32d58766a0872cf260418e5897449 linux-tools-lowlatency_4.15.0.233.244_amd64.deb 71a3f2711cb9e76a4cfccb0219bca8b8f759d8aa CLSA-2024:1722527236 TuxCare License Agreement 0 * SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_all.deb 0eec11025da738639f5479836ff53b5f3e94c7a7 libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb 9c825504ea286b635a332c743fce7b4876be57ea libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb 418376ee1c238c1d3d442734063e163c151aadf9 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb 4227891f113c96b28003f543400dabc5f72c0fb1 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb d8a1002f9ebf8e03b12e435180e854e8f325c34a libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_all.deb 78eb28dd99bc5886e30b9aedea449ac574bcf18e python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb a261e07ffb864727470e8e85fdb9ee45a69cc568 python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb d9ded487fb56635d0812190ebc4b704f03b24ac8 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_all.deb b0dce6546e3f0eb10de66123285123802cbd17c4 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_all.deb 84cf92e33c8d1c3225e12183cd05014bb6e44a28 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els8_amd64.deb b8072c9a6aec4adb9f4a7c05774dfe92f960566f CLSA-2024:1723223949 TuxCare License Agreement 0 * SECURITY UPDATE: Insecure behavior with semicolons in URI userinfo - debian/patches/CVE-2024-38428.patch: Properly re-implement userinfo parsing (rfc2396) to fix outdated RFC implementation - CVE-2024-38428 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Insecure behavior with semicolons in URI userinfo - debian/patches/CVE-2024-38428.patch: Properly re-implement userinfo parsing (rfc2396) to fix outdated RFC implementation - CVE-2024-38428

0 tuxcare-ubuntu18.04-els wget_1.19.4-1ubuntu2.2+tuxcare.els1_amd64.deb 09f07e9eaf2277db47f64ad80b0c16a17d251460 CLSA-2024:1723622576 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48788 - nvme-rdma: fix possible use-after-free in transport error_recovery work * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: fix a possible use-after-free in controller reset during load * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38780 - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42156 - s390/pkey: Wipe copies of clear-key structures on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-42157 - s390/pkey: Wipe sensitive data on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42160 - f2fs: indicate shutdown f2fs to allow unmount successfully - f2fs: support fault_type mount option - f2fs: check validation of fault attrs in f2fs_build_fault_attr() * CVE-url: https://ubuntu.com/security/CVE-2024-42224 - net: dsa: mv88e6xxx: Correct check for empty list * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42077 - ocfs2: fix DIO failure due to insufficient transaction credits * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48788 - nvme-rdma: fix possible use-after-free in transport error_recovery work * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: fix a possible use-after-free in controller reset during load * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38780 - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42156 - s390/pkey: Wipe copies of clear-key structures on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-42157 - s390/pkey: Wipe sensitive data on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42160 - f2fs: indicate shutdown f2fs to allow unmount successfully - f2fs: support fault_type mount option - f2fs: check validation of fault attrs in f2fs_build_fault_attr() * CVE-url: https://ubuntu.com/security/CVE-2024-42224 - net: dsa: mv88e6xxx: Correct check for empty list * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42077 - ocfs2: fix DIO failure due to insufficient transaction credits * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 35c3a42922fcc16ec0533d48dfca068f629194c1 linux-buildinfo-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb d2074e209f5e1bae2cd61ca3c430dc26d4cd5db0 linux-cloud-tools-4.15.0-234-tuxcare.els22_4.15.0-234.245_amd64.deb 799d5687ce258fa82fd6c5c9a32a330007e929e0 linux-cloud-tools-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 6f0257c5161b6113f54a05f0d1af67efe193850f linux-cloud-tools-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb a4d576ee50dd2141aaa6c29130fb0b2d79b3fc68 linux-cloud-tools-common_4.15.0-234.245_all.deb 9109d174a4008a9b33bdd537cddbbe4dde92e637 linux-cloud-tools-generic_4.15.0.234.245_amd64.deb 3c8af8296919cf8597a77cfab6ef7c5f0f82ddf9 linux-cloud-tools-lowlatency_4.15.0.234.245_amd64.deb d853629ce94bf69ca3ac1bd6ee9662e989d0e815 linux-crashdump_4.15.0.234.245_amd64.deb 6537ca26d5c831665f7e7e3c350ec7fcea3a9737 linux-doc_4.15.0-234.245_all.deb 2798e08d731d435db6ce5d8f28c97470b56b4758 linux-generic_4.15.0.234.245_amd64.deb 5cea386450ad87ee0d4e42808eceaeb0a1703e20 linux-headers-4.15.0-234-tuxcare.els22_4.15.0-234.245_all.deb 5c731328b18ec9ecd2b03a725c7f4d45ddfb18d6 linux-headers-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb df69065472d57d6d4a9f65b42b8647d6ef295a82 linux-headers-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb e470efb5150c87b10e222bf6e9c948923de17ec5 linux-headers-generic_4.15.0.234.245_amd64.deb f61fb26e88f0c9060edfba5a3a3ad49dea75e4b2 linux-headers-lowlatency_4.15.0.234.245_amd64.deb af78233bb80c44bc9550dbf2e4972a9ba49a74c0 linux-image-generic_4.15.0.234.245_amd64.deb 578c70edd74857c8dcec43aa0f5baa900ec77470 linux-image-lowlatency_4.15.0.234.245_amd64.deb 83663f28461b23fb2080edb434387e4a4adc95ac linux-image-unsigned-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 7065469ca151db17534ddf0ddeb9b70caaf24d7a linux-image-unsigned-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb 9560e7096bbe3fa290128363d0de586a28637449 linux-libc-dev_4.15.0-234.245_amd64.deb 7e5b6009385166494addb458277e380998859bf0 linux-lowlatency_4.15.0.234.245_amd64.deb 4a0d9d0a962cb9b62a76b013096774eca06a1422 linux-modules-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 3ea88bda5a450cd3ef8b4dc65b6d730071daec3d linux-modules-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb fddae26e6d190e960d18b8e036de4648646302e4 linux-modules-extra-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb ba30491feec375f7815f9b95ac7ef225849fe41b linux-source_4.15.0.234.245_all.deb 8e5f027c0eef8a09174504b4324efbab344ad2f5 linux-source-4.15.0_4.15.0-234.245_all.deb a22035b45a27b9de87f5c66ce4a2f3600c4d4871 linux-tools-4.15.0-234-tuxcare.els22_4.15.0-234.245_amd64.deb 949592cd45759d9a192213272492404de0f60311 linux-tools-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 49264452d26574d736ea1c7d7f7d868fa45b4cb1 linux-tools-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb dfa0afbbae47f0bdbc558fb93ca9c8294bcb7ddd linux-tools-common_4.15.0-234.245_all.deb d1acfc0ee95bf3df89ef049c22134b275c5a3da1 linux-tools-generic_4.15.0.234.245_amd64.deb 19b4ceb5f00c019e938071c78726785884e910fb linux-tools-host_4.15.0-234.245_all.deb 660c8f956d0bf38f627ce57c9e222838622f2539 linux-tools-lowlatency_4.15.0.234.245_amd64.deb 1e900f249c19b30710d9b2676c5ea11dccfaad1a CLSA-2024:1723622869 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48788 - nvme-rdma: fix possible use-after-free in transport error_recovery work * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: fix a possible use-after-free in controller reset during load * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38780 - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42156 - s390/pkey: Wipe copies of clear-key structures on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-42157 - s390/pkey: Wipe sensitive data on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42160 - f2fs: indicate shutdown f2fs to allow unmount successfully - f2fs: support fault_type mount option - f2fs: check validation of fault attrs in f2fs_build_fault_attr() * CVE-url: https://ubuntu.com/security/CVE-2024-42224 - net: dsa: mv88e6xxx: Correct check for empty list * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42077 - ocfs2: fix DIO failure due to insufficient transaction credits * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() * CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes * CVE-url: https://ubuntu.com/security/CVE-2024-41098 - ata: libata-core: Fix null pointer dereference on error * CVE-url: https://ubuntu.com/security/CVE-2024-42244 - USB: serial: mos7840: fix crash on resume * CVE-url: https://ubuntu.com/security/CVE-2024-41089 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42232 - libceph: fix race between delayed_work() and ceph_monc_stop() * CVE-url: https://ubuntu.com/security/CVE-2024-42153 - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr * CVE-url: https://ubuntu.com/security/CVE-2022-48791 - scsi: pm80xx: Fix TMF task completion race condition - scsi: pm8001: Fix use-after-free for aborted TMF sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48788 - nvme-rdma: fix possible use-after-free in transport error_recovery work * CVE-url: https://ubuntu.com/security/CVE-2022-48792 - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task * CVE-url: https://ubuntu.com/security/CVE-2022-48790 - nvme: fix a possible use-after-free in controller reset during load * CVE-url: https://ubuntu.com/security/CVE-2024-42154 - tcp_metrics: validate source addr length * CVE-url: https://ubuntu.com/security/CVE-2024-38596 - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg * CVE-url: https://ubuntu.com/security/CVE-2024-36270 - netfilter: tproxy: bail out if IP has been disabled on the device * CVE-url: https://ubuntu.com/security/CVE-2024-38780 - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() * CVE-url: https://ubuntu.com/security/CVE-2024-36886 - tipc: fix UAF in error path * CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() * CVE-url: https://ubuntu.com/security/CVE-2024-42156 - s390/pkey: Wipe copies of clear-key structures on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2_log_flush * CVE-url: https://ubuntu.com/security/CVE-2024-42223 - media: dvb-frontends: tda10048: Fix integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-42157 - s390/pkey: Wipe sensitive data on failure * CVE-url: https://ubuntu.com/security/CVE-2024-42160 - f2fs: indicate shutdown f2fs to allow unmount successfully - f2fs: support fault_type mount option - f2fs: check validation of fault attrs in f2fs_build_fault_attr() * CVE-url: https://ubuntu.com/security/CVE-2024-42224 - net: dsa: mv88e6xxx: Correct check for empty list * CVE-url: https://ubuntu.com/security/CVE-2024-38570 - gfs2: Rename sd_{ glock => kill }_wait - gfs2: Fix potential glock use-after-free on unmount * CVE-url: https://ubuntu.com/security/CVE-2024-38583 - nilfs2: fix use-after-free of timer for log writer thread - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - nilfs2: fix potential hang in nilfs_detach_log_writer() * CVE-url: https://ubuntu.com/security/CVE-2024-42070 - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers * CVE-url: https://ubuntu.com/security/CVE-2024-42077 - ocfs2: fix DIO failure due to insufficient transaction credits * CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB * CVE-url: https://ubuntu.com/security/CVE-2024-42228 - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 35c3a42922fcc16ec0533d48dfca068f629194c1 linux-buildinfo-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb d2074e209f5e1bae2cd61ca3c430dc26d4cd5db0 linux-cloud-tools-4.15.0-234-tuxcare.els22_4.15.0-234.245_amd64.deb 799d5687ce258fa82fd6c5c9a32a330007e929e0 linux-cloud-tools-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 6f0257c5161b6113f54a05f0d1af67efe193850f linux-cloud-tools-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb a4d576ee50dd2141aaa6c29130fb0b2d79b3fc68 linux-cloud-tools-common_4.15.0-234.245_all.deb 9109d174a4008a9b33bdd537cddbbe4dde92e637 linux-cloud-tools-generic_4.15.0.234.245_amd64.deb 3c8af8296919cf8597a77cfab6ef7c5f0f82ddf9 linux-cloud-tools-lowlatency_4.15.0.234.245_amd64.deb d853629ce94bf69ca3ac1bd6ee9662e989d0e815 linux-crashdump_4.15.0.234.245_amd64.deb 6537ca26d5c831665f7e7e3c350ec7fcea3a9737 linux-doc_4.15.0-234.245_all.deb 2798e08d731d435db6ce5d8f28c97470b56b4758 linux-generic_4.15.0.234.245_amd64.deb 5cea386450ad87ee0d4e42808eceaeb0a1703e20 linux-headers-4.15.0-234-tuxcare.els22_4.15.0-234.245_all.deb 5c731328b18ec9ecd2b03a725c7f4d45ddfb18d6 linux-headers-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb df69065472d57d6d4a9f65b42b8647d6ef295a82 linux-headers-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb e470efb5150c87b10e222bf6e9c948923de17ec5 linux-headers-generic_4.15.0.234.245_amd64.deb f61fb26e88f0c9060edfba5a3a3ad49dea75e4b2 linux-headers-lowlatency_4.15.0.234.245_amd64.deb af78233bb80c44bc9550dbf2e4972a9ba49a74c0 linux-image-generic_4.15.0.234.245_amd64.deb 578c70edd74857c8dcec43aa0f5baa900ec77470 linux-image-lowlatency_4.15.0.234.245_amd64.deb 83663f28461b23fb2080edb434387e4a4adc95ac linux-image-unsigned-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 7065469ca151db17534ddf0ddeb9b70caaf24d7a linux-image-unsigned-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb 9560e7096bbe3fa290128363d0de586a28637449 linux-libc-dev_4.15.0-234.245_amd64.deb 7e5b6009385166494addb458277e380998859bf0 linux-lowlatency_4.15.0.234.245_amd64.deb 4a0d9d0a962cb9b62a76b013096774eca06a1422 linux-modules-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 3ea88bda5a450cd3ef8b4dc65b6d730071daec3d linux-modules-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb fddae26e6d190e960d18b8e036de4648646302e4 linux-modules-extra-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb ba30491feec375f7815f9b95ac7ef225849fe41b linux-source_4.15.0.234.245_all.deb 8e5f027c0eef8a09174504b4324efbab344ad2f5 linux-source-4.15.0_4.15.0-234.245_all.deb a22035b45a27b9de87f5c66ce4a2f3600c4d4871 linux-tools-4.15.0-234-tuxcare.els22_4.15.0-234.245_amd64.deb 949592cd45759d9a192213272492404de0f60311 linux-tools-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb 49264452d26574d736ea1c7d7f7d868fa45b4cb1 linux-tools-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb dfa0afbbae47f0bdbc558fb93ca9c8294bcb7ddd linux-tools-common_4.15.0-234.245_all.deb d1acfc0ee95bf3df89ef049c22134b275c5a3da1 linux-tools-generic_4.15.0.234.245_amd64.deb 19b4ceb5f00c019e938071c78726785884e910fb linux-tools-host_4.15.0-234.245_all.deb 660c8f956d0bf38f627ce57c9e222838622f2539 linux-tools-lowlatency_4.15.0.234.245_amd64.deb 1e900f249c19b30710d9b2676c5ea11dccfaad1a CLSA-2024:1723806933 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-39467 - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-36940 - pinctrl: core: delete incorrect free in pinctrl_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-39276 - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() * CVE-url: https://ubuntu.com/security/CVE-2024-27398 - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-38612 - ipv6: sr: fix invalid unregister error path * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-38559 - scsi: qedf: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38637 - greybus: lights: check return of get_channel_from_mode * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2022-48772 - media: lgdt3306a: Add a check against null-pointer-def * CVE-url: https://ubuntu.com/security/CVE-2024-36017 - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: control: Add verification for kctl accesses - ALSA: control: Track in-flight control read/write/tlv accesses - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-31076 - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline * CVE-url: https://ubuntu.com/security/CVE-2024-36015 - ida: Add new API - ppdev: Remove usage of the deprecated ida_simple_xx() API - ppdev: Add an error check in register_device * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-38549 - drm/mediatek: Add 0 size check to mtk_drm_gem_obj * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-37353 - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-38579 - crypto: bcm - Fix pointer arithmetic * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-39488 - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-36954 - tipc: fix a possible memleak in tipc_buf_append * CVE-url: https://ubuntu.com/security/CVE-2024-38661 - s390/ap: Fix crash in AP internal function modify_bitmap() * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36933 - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-39467 - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-36940 - pinctrl: core: delete incorrect free in pinctrl_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-39276 - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() * CVE-url: https://ubuntu.com/security/CVE-2024-27398 - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-38612 - ipv6: sr: fix invalid unregister error path * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-38559 - scsi: qedf: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38637 - greybus: lights: check return of get_channel_from_mode * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2022-48772 - media: lgdt3306a: Add a check against null-pointer-def * CVE-url: https://ubuntu.com/security/CVE-2024-36017 - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: control: Add verification for kctl accesses - ALSA: control: Track in-flight control read/write/tlv accesses - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-31076 - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline * CVE-url: https://ubuntu.com/security/CVE-2024-36015 - ida: Add new API - ppdev: Remove usage of the deprecated ida_simple_xx() API - ppdev: Add an error check in register_device * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-38549 - drm/mediatek: Add 0 size check to mtk_drm_gem_obj * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-37353 - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-38579 - crypto: bcm - Fix pointer arithmetic * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-39488 - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-36954 - tipc: fix a possible memleak in tipc_buf_append * CVE-url: https://ubuntu.com/security/CVE-2024-38661 - s390/ap: Fix crash in AP internal function modify_bitmap() * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36933 - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 4251ec922962de01844e1da5d33c649d7559189a linux-buildinfo-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 243a9d96980fe728aacfb2cab659b35d16a009c1 linux-cloud-tools-4.15.0-235-tuxcare.els23_4.15.0-235.246_amd64.deb a6fb2a6a1203f8979ebbb0737862d8de41e6583f linux-cloud-tools-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 919f9179d5e372492680291060aad30eb0df2741 linux-cloud-tools-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb e441c9d6afa058a376fedf650e69e49a99766c9d linux-cloud-tools-common_4.15.0-235.246_all.deb 08b031ea63c128e0b0cba52cb604781d3fd56d2a linux-cloud-tools-generic_4.15.0.235.246_amd64.deb 7bec0888320fdcaa7e9eae9943b611ebc9a5b420 linux-cloud-tools-lowlatency_4.15.0.235.246_amd64.deb dd7e887d532c973e6952eafc8fd9bd91d2d56f62 linux-crashdump_4.15.0.235.246_amd64.deb 98130f2b48ae4439064c759c679910c88feb37cd linux-doc_4.15.0-235.246_all.deb 07b38044114a3d457555134d15c65e8467acfeff linux-generic_4.15.0.235.246_amd64.deb 35ce21162a75699cbd31df669ba5e2629330d930 linux-headers-4.15.0-235-tuxcare.els23_4.15.0-235.246_all.deb e36c394b2a945c6dae256ddb37f822b0011f2acc linux-headers-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 4288389fc701e861473ab889506a16ff3e1d1cfd linux-headers-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 40eafd61fb5c372e7a5486c31e35434ccc9657ae linux-headers-generic_4.15.0.235.246_amd64.deb 86777e680f71915eae948e2e013806ca89070034 linux-headers-lowlatency_4.15.0.235.246_amd64.deb 93131a5d6c0db9d7984707ded4236bc8d4433956 linux-image-generic_4.15.0.235.246_amd64.deb 3df13667fab85e4b521a75f8fea186569e92da2a linux-image-lowlatency_4.15.0.235.246_amd64.deb 9eb8368a7e52664431eee3d27963bb7dd0f3227f linux-image-unsigned-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb dfb7026ee5841ade054832ef96f8a2c460b78ead linux-image-unsigned-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 792e098aecd72eb0c081f0c14a435625093b76a3 linux-libc-dev_4.15.0-235.246_amd64.deb a4aa88a0598e65456f1d562341e17a9d0fabf0f3 linux-lowlatency_4.15.0.235.246_amd64.deb 31f93c60a32b81a46083382ad08e80ae86475edf linux-modules-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 4722e110f7af668cffa4ca4f7158e4d4580ef747 linux-modules-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb aca6fc1446390f54475aa88061f04f936d36197f linux-modules-extra-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 05d035a152e7de3af03a7360a30e71a5510014e4 linux-source_4.15.0.235.246_all.deb c6d359d9bbe4793f643568eb4497b1866af1b4aa linux-source-4.15.0_4.15.0-235.246_all.deb 1f0dfc51d39111cc75998862b1254729b7786d24 linux-tools-4.15.0-235-tuxcare.els23_4.15.0-235.246_amd64.deb 07845287c58aab20ad96a50e5ad40af80fb91ceb linux-tools-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb ac990f9f1e5d08518e21800dc096f62511395976 linux-tools-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 2630cb998e40c970d27a01573ef84a2637ec5a45 linux-tools-common_4.15.0-235.246_all.deb 1d343a33ebcf26ee69734707e321eeeb490ba7d1 linux-tools-generic_4.15.0.235.246_amd64.deb 599671f9456ea5ef8a6003f971d4a6c845aa42e8 linux-tools-host_4.15.0-235.246_all.deb 3e8e3471d162b975e8b45b9a7e7342d02a25a9b1 linux-tools-lowlatency_4.15.0.235.246_amd64.deb 2ca77c2388174173e54935c8b9a1a680a1e64cdf CLSA-2024:1723807956 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-39467 - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-36940 - pinctrl: core: delete incorrect free in pinctrl_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-39276 - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() * CVE-url: https://ubuntu.com/security/CVE-2024-27398 - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-38612 - ipv6: sr: fix invalid unregister error path * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-38559 - scsi: qedf: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38637 - greybus: lights: check return of get_channel_from_mode * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2022-48772 - media: lgdt3306a: Add a check against null-pointer-def * CVE-url: https://ubuntu.com/security/CVE-2024-36017 - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: control: Add verification for kctl accesses - ALSA: control: Track in-flight control read/write/tlv accesses - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-31076 - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline * CVE-url: https://ubuntu.com/security/CVE-2024-36015 - ida: Add new API - ppdev: Remove usage of the deprecated ida_simple_xx() API - ppdev: Add an error check in register_device * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-38549 - drm/mediatek: Add 0 size check to mtk_drm_gem_obj * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-37353 - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-38579 - crypto: bcm - Fix pointer arithmetic * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-39488 - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-36954 - tipc: fix a possible memleak in tipc_buf_append * CVE-url: https://ubuntu.com/security/CVE-2024-38661 - s390/ap: Fix crash in AP internal function modify_bitmap() * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36933 - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-39467 - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-36940 - pinctrl: core: delete incorrect free in pinctrl_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate length of nl attributes in enic_set_vf_port * CVE-url: https://ubuntu.com/security/CVE-2024-38560 - scsi: bfa: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-36941 - wifi: nl80211: don't free NULL coalescing rule * CVE-url: https://ubuntu.com/security/CVE-2024-27401 - firewire: nosy: ensure user_length is taken into account when fetching packet contents * CVE-url: https://ubuntu.com/security/CVE-2024-39276 - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() * CVE-url: https://ubuntu.com/security/CVE-2024-27398 - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-36964 - fs/9p: only translate RWX permissions for plain 9P2000 * CVE-url: https://ubuntu.com/security/CVE-2024-38601 - ring-buffer: Fix a race between readers and resize checks * CVE-url: https://ubuntu.com/security/CVE-2024-39475 - fbdev: savage: Handle err return when savagefb_check_var failed * CVE-url: https://ubuntu.com/security/CVE-2024-38578 - ecryptfs: Fix buffer size for tag 66 packet * CVE-url: https://ubuntu.com/security/CVE-2024-36950 - firewire: ohci: mask bus reset interrupts between ISR and bottom half * CVE-url: https://ubuntu.com/security/CVE-2024-38589 - netrom: fix possible dead-lock in nr_rt_ioctl() * CVE-url: https://ubuntu.com/security/CVE-2024-38627 - stm class: Fix a double free in stm_register_device() * CVE-url: https://ubuntu.com/security/CVE-2024-38612 - ipv6: sr: fix invalid unregister error path * CVE-url: https://ubuntu.com/security/CVE-2024-36905 - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets * CVE-url: https://ubuntu.com/security/CVE-2024-38559 - scsi: qedf: Ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-33621 - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound * CVE-url: https://ubuntu.com/security/CVE-2024-38637 - greybus: lights: check return of get_channel_from_mode * CVE-url: https://ubuntu.com/security/CVE-2024-38567 - wifi: carl9170: add a proper sanity check for endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-39301 - net/9p: fix uninit-value in p9_client_rpc() * CVE-url: https://ubuntu.com/security/CVE-2024-36919 - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload * CVE-url: https://ubuntu.com/security/CVE-2022-48772 - media: lgdt3306a: Add a check against null-pointer-def * CVE-url: https://ubuntu.com/security/CVE-2024-36017 - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation * CVE-url: https://ubuntu.com/security/CVE-2024-36934 - bna: ensure the copied buf is NUL terminated * CVE-url: https://ubuntu.com/security/CVE-2024-38558 - net: openvswitch: fix overwriting ct original tuple for ICMPv6 * CVE-url: https://ubuntu.com/security/CVE-2024-38565 - USB: core: Add routines for endpoint checks in old drivers - wifi: ar5523: enable proper endpoint verification * CVE-url: https://ubuntu.com/security/CVE-2024-38600 - ALSA: control: Add verification for kctl accesses - ALSA: control: Track in-flight control read/write/tlv accesses - ALSA: Fix deadlocks with kctl removals at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-31076 - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline * CVE-url: https://ubuntu.com/security/CVE-2024-36015 - ida: Add new API - ppdev: Remove usage of the deprecated ida_simple_xx() API - ppdev: Add an error check in register_device * CVE-url: https://ubuntu.com/security/CVE-2024-38621 - media: stk1160: fix bounds checking in stk1160_copy_video() * CVE-url: https://ubuntu.com/security/CVE-2024-38549 - drm/mediatek: Add 0 size check to mtk_drm_gem_obj * CVE-url: https://ubuntu.com/security/CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser * CVE-url: https://ubuntu.com/security/CVE-2024-37353 - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails * CVE-url: https://ubuntu.com/security/CVE-2024-27399 - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout * CVE-url: https://ubuntu.com/security/CVE-2024-38618 - ALSA: timer: Simplify timer hw resolution calls - ALSA: timer: Set lower bound of start tick time * CVE-url: https://ubuntu.com/security/CVE-2024-38579 - crypto: bcm - Fix pointer arithmetic * CVE-url: https://ubuntu.com/security/CVE-2024-36286 - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() * CVE-url: https://ubuntu.com/security/CVE-2024-39488 - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY * CVE-url: https://ubuntu.com/security/CVE-2024-38607 - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" * CVE-url: https://ubuntu.com/security/CVE-2024-37356 - params: lift param_set_uint_minmax to common code - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-url: https://ubuntu.com/security/CVE-2024-38613 - m68k: Fix spinlock race in kernel thread creation * CVE-url: https://ubuntu.com/security/CVE-2024-36954 - tipc: fix a possible memleak in tipc_buf_append * CVE-url: https://ubuntu.com/security/CVE-2024-38661 - s390/ap: Fix crash in AP internal function modify_bitmap() * CVE-url: https://ubuntu.com/security/CVE-2024-38599 - jffs2: prevent xattr node from overflowing the eraseblock * CVE-url: https://ubuntu.com/security/CVE-2024-38633 - serial: core: Provide port lock wrappers - serial: max3100: Update uart_driver_registered on driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-39292 - um: Add winch to winch_handlers before registering winch IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-36939 - NFS: Cleanup - add nfs_clients_exit to mirror nfs_clients_init - nfs: expose /proc/net/sunrpc/nfs in net namespaces - sunrpc: add a struct rpc_stats arg to rpc_create_args - nfs: make the rpc_stat per net namespace - nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-url: https://ubuntu.com/security/CVE-2024-38634 - serial: max3100: Lock port->lock when calling uart_handle_cts_change() * CVE-url: https://ubuntu.com/security/CVE-2024-36933 - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). * CVE-url: https://ubuntu.com/security/CVE-2024-36883 - net: fix out-of-bounds access in ops_init * CVE-url: https://ubuntu.com/security/CVE-2024-39480 - kdb: Fix buffer overflow during tab-complete * CVE-url: https://ubuntu.com/security/CVE-2024-36960 - drm/vmwgfx: Fix invalid reads in fence signaled events * CVE-url: https://ubuntu.com/security/CVE-2024-36946 - phonet: fix rtm_phonet_notify() skb allocation

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 4251ec922962de01844e1da5d33c649d7559189a linux-buildinfo-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 243a9d96980fe728aacfb2cab659b35d16a009c1 linux-cloud-tools-4.15.0-235-tuxcare.els23_4.15.0-235.246_amd64.deb a6fb2a6a1203f8979ebbb0737862d8de41e6583f linux-cloud-tools-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 919f9179d5e372492680291060aad30eb0df2741 linux-cloud-tools-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb e441c9d6afa058a376fedf650e69e49a99766c9d linux-cloud-tools-common_4.15.0-235.246_all.deb 08b031ea63c128e0b0cba52cb604781d3fd56d2a linux-cloud-tools-generic_4.15.0.235.246_amd64.deb 7bec0888320fdcaa7e9eae9943b611ebc9a5b420 linux-cloud-tools-lowlatency_4.15.0.235.246_amd64.deb dd7e887d532c973e6952eafc8fd9bd91d2d56f62 linux-crashdump_4.15.0.235.246_amd64.deb 98130f2b48ae4439064c759c679910c88feb37cd linux-doc_4.15.0-235.246_all.deb 07b38044114a3d457555134d15c65e8467acfeff linux-generic_4.15.0.235.246_amd64.deb 35ce21162a75699cbd31df669ba5e2629330d930 linux-headers-4.15.0-235-tuxcare.els23_4.15.0-235.246_all.deb e36c394b2a945c6dae256ddb37f822b0011f2acc linux-headers-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 4288389fc701e861473ab889506a16ff3e1d1cfd linux-headers-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 40eafd61fb5c372e7a5486c31e35434ccc9657ae linux-headers-generic_4.15.0.235.246_amd64.deb 86777e680f71915eae948e2e013806ca89070034 linux-headers-lowlatency_4.15.0.235.246_amd64.deb 93131a5d6c0db9d7984707ded4236bc8d4433956 linux-image-generic_4.15.0.235.246_amd64.deb 3df13667fab85e4b521a75f8fea186569e92da2a linux-image-lowlatency_4.15.0.235.246_amd64.deb 9eb8368a7e52664431eee3d27963bb7dd0f3227f linux-image-unsigned-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb dfb7026ee5841ade054832ef96f8a2c460b78ead linux-image-unsigned-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 792e098aecd72eb0c081f0c14a435625093b76a3 linux-libc-dev_4.15.0-235.246_amd64.deb a4aa88a0598e65456f1d562341e17a9d0fabf0f3 linux-lowlatency_4.15.0.235.246_amd64.deb 31f93c60a32b81a46083382ad08e80ae86475edf linux-modules-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 4722e110f7af668cffa4ca4f7158e4d4580ef747 linux-modules-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb aca6fc1446390f54475aa88061f04f936d36197f linux-modules-extra-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb 05d035a152e7de3af03a7360a30e71a5510014e4 linux-source_4.15.0.235.246_all.deb c6d359d9bbe4793f643568eb4497b1866af1b4aa linux-source-4.15.0_4.15.0-235.246_all.deb 1f0dfc51d39111cc75998862b1254729b7786d24 linux-tools-4.15.0-235-tuxcare.els23_4.15.0-235.246_amd64.deb 07845287c58aab20ad96a50e5ad40af80fb91ceb linux-tools-4.15.0-235-tuxcare.els23-generic_4.15.0-235.246_amd64.deb ac990f9f1e5d08518e21800dc096f62511395976 linux-tools-4.15.0-235-tuxcare.els23-lowlatency_4.15.0-235.246_amd64.deb 2630cb998e40c970d27a01573ef84a2637ec5a45 linux-tools-common_4.15.0-235.246_all.deb 1d343a33ebcf26ee69734707e321eeeb490ba7d1 linux-tools-generic_4.15.0.235.246_amd64.deb 599671f9456ea5ef8a6003f971d4a6c845aa42e8 linux-tools-host_4.15.0-235.246_all.deb 3e8e3471d162b975e8b45b9a7e7342d02a25a9b1 linux-tools-lowlatency_4.15.0.235.246_amd64.deb 2ca77c2388174173e54935c8b9a1a680a1e64cdf CLSA-2024:1724259346 TuxCare License Agreement 0 * SECURITY UPDATE: Prevent Quoted-Overlap Zip-Bombs - debian/patches/CVE-2024-0450.patch: Protect zipfile from quoted-overlap zipbomb by raising BadZipFile when trying to read an entry that overlaps with other entry or central directory - CVE-2024-0450 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Prevent Quoted-Overlap Zip-Bombs - debian/patches/CVE-2024-0450.patch: Protect zipfile from quoted-overlap zipbomb by raising BadZipFile when trying to read an entry that overlaps with other entry or central directory - CVE-2024-0450

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_all.deb 2a2c979d35c330e8fd260c50abdb8e64f68860a5 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb 6a2d2a047fd1aab4c905deb1121ded63b9190c59 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb a3f1f23163070de4daf34928ada847f388be28ec libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb 913a7139a6c10d9958c1aed82dc9031199236aeb libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb cb963cf2c7360d6efcc49d2237e85503e35e1542 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_all.deb 6e7f9846216ff108f21a4b9d1cc777a8241e7f78 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb 586ed40e3942da1f295cc539cd71ff541b5c1bd0 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb a6a7d243f7f61387a6f226487848242edfe5179f python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_all.deb 822647ce390d9eae34cbbf60e32c90e7deac1fcc python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_all.deb e19ff595bef87d2ba3ccc33100234344cd897b02 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb 5c493f6c1b90ac2ac1cbc211dfa02f26581a254a python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els7_amd64.deb a60cf82ab7aa2ad949a88aede3396b30feb7c005 CLSA-2024:1724434812 TuxCare License Agreement 0 * SECURITY UPDATE: Degraded performance issue in resolver caches and authoritative zone databases - debian/patches/CVE-2024-1737-1.patch: Mark certain RRTypes as priority, limit the number of RRs in RRSets and RR types for single name - debian/patches/CVE-2024-1737-2.patch: Smarter approach that considers priority types when enforcing limits - CVE-2024-1737 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Degraded performance issue in resolver caches and authoritative zone databases - debian/patches/CVE-2024-1737-1.patch: Mark certain RRTypes as priority, limit the number of RRs in RRSets and RR types for single name - debian/patches/CVE-2024-1737-2.patch: Smarter approach that considers priority types when enforcing limits - CVE-2024-1737

0 tuxcare-ubuntu18.04-els bind9_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb a3ac009277ea14d01341aa91d4b28e5720093816 bind9-doc_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_all.deb 9828db808aec2b8c93d78a1354026c8059b2731b bind9-host_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 922f5f7013fea957a000455e2f119a39912628e5 bind9utils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 9e0b4183cad8c3a5f76a7064425d0dd64759598f dnsutils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 225ecdb7bbeed3ab340dc306a7fbb2a65787a81b libbind-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb faa2f67418c2d31a4f9143f9901e39f429775be0 libbind-export-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb ef46065e3731337f6f5f157c784e2e1274f695d1 libbind9-160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 7066a46a629782f05d868dba3a9a1facbdef3d1d libdns-export1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb c0ff51adf492c66696314841ac146da13c15e6ce libdns1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 2b156591c58b85eaac1b4311f99a83df4f70fac4 libirs-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 03566a08dead1fb5bd9bf9c5ded62573af6373a9 libirs160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb d329fad083d3a4254217623d655cf3a3ccb833f9 libisc-export169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 990c9e4348beb9e4c9251133a500f3d2da855923 libisc169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 368746f48241d0106538f7995233f2aabc2e10f0 libisccc-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 07e975b96cbd97d1412c5d44200e09246f303163 libisccc160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 5dffee45cb1df060b1e16e1452df82c96e7b0760 libisccfg-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 898390f6a043cc15dbcb8321b799f46c4ec229ea libisccfg160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb b620fe1f6ae1f2d373b0ebba6610142f77947768 liblwres160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els4_amd64.deb 5c98cf9d3b076b7f2f0350dec1f12c90fa6d31c5 CLSA-2024:1724753960 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * CVE-url: https://ubuntu.com/security/CVE-2024-35835 - net/mlx5: Use kfree(ft->g) in arfs_create_groups() - net/mlx5e: fix a double-free in arfs_create_groups * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - Revert "block: add check that partition length needs to be aligned with block size" Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * CVE-url: https://ubuntu.com/security/CVE-2024-35835 - net/mlx5: Use kfree(ft->g) in arfs_create_groups() - net/mlx5e: fix a double-free in arfs_create_groups * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - Revert "block: add check that partition length needs to be aligned with block size"

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 3281be47db31910e3ac376aa396e3772ca6ad9ca linux-buildinfo-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb fafd536de57e911c3dcc97983ea8b5ee3eeb52d8 linux-cloud-tools-4.15.0-236-tuxcare.els24_4.15.0-236.247_amd64.deb d1a802c98e34386f80d52eeb8472669b287c19f3 linux-cloud-tools-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb fadc5ed059f004cc4750b65801debddb8ae4624e linux-cloud-tools-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb b5a2eef849cb7c35fb848a9925912a571cbfec52 linux-cloud-tools-common_4.15.0-236.247_all.deb 8d59ad61d15a9246760450484de69a2d91a961e0 linux-cloud-tools-generic_4.15.0.236.247_amd64.deb ca0ec7b933509ba1b0f25318cf5494136cce8e55 linux-cloud-tools-lowlatency_4.15.0.236.247_amd64.deb 28f11559d7b675016bde2f66d8b815dd6e35ea29 linux-crashdump_4.15.0.236.247_amd64.deb ea57e6029d544f6f4daf9998ef5b01eac5ed5d39 linux-doc_4.15.0-236.247_all.deb ccd82f8df25f79b3ce358b641270523724f34fb8 linux-generic_4.15.0.236.247_amd64.deb d6756dc5714767b5b4de0cac3c6d40fce539beab linux-headers-4.15.0-236-tuxcare.els24_4.15.0-236.247_all.deb b16b75a6345cbcf0cc53de843a27ea5f01cb07e0 linux-headers-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb ae6a1dfdd0bb0615a630887ffff96b2553153f0b linux-headers-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb 74a3d02502f03155f13774bdba64cf4727d023fc linux-headers-generic_4.15.0.236.247_amd64.deb df4f20b40c3441ae376f8906ecf84a05c2b7d420 linux-headers-lowlatency_4.15.0.236.247_amd64.deb e00cea70a3991de00065c780f4e6acfaeba52b9d linux-image-generic_4.15.0.236.247_amd64.deb 41ae8f53b4593fdcfb5d53a23abb02c5064117db linux-image-lowlatency_4.15.0.236.247_amd64.deb c6ee001a2296e177a13d814c3b19e8590cd9ee65 linux-image-unsigned-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 05cb2330ff31bacb4710cd090b4ba7072074bfb4 linux-image-unsigned-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb c5cb35828fdec0c04a23331857721b2e8210cd3b linux-libc-dev_4.15.0-236.247_amd64.deb 1a2b9cbb96640f25a7f5f979c8fc87b88a9edcd1 linux-lowlatency_4.15.0.236.247_amd64.deb 1fa58c295fed04fc15869e73d8be047192b4e2fd linux-modules-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 13cd762bc87f10122995ca4ccadd311f3b75115d linux-modules-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb ee1e7e962cf17ccc2dce6ee49d541fee3dcaa2c3 linux-modules-extra-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 77a6a96fc11a4052ded7632ea0a517617ecb1bd8 linux-source_4.15.0.236.247_all.deb 5d8ae999fb68ecdd78782720f9bf3825d0d3938e linux-source-4.15.0_4.15.0-236.247_all.deb c765a12ec0ebcf1795c403f41c9046ad83a4fb39 linux-tools-4.15.0-236-tuxcare.els24_4.15.0-236.247_amd64.deb add46eac3ea73912e094ab5e08e62553cad9927c linux-tools-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb d40f13b60407500c06772ba9f5c1ca839726c973 linux-tools-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb 0a6e2f31c570c4c283fb774bd6def2597079d983 linux-tools-common_4.15.0-236.247_all.deb 62f38ca0d7b0f891eeace78d621cf8ec1e2f3713 linux-tools-generic_4.15.0.236.247_amd64.deb f55fabc66fc04757884916dc282ee19fb39c4093 linux-tools-host_4.15.0-236.247_all.deb 60e748d7cfeb82309a2158777034eacd297f21a0 linux-tools-lowlatency_4.15.0.236.247_amd64.deb b2f2758ccb96ab2bb135c13de622a3f65069f014 CLSA-2024:1724754216 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * CVE-url: https://ubuntu.com/security/CVE-2024-35835 - net/mlx5: Use kfree(ft->g) in arfs_create_groups() - net/mlx5e: fix a double-free in arfs_create_groups * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - Revert "block: add check that partition length needs to be aligned with block size" Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() * CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc * CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip remove function when driver is builtin * CVE-url: https://ubuntu.com/security/CVE-2024-35835 - net/mlx5: Use kfree(ft->g) in arfs_create_groups() - net/mlx5e: fix a double-free in arfs_create_groups * Miscellaneous upstream changes - fixup! blk-mq: fix IO hang from sbitmap wakeup race - Revert "block: add check that partition length needs to be aligned with block size"

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 3281be47db31910e3ac376aa396e3772ca6ad9ca linux-buildinfo-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb fafd536de57e911c3dcc97983ea8b5ee3eeb52d8 linux-cloud-tools-4.15.0-236-tuxcare.els24_4.15.0-236.247_amd64.deb d1a802c98e34386f80d52eeb8472669b287c19f3 linux-cloud-tools-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb fadc5ed059f004cc4750b65801debddb8ae4624e linux-cloud-tools-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb b5a2eef849cb7c35fb848a9925912a571cbfec52 linux-cloud-tools-common_4.15.0-236.247_all.deb 8d59ad61d15a9246760450484de69a2d91a961e0 linux-cloud-tools-generic_4.15.0.236.247_amd64.deb ca0ec7b933509ba1b0f25318cf5494136cce8e55 linux-cloud-tools-lowlatency_4.15.0.236.247_amd64.deb 28f11559d7b675016bde2f66d8b815dd6e35ea29 linux-crashdump_4.15.0.236.247_amd64.deb ea57e6029d544f6f4daf9998ef5b01eac5ed5d39 linux-doc_4.15.0-236.247_all.deb ccd82f8df25f79b3ce358b641270523724f34fb8 linux-generic_4.15.0.236.247_amd64.deb d6756dc5714767b5b4de0cac3c6d40fce539beab linux-headers-4.15.0-236-tuxcare.els24_4.15.0-236.247_all.deb b16b75a6345cbcf0cc53de843a27ea5f01cb07e0 linux-headers-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb ae6a1dfdd0bb0615a630887ffff96b2553153f0b linux-headers-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb 74a3d02502f03155f13774bdba64cf4727d023fc linux-headers-generic_4.15.0.236.247_amd64.deb df4f20b40c3441ae376f8906ecf84a05c2b7d420 linux-headers-lowlatency_4.15.0.236.247_amd64.deb e00cea70a3991de00065c780f4e6acfaeba52b9d linux-image-generic_4.15.0.236.247_amd64.deb 41ae8f53b4593fdcfb5d53a23abb02c5064117db linux-image-lowlatency_4.15.0.236.247_amd64.deb c6ee001a2296e177a13d814c3b19e8590cd9ee65 linux-image-unsigned-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 05cb2330ff31bacb4710cd090b4ba7072074bfb4 linux-image-unsigned-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb c5cb35828fdec0c04a23331857721b2e8210cd3b linux-libc-dev_4.15.0-236.247_amd64.deb 1a2b9cbb96640f25a7f5f979c8fc87b88a9edcd1 linux-lowlatency_4.15.0.236.247_amd64.deb 1fa58c295fed04fc15869e73d8be047192b4e2fd linux-modules-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 13cd762bc87f10122995ca4ccadd311f3b75115d linux-modules-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb ee1e7e962cf17ccc2dce6ee49d541fee3dcaa2c3 linux-modules-extra-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb 77a6a96fc11a4052ded7632ea0a517617ecb1bd8 linux-source_4.15.0.236.247_all.deb 5d8ae999fb68ecdd78782720f9bf3825d0d3938e linux-source-4.15.0_4.15.0-236.247_all.deb c765a12ec0ebcf1795c403f41c9046ad83a4fb39 linux-tools-4.15.0-236-tuxcare.els24_4.15.0-236.247_amd64.deb add46eac3ea73912e094ab5e08e62553cad9927c linux-tools-4.15.0-236-tuxcare.els24-generic_4.15.0-236.247_amd64.deb d40f13b60407500c06772ba9f5c1ca839726c973 linux-tools-4.15.0-236-tuxcare.els24-lowlatency_4.15.0-236.247_amd64.deb 0a6e2f31c570c4c283fb774bd6def2597079d983 linux-tools-common_4.15.0-236.247_all.deb 62f38ca0d7b0f891eeace78d621cf8ec1e2f3713 linux-tools-generic_4.15.0.236.247_amd64.deb f55fabc66fc04757884916dc282ee19fb39c4093 linux-tools-host_4.15.0-236.247_all.deb 60e748d7cfeb82309a2158777034eacd297f21a0 linux-tools-lowlatency_4.15.0.236.247_amd64.deb b2f2758ccb96ab2bb135c13de622a3f65069f014 CLSA-2024:1724788546 TuxCare License Agreement 0 * SECURITY UPDATE: http server use exploitable/malicious backend application - debian/patches/CVE-2024-38476.patch: prevent server usage of exploitable/malicious backend application output to run local handlers via internal redirect - CVE-2024-38476 * SECURITY UPDATE: modules regression introduced by CVE-2024-38476 fix - debian/patches/CVE-2024-39884.patch: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix - CVE-2024-39884 * SECURITY UPDATE: modules regression introduced by CVE-2024-39884 fix - debian/patches/CVE-2024-40725.patch: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-39884 fix - CVE-2024-40725 * SECURITY UPDATE: attacker allowed to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI - debian/patches/CVE-2024-38474-38475.patch: server weakness with encoded question marks in backreferences - CVE-2024-38474 - debian/patches/CVE-2024-38474-38475.patch: server weakness in mod_rewrite when first segment of substitution matches filesystem path - CVE-2024-38475 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: http server use exploitable/malicious backend application - debian/patches/CVE-2024-38476.patch: prevent server usage of exploitable/malicious backend application output to run local handlers via internal redirect - CVE-2024-38476 * SECURITY UPDATE: modules regression introduced by CVE-2024-38476 fix - debian/patches/CVE-2024-39884.patch: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix - CVE-2024-39884 * SECURITY UPDATE: modules regression introduced by CVE-2024-39884 fix - debian/patches/CVE-2024-40725.patch: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-39884 fix - CVE-2024-40725 * SECURITY UPDATE: attacker allowed to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI - debian/patches/CVE-2024-38474-38475.patch: server weakness with encoded question marks in backreferences - CVE-2024-38474 - debian/patches/CVE-2024-38474-38475.patch: server weakness in mod_rewrite when first segment of substitution matches filesystem path - CVE-2024-38475

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb b227e43b726e698f62b4afb3bd63856b09fa2b01 apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb 27e0f745f6c73ef2e4b2809b7b75b361c1eb9b60 apache2-data_2.4.29-1ubuntu4.27+tuxcare.els2_all.deb 18bd8aa2acea85fc524b96665d8eccfb7dcdf643 apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb 7496305a7148d461e32448b358dde25d297f1648 apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els2_all.deb 0ffc48bb32f7630a929b99f1825b80851a351bca apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb 22b94cde4e6ce1aba01f3df1f9a08499c66b6aaa apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb fccd1ac1b8406ec47cc07ea5f4755117822612f3 apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb 35b608aecf2ee93b8d4ba2be55f3e61a3fb1bf48 apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els2_amd64.deb 7ab399dd1dee901fc1619aa8eb92a1de26ea610e CLSA-2024:1725012055 TuxCare License Agreement 0 * SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: prevent crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38477 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: prevent crash resulting in Denial of Service in mod_proxy via a malicious request - CVE-2024-38477

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb 50802331365da53ea04f8143cca13e2a7b39c719 apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb 1927f82e0d63b76e419fd05aa36ec10a4a8b9ec7 apache2-data_2.4.29-1ubuntu4.27+tuxcare.els3_all.deb e2b4ab040ebe0aee5b4397e4dc05dee535c9ffd3 apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb d9e7f0b3cb5002aa103c8cdc80759ab02fb59dea apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els3_all.deb f62c5c8a82fdd6c85fbccf213cc9d3d9bad49283 apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb 13ad778f9aa8281ba2abead046ef996d8f634fdb apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb 7b9031fbb48518eefbbaee5da7d49db3cf2f118d apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb 0c437343c5137d12bd4cde9b32cb719da6c7ed19 apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els3_amd64.deb 2cda68d026e3c10b8fea5c755bccc5c65b270d7d CLSA-2024:1725012269 TuxCare License Agreement 0 * SECURITY UPDATE: Memory Corruption via Out-of-bounds Write in ESI variable assignment - debian/patches/CVE-2024-37894.patch: fix incorrect type declaration in TrieNode.cc to prevent potential type conversion issues - CVE-2024-37894 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Memory Corruption via Out-of-bounds Write in ESI variable assignment - debian/patches/CVE-2024-37894.patch: fix incorrect type declaration in TrieNode.cc to prevent potential type conversion issues - CVE-2024-37894

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els7_amd64.deb c3ba8db9b2237ab8e18bb462e7443cf698da1e4f squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els7_amd64.deb 810b36e80bf61f9e61b603cab742cd176bd5127f squid-common_3.5.27-1ubuntu1.14+tuxcare.els7_all.deb 22c9b96529d48a251cd64efb05d72cb1e362db75 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els7_amd64.deb f4d8f053a4fa7bc50e32b06ca755ca9c693b2149 squid3_3.5.27-1ubuntu1.14+tuxcare.els7_all.deb 1b6bf3ace3e9c04e4b4cf6bf775effcab78b37aa squidclient_3.5.27-1ubuntu1.14+tuxcare.els7_amd64.deb 8e139c4cc615b88529acb20ea1cc33332615d823 CLSA-2024:1725471295 TuxCare License Agreement 0 * SECURITY UPDATE: time of check to time of use vulnerability - debian/patches/CVE-2022-23181.patch: make calculation of session storage location more robust - CVE-2022-23181 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: time of check to time of use vulnerability - debian/patches/CVE-2022-23181.patch: make calculation of session storage location more robust - CVE-2022-23181

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb 408436a9564cb8e1fe616c5974aa5cafbb443735 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb 1f86c48e3270d6778302072fb9401881746f822e tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb ebcc03f09258ccfcc2fc41ba09b62f84f1ff521b tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb dac4bc8a619e3564e06d93ff9a5613398be81e2c tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb 3d5d12e52fb1f8f26980c28621f4240d82ab128e tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb 30238f71dba5985f554fc58f2da7b9f5d79f9329 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb 399cf31ba6e714d898cbfbb58ec30ec32e2444fa tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els5_all.deb 3819ec0b818aebf00acc52582753afbe69f566ed CLSA-2024:1725993824 TuxCare License Agreement 0 * SECURITY UPDATE: CPU resource exhaustion with SIG(0) - debian/patches/CVE-2024-1975.patch: Remove support for SIG(0) verification - debian/patches/CVE-2024-1975-tests.patch: Adapt tests to SIG(0) removal - CVE-2024-1975 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: CPU resource exhaustion with SIG(0) - debian/patches/CVE-2024-1975.patch: Remove support for SIG(0) verification - debian/patches/CVE-2024-1975-tests.patch: Adapt tests to SIG(0) removal - CVE-2024-1975

0 tuxcare-ubuntu18.04-els bind9_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 4a7831f893171ad6878f84785fb95098a52a93d7 bind9-doc_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_all.deb e11f817c2b09d77bb37f7b0de1911875d5d814e8 bind9-host_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb f3c58ae7be5af43650452f0874c13c6ef66c62ba bind9utils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 57f954be32fa53c822ac16277d7bd243088cb877 dnsutils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 565d80c0a8c879ef5566599b61d022f188e66170 libbind-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb fdf024efc19d51510b2aba7327f88598e321de23 libbind-export-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 4c6f2320a7ce2a1f7c66356722cede646cde0a19 libbind9-160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 082253e96d3ac4df9fc38b0a9a8282ea98090d33 libdns-export1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 346e5f038d84779f10198be00583ea35675f9ce7 libdns1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 0f69071d7d14ff8954a912574e64e2292a6d92c5 libirs-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb d3d8ea3b27313bf703eb4dcfb2260b4aea2febb7 libirs160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 52297f1f9f5ceb5266c08d17e6d1cecc20395726 libisc-export169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb af3ea207ea7050dd0e2d9b1af173e7a6e5c28cc1 libisc169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 579f7c06bd2ec70c901271a732321a5b1319139a libisccc-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb 4952f41c5e2e4710c07240f36097297b6c9f5645 libisccc160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb efa22688fef34e6fbd75d75c630107c3d6f2d715 libisccfg-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb d2d05b5b0e9d6302f8ada5543114d836d12ace80 libisccfg160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb e79bb914743d94d302eafa5ef1589c23ddd0643e liblwres160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els5_amd64.deb b74a208b277f3c2b8dc7379214a4e266f06bcc9d CLSA-2024:1726163188 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2024-45491.patch: prevent integer overflow in dtdCopy - CVE-2024-45491 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2024-45492.patch: prevent integer overflow in nextScaffoldPart - CVE-2024-45492 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow - debian/patches/CVE-2024-45491.patch: prevent integer overflow in dtdCopy - CVE-2024-45491 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2024-45492.patch: prevent integer overflow in nextScaffoldPart - CVE-2024-45492

0 tuxcare-ubuntu18.04-els expat_2.2.5-3ubuntu0.9+tuxcare.els2_amd64.deb 4376c8f53c52fec38ebca9f2e1f5bde77aeca40d libexpat1_2.2.5-3ubuntu0.9+tuxcare.els2_amd64.deb 5c0967f8bee7508e2740ab0be4afbf0de8f6d085 libexpat1-dev_2.2.5-3ubuntu0.9+tuxcare.els2_amd64.deb 2fc41288f791b0b20fb08009618f0dc6d514c131 CLSA-2024:1726773445 TuxCare License Agreement 0 * SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str() issues and add unit tests to verify correct behaviour - CVE-2024-7264 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap Buffer Overflow in ASN.1 Parser - debian/patches/CVE-2024-7264.patch: Clean up GTime2str function to handle optional fractional seconds properly. Fix GTime2str() issues and add unit tests to verify correct behaviour - CVE-2024-7264

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 87ca5cd31254e3e35e5ae8edddda891129cc35e8 libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 3c21ca65b6b32a0a1f26c44e522c4858977f0ece libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 1cb2a3af2459da9a7044726d22e7e016387f75c1 libcurl4_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 55556225657946a9945745e2edffbdd821be74b7 libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els6_all.deb 59f0aac505a5cc3b461acf59efdc06a69249ccbb libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 90531c738cab8ffefbed3d995a215151512667f0 libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 488cdf2f59590899df1747747611cccece681747 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els6_amd64.deb 2f0e6578c1c55fb0697cf3e4406c1730d9934145 CLSA-2024:1726773559 TuxCare License Agreement 0 * Backport upstream's fixes from OpenJDK 11.0.23 release. - CVE-2024-21011: possible crash on long exception message in Hotspot. - CVE-2024-21012: incorrect performing a reverse DNS query in ConnectionPool class. - CVE-2024-21068: incorrect applying an unsigned integer left shift in Hotspot. - CVE-2024-21085: incorrect memory size validation by the NativeUnpack class. - CVE-2024-21094: possible C2 compilation error due to incorrect size validation and out of bounds array access in Hotspot. Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream's fixes from OpenJDK 11.0.23 release. - CVE-2024-21011: possible crash on long exception message in Hotspot. - CVE-2024-21012: incorrect performing a reverse DNS query in ConnectionPool class. - CVE-2024-21068: incorrect applying an unsigned integer left shift in Hotspot. - CVE-2024-21085: incorrect memory size validation by the NativeUnpack class. - CVE-2024-21094: possible C2 compilation error due to incorrect size validation and out of bounds array access in Hotspot.

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_amd64.deb fa8571263bcda17bee2f08ab8e85829cfa998803 openjdk-11-doc_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_all.deb e8a240f09d8838592f93f89bff99b4f4ba1f5674 openjdk-11-jdk_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_amd64.deb e53617b7a984ca6f1000b8df034f98ae8090191c openjdk-11-jdk-headless_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_amd64.deb b1e7dd76a1b8c88c89a569536b31b35bc3f6f4dc openjdk-11-jre_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_amd64.deb 3c85461e51636942552ba75a7dcda6afe42fdfc7 openjdk-11-jre-headless_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_amd64.deb c4779c9f7ff252a01a2f06a7b7a94596d05b0d27 openjdk-11-jre-zero_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_amd64.deb f6ba51fa44120deb59a988ea390e41f7250faacc openjdk-11-source_11.0.22+7-0ubuntu1~18.04.1+tuxcare.els2_all.deb ff64534328700d1af05613c46eac377424b1cf87 CLSA-2024:1726773716 TuxCare License Agreement 0 * Backport upstream's fixes from OpenJDK 8u412 release. - CVE-2024-21011: possible crash on long exception message in Hotspot. - CVE-2024-21068: incorrect applying an unsigned integer left shift in Hotspot. - CVE-2024-21085: incorrect memory size validation by the NativeUnpack class. - CVE-2024-21094: possible C2 compilation error due to incorrect size validation and out of bounds array access in Hotspot. Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Backport upstream's fixes from OpenJDK 8u412 release. - CVE-2024-21011: possible crash on long exception message in Hotspot. - CVE-2024-21068: incorrect applying an unsigned integer left shift in Hotspot. - CVE-2024-21085: incorrect memory size validation by the NativeUnpack class. - CVE-2024-21094: possible C2 compilation error due to incorrect size validation and out of bounds array access in Hotspot.

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u402-ga-0ubuntu1~18.04+tuxcare.els2_amd64.deb f08aca228bbe9bcc2f5a591fb85274accd5ca1ab openjdk-8-doc_8u402-ga-0ubuntu1~18.04+tuxcare.els2_all.deb 9dc0bcf616a74ae6ebef93cd59e5a4f4ac05d163 openjdk-8-jdk_8u402-ga-0ubuntu1~18.04+tuxcare.els2_amd64.deb 8703ec0390d7237329e637087e3ad53ad8077319 openjdk-8-jdk-headless_8u402-ga-0ubuntu1~18.04+tuxcare.els2_amd64.deb ccad9ee3f4e6be1a95f4194a6a4cc736bff3aca8 openjdk-8-jre_8u402-ga-0ubuntu1~18.04+tuxcare.els2_amd64.deb a188c7091f95d4b0fea94a9059d603058c0dadca openjdk-8-jre-headless_8u402-ga-0ubuntu1~18.04+tuxcare.els2_amd64.deb 8f04d8eac708bce9361c72094daecc0d05c27c6d openjdk-8-jre-zero_8u402-ga-0ubuntu1~18.04+tuxcare.els2_amd64.deb a4f5435ef20b389827336ce71683c74a4e7f8820 openjdk-8-source_8u402-ga-0ubuntu1~18.04+tuxcare.els2_all.deb 5770c53c5eba473240a50b3e63e5093481037b31 CLSA-2024:1727288271 TuxCare License Agreement 0 * SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371

0 tuxcare-ubuntu18.04-els krb5-admin-server_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 024b75c7f0ffc3f689a19b21e190c2ca5cd9a997 krb5-doc_1.16-2ubuntu0.4+tuxcare.els2_all.deb 7bc9dba14814cafda8f9263363f2430ad5e934c8 krb5-gss-samples_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 36421c2161f08ef13ffb41b02997fb192406f2d9 krb5-k5tls_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 977192fa08d276a70d5a0e1707bacaa591a2aea3 krb5-kdc_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 29c11c9ed13087c57c6bbdd4c5dbb58514838242 krb5-kdc-ldap_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 6b29e749ca8039e8d705bfb2b5a70a735848da1b krb5-kpropd_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb a214682c813e79a09c6bc55f19344a30e92b52c4 krb5-locales_1.16-2ubuntu0.4+tuxcare.els2_all.deb c3b7024fcd2160e973f2c3c161c78f32f7a118da krb5-multidev_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb c89c6a7b684641df00e8309e183fb1f30264e6fc krb5-otp_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 045235d840431b9c13ab187bce7578661724060c krb5-pkinit_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 80367d52d1cb69742dc0029e2688d600d4d82990 krb5-user_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb db4b852dd03101a4cad5ef638bc98fd47d0b17e8 libgssapi-krb5-2_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 903ee29bf79ba15a4507586e4766bac7a7174ba6 libgssrpc4_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 7887d48a98a82099fee01dbcd43eaba888c27e96 libk5crypto3_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 8fb17f780c3109fdf66cece613f2bc5d77f901df libkadm5clnt-mit11_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb cb3e28665e2b0fbf7e45d8ee85b6335927e2411e libkadm5srv-mit11_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 5c890c8a5693b2ba6e2e91e1a85019122353ee59 libkdb5-9_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 70f11d205db1b09adcfa4518210a79381eb7dc27 libkrad-dev_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 244cd6d7b1656dc93d25e2387ffbd3d24572b2d8 libkrad0_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb d1c7089ca15ed1b6f68307f18bf213a9a1ca42ef libkrb5-3_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 0e96d2d49992be23753fc9fec189247244c7e576 libkrb5-dev_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb a9b89d4cda19f6abf17da4c082ba8d0196dfd349 libkrb5support0_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb 7602b5d4c96ba54fa0d2b513505ed478fbabdbdb CLSA-2024:1727453123 TuxCare License Agreement 0 * SECURITY UPDATE: TOCTOU race condition in pg_dump - debian/patches/CVE-2024-7348.patch: Fix TOCTOU race condition in pg_dump. - CVE-2024-7348 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: TOCTOU race condition in pg_dump - debian/patches/CVE-2024-7348.patch: Fix TOCTOU race condition in pg_dump. - CVE-2024-7348

0 tuxcare-ubuntu18.04-els libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 1b1c4731c9bed1cb08c7de9e4f41d075992e04c2 libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 5449f359d967954b2ff2941aef0417de51683ddf libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 721f7bf06e0788aab459f3eb3e6a337487e6152c libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 1ea9ad7f6e1af9ae754499f13011adb1be86d7ee libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 2ac55980988f25658f69fca6d61095cf038d0d7a libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb b04a943beecff0bace2f2f4fac576f1d5ae53180 postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 54685a584cc0f89b0aeda10ada5549628f1fbdfb postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 2bdcefb8cfadd0afa784d2e11b41379f76673432 postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_all.deb d4bbf46dbf76f78ffd5a5077cf441f8df83c6205 postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 9a71bf057d5bec4ffad20bccc7e4f7ac3b8cf42a postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 3a353b5d059dae2b9973ea0140a70cc4019cd5d7 postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 798514ae8a9950156ba9468fc4c8ccf81671bcc7 postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 1d82b85f0cca60affe23cd82d7870a9bff815f1f postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els4_amd64.deb 469a2f6c4187f426c4a87dd2022aaf17770cbd03 CLSA-2024:1727797025 TuxCare License Agreement 0 * SECURITY UPDATE: Hardlink creation to arbitrary user-readable files - debian/patches/CVE-2024-32002.patch: submodule paths must not contain symlinks - CVE-2024-32002 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Hardlink creation to arbitrary user-readable files - debian/patches/CVE-2024-32002.patch: submodule paths must not contain symlinks - CVE-2024-32002

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els2_amd64.deb fa061401cebef5b8d80217acd4c896ae73d1afc4 git-all_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb f37f80f511334e26e12936c5c8b0e2e09a314976 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 11e88847bd807004033caa709899f215c5c24f09 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb aa609f0390ad585e9954d26d333b3dd5c93614e0 git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 6858b084ac8bf95ace69f419ffdeb09be24e99f1 git-doc_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 78b34b2e970f513d19fe4f12cb3afba550c637ec git-el_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 0dff8699aeef5100b78e98066d7249059b1de14d git-email_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 7698577ce6eabd204b9759a0b4aba52826404fed git-gui_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb d0ee532a8f8ca116801cdf64792c1c890ccc4d43 git-man_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 1044f690ad3765bdf155af1c5e73f0cf432a8cb5 git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 32d6e901b240fc49c1ae997c74b62d6d5554fe3e git-svn_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb 821518d7aea9e60e656f540a7ab2183297d59043 gitk_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb dde6b3ec9f3ca7bd9c796d156d2c62249a2bae36 gitweb_2.17.1-1ubuntu0.18+tuxcare.els2_all.deb f3597e877a5e54c2e72ccefd5e099251ec2058d8 CLSA-2024:1727817133 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * CVE-url: https://ubuntu.com/security/CVE-2024-42285 - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42313 - media: venus: fix use after free in vdec_close * CVE-url: https://ubuntu.com/security/CVE-2024-44999 - gtp: pull network headers in gtp_dev_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-39503 - netns: add pre_exit method to struct pernet_operations - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-39506 - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40945 - iommu: Return right value in iommu_sva_bind_device() * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42124 - scsi: qedf: Make qedf_execute_tmf() non-preemptible * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-42119 - drm/amd/display: Skip finding free audio for unknown engine_id * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-40901 - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-39509 - HID: core: remove unnecessary WARN_ON() in implement() * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * CVE-url: https://ubuntu.com/security/CVE-2024-40978 - scsi: qedi: Fix crash while reading debugfs attribute * CVE-url: https://ubuntu.com/security/CVE-2024-40941 - wifi: iwlwifi: mvm: don't read past the mfuart notifcation * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes * CVE-url: https://ubuntu.com/security/CVE-2024-26830 - i40e: Fix permission check for VF MAC filters - i40e: Fix MAC address setting for a VF via Host/VM - i40e: Do not allow untrusted VF to remove administratively set MAC * CVE-url: https://ubuntu.com/security/CVE-2023-52885 - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * Miscellaneous upstream changes - fixup! scsi: qla2xxx: Fix double free of fcport Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * CVE-url: https://ubuntu.com/security/CVE-2024-42285 - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42313 - media: venus: fix use after free in vdec_close * CVE-url: https://ubuntu.com/security/CVE-2024-44999 - gtp: pull network headers in gtp_dev_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-39503 - netns: add pre_exit method to struct pernet_operations - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-39506 - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40945 - iommu: Return right value in iommu_sva_bind_device() * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42124 - scsi: qedf: Make qedf_execute_tmf() non-preemptible * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-42119 - drm/amd/display: Skip finding free audio for unknown engine_id * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-40901 - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-39509 - HID: core: remove unnecessary WARN_ON() in implement() * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * CVE-url: https://ubuntu.com/security/CVE-2024-40978 - scsi: qedi: Fix crash while reading debugfs attribute * CVE-url: https://ubuntu.com/security/CVE-2024-40941 - wifi: iwlwifi: mvm: don't read past the mfuart notifcation * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes * CVE-url: https://ubuntu.com/security/CVE-2024-26830 - i40e: Fix permission check for VF MAC filters - i40e: Fix MAC address setting for a VF via Host/VM - i40e: Do not allow untrusted VF to remove administratively set MAC * CVE-url: https://ubuntu.com/security/CVE-2023-52885 - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * Miscellaneous upstream changes - fixup! scsi: qla2xxx: Fix double free of fcport

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 5cd643f6d22ccc38da70bcdc4472b51320d140e1 linux-buildinfo-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb e9b3d9887f5960b36cfdb6c76d1313453bcb2f74 linux-cloud-tools-4.15.0-237-tuxcare.els25_4.15.0-237.248_amd64.deb b242e598c8f7a18bf025f7888ecf54f7c9279420 linux-cloud-tools-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb d4974509d9da332cc841ee4bb249e5538af1c3f8 linux-cloud-tools-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 0b5f53084b06162964cd26d9b4d2993e0a1d5132 linux-cloud-tools-common_4.15.0-237.248_all.deb d9eaa2506a4947330cf8d5faa6ac4ed37f4627c9 linux-cloud-tools-generic_4.15.0.237.248_amd64.deb b7e9e077ae5587955203fc5e4fd6c6ea744ed73a linux-cloud-tools-lowlatency_4.15.0.237.248_amd64.deb e34e95991cc92aef483c394bb3e215b0bc766674 linux-crashdump_4.15.0.237.248_amd64.deb 622972ee9d6477e672f7e0ae63395900dc556cd2 linux-doc_4.15.0-237.248_all.deb 5f4b635a5d1f48ead5360dea7fd3bbac558d76fd linux-generic_4.15.0.237.248_amd64.deb 38106632c5d38bedab7722f37c883cabcfc27b6b linux-headers-4.15.0-237-tuxcare.els25_4.15.0-237.248_all.deb 0ec20fcc0163f21d1414a1fa7eade8411244075b linux-headers-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 275bc23fe180d440c343e64cc787798ba000baca linux-headers-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 52e96be26e6f765d27e05cb62caa2cbcce7003f2 linux-headers-generic_4.15.0.237.248_amd64.deb da874972bfdcb2a39b62302f46ec0341fea70eb1 linux-headers-lowlatency_4.15.0.237.248_amd64.deb dd80837698ae401277ed7a3fec7e186ab2b483b3 linux-image-generic_4.15.0.237.248_amd64.deb 818b7bb446a9d0248e22516de1c69ce13aa0e8d5 linux-image-lowlatency_4.15.0.237.248_amd64.deb c024ec0815ec0a4f948d5c1e7b3838e4fbcffcb5 linux-image-unsigned-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 41320ba7491488971679f4371cc81375a6935913 linux-image-unsigned-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 6f1f7ad9068d423d58819fcdbdc215d628dfe860 linux-libc-dev_4.15.0-237.248_amd64.deb e3be6e36e5cf941701c7e8a365a66893b0941fb1 linux-lowlatency_4.15.0.237.248_amd64.deb 9b74f8b63e3b004dd4f9fd93e209e36aebc40fc9 linux-modules-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb fcce58dd2b3662550286d33d520f8330290e349b linux-modules-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 033baeefb9f4c485535136cdef0ffb125c193e2b linux-modules-extra-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 0a4e2fe5fbd9296366adea82d334b9cbc7a4ccdd linux-source_4.15.0.237.248_all.deb 9742efa06820256261968b563ce2f9205cb19b81 linux-source-4.15.0_4.15.0-237.248_all.deb 4a4d2f64d2fc1ee376c298ad4f5d6bf9ca1e10dc linux-tools-4.15.0-237-tuxcare.els25_4.15.0-237.248_amd64.deb f2205c099a2b4ed38b1424e2a75e385eecbe1987 linux-tools-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 5b21c52ff023d9bc5f299f635b1b3e1ae2774255 linux-tools-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 543a9ffd411fcd12881ba13a4cfd4737e58f70c5 linux-tools-common_4.15.0-237.248_all.deb e775acac15453dbd8706fe76063807eef4a3f0e1 linux-tools-generic_4.15.0.237.248_amd64.deb 12ee6ae3adab37b1657720f7754e577ce4998ea1 linux-tools-host_4.15.0-237.248_all.deb c83210d82f495e466aa22e8441ce4ceec154110d linux-tools-lowlatency_4.15.0.237.248_amd64.deb 965c971651e74d29f6073ffa892705031eac21a3 CLSA-2024:1727817758 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * CVE-url: https://ubuntu.com/security/CVE-2024-42285 - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42313 - media: venus: fix use after free in vdec_close * CVE-url: https://ubuntu.com/security/CVE-2024-44999 - gtp: pull network headers in gtp_dev_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-39503 - netns: add pre_exit method to struct pernet_operations - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-39506 - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40945 - iommu: Return right value in iommu_sva_bind_device() * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42124 - scsi: qedf: Make qedf_execute_tmf() non-preemptible * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-42119 - drm/amd/display: Skip finding free audio for unknown engine_id * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-40901 - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-39509 - HID: core: remove unnecessary WARN_ON() in implement() * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * CVE-url: https://ubuntu.com/security/CVE-2024-40978 - scsi: qedi: Fix crash while reading debugfs attribute * CVE-url: https://ubuntu.com/security/CVE-2024-40941 - wifi: iwlwifi: mvm: don't read past the mfuart notifcation * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes * CVE-url: https://ubuntu.com/security/CVE-2024-26830 - i40e: Fix permission check for VF MAC filters - i40e: Fix MAC address setting for a VF via Host/VM - i40e: Do not allow untrusted VF to remove administratively set MAC * CVE-url: https://ubuntu.com/security/CVE-2023-52885 - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * Miscellaneous upstream changes - fixup! scsi: qla2xxx: Fix double free of fcport None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6_append_data * CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling * CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the reference serial number * CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() * CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between perm check and set-uid/gid usage * CVE-url: https://ubuntu.com/security/CVE-2022-48943 - KVM: x86/mmu: make apf token non-zero to fix bug * CVE-url: https://ubuntu.com/security/CVE-2024-38630 - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger * CVE-url: https://ubuntu.com/security/CVE-2024-44987 - ipv6: prevent UAF in ip6_send_skb() * CVE-url: https://ubuntu.com/security/CVE-2024-42285 - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs * CVE-url: https://ubuntu.com/security/CVE-2022-48733 - btrfs: fix use-after-free after failure to create a snapshot * CVE-url: https://ubuntu.com/security/CVE-2024-44940 - fou: remove warn in gue_gro_receive on unsupported protocol * CVE-url: https://ubuntu.com/security/CVE-2024-41059 - hfsplus: fix uninit-value in copy_name * CVE-url: https://ubuntu.com/security/CVE-2024-46673 - scsi: aacraid: Fix double-free on probe failure * CVE-url: https://ubuntu.com/security/CVE-2024-42313 - media: venus: fix use after free in vdec_close * CVE-url: https://ubuntu.com/security/CVE-2024-44999 - gtp: pull network headers in gtp_dev_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-42271 - net/iucv: fix use after free in iucv_sock_close() * CVE-url: https://ubuntu.com/security/CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC * CVE-url: https://ubuntu.com/security/CVE-2024-43858 - jfs: Fix array-index-out-of-bounds in diFree * CVE-url: https://ubuntu.com/security/CVE-2024-41071 - wifi: mac80211: Avoid address calculations via out of bounds array indexing * CVE-url: https://ubuntu.com/security/CVE-2024-42301 - dev/parport: fix the array out-of-bounds risk * CVE-url: https://ubuntu.com/security/CVE-2024-46674 - usb: dwc3: st: fix probed platform device ref count on probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-43900 - media: xc2028: avoid use-after-free in load_firmware_cb() * CVE-url: https://ubuntu.com/security/CVE-2024-42284 - tipc: Return non-zero value from tipc_udp_addr2str() on error * CVE-url: https://ubuntu.com/security/CVE-2024-44998 - atm: idt77252: prevent use after free in dequeue_rx() * CVE-url: https://ubuntu.com/security/CVE-2024-42280 - mISDN: Fix a use after free in hfcmulti_tx() * CVE-url: https://ubuntu.com/security/CVE-2024-39503 - netns: add pre_exit method to struct pernet_operations - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type * CVE-url: https://ubuntu.com/security/CVE-2024-39499 - vmci: prevent speculation leaks by sanitizing event in event_deliver() * CVE-url: https://ubuntu.com/security/CVE-2024-40988 - drm/radeon: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-40916 - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found * CVE-url: https://ubuntu.com/security/CVE-2024-40904 - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages * CVE-url: https://ubuntu.com/security/CVE-2024-39506 - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet * CVE-url: https://ubuntu.com/security/CVE-2024-42106 - inet_diag: Initialize pad field in struct inet_diag_req_v2 * CVE-url: https://ubuntu.com/security/CVE-2024-42145 - IB/core: Implement a limit on UMAD receive List * CVE-url: https://ubuntu.com/security/CVE-2024-40945 - iommu: Return right value in iommu_sva_bind_device() * CVE-url: https://ubuntu.com/security/CVE-2024-40932 - drm/exynos/vidi: fix memory leak in .get_modes() * CVE-url: https://ubuntu.com/security/CVE-2024-41006 - netrom: Fix a memory leak in nr_heartbeat_expiry() * CVE-url: https://ubuntu.com/security/CVE-2024-40943 - ocfs2: fix races between hole punching and AIO+DIO * CVE-url: https://ubuntu.com/security/CVE-2024-36894 - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete * CVE-url: https://ubuntu.com/security/CVE-2024-42124 - scsi: qedf: Make qedf_execute_tmf() non-preemptible * CVE-url: https://ubuntu.com/security/CVE-2024-42115 - jffs2: Fix potential illegal address access in jffs2_free_inode * CVE-url: https://ubuntu.com/security/CVE-2024-41035 - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-41097 - usb: atm: cxacru: fix endpoint checking in cxacru_bind() * CVE-url: https://ubuntu.com/security/CVE-2024-42119 - drm/amd/display: Skip finding free audio for unknown engine_id * CVE-url: https://ubuntu.com/security/CVE-2024-39501 - drivers: core: synchronize really_probe() and dev_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-42105 - nilfs2: fix inode number range checks * CVE-url: https://ubuntu.com/security/CVE-2024-40984 - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." * CVE-url: https://ubuntu.com/security/CVE-2024-40987 - drm/amdgpu: fix UBSAN warning in kv_dpm.c * CVE-url: https://ubuntu.com/security/CVE-2024-42097 - ALSA: emux: improve patch ioctl data validation * CVE-url: https://ubuntu.com/security/CVE-2024-42090 - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER * CVE-url: https://ubuntu.com/security/CVE-2024-40942 - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects * CVE-url: https://ubuntu.com/security/CVE-2024-40981 - batman-adv: bypass empty buckets in batadv_purge_orig_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-40959 - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() * CVE-url: https://ubuntu.com/security/CVE-2024-42089 - ASoC: fsl-asoc-card: set priv->pdev before using it * CVE-url: https://ubuntu.com/security/CVE-2024-40901 - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory * CVE-url: https://ubuntu.com/security/CVE-2024-42101 - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-40980 - drop_monitor: replace spin_lock by raw_spin_lock * CVE-url: https://ubuntu.com/security/CVE-2024-42084 - ftruncate: pass a signed offset * CVE-url: https://ubuntu.com/security/CVE-2024-39509 - HID: core: remove unnecessary WARN_ON() in implement() * CVE-url: https://ubuntu.com/security/CVE-2024-42096 - x86: stop playing stack games in profile_pc() * CVE-url: https://ubuntu.com/security/CVE-2024-38619 - usb-storage: alauda: Check whether the media is initialized * CVE-url: https://ubuntu.com/security/CVE-2024-42102 - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" - mm: avoid overflows in dirty throttling logic * CVE-url: https://ubuntu.com/security/CVE-2024-41044 - ppp: reject claimed-as-LCP but actually malformed packets * CVE-url: https://ubuntu.com/security/CVE-2024-40978 - scsi: qedi: Fix crash while reading debugfs attribute * CVE-url: https://ubuntu.com/security/CVE-2024-40941 - wifi: iwlwifi: mvm: don't read past the mfuart notifcation * CVE-url: https://ubuntu.com/security/CVE-2024-40905 - ipv6: fix possible race in __fib6_drop_pcpu_from() * CVE-url: https://ubuntu.com/security/CVE-2023-52803 - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries * CVE-url: https://ubuntu.com/security/CVE-2024-42104 - nilfs2: add missing check for inode numbers on directory entries * CVE-url: https://ubuntu.com/security/CVE-2024-42148 - bnx2x: Fix multiple UBSAN array-index-out-of-bounds * CVE-url: https://ubuntu.com/security/CVE-2024-42094 - net/iucv: Avoid explicit cpumask var allocation on stack * CVE-url: https://ubuntu.com/security/CVE-2024-41046 - net: ethernet: lantiq_etop: fix double free in detach * CVE-url: https://ubuntu.com/security/CVE-2024-38538 - net: bridge: xmit: make sure we have at least eth header len bytes * CVE-url: https://ubuntu.com/security/CVE-2024-26830 - i40e: Fix permission check for VF MAC filters - i40e: Fix MAC address setting for a VF via Host/VM - i40e: Do not allow untrusted VF to remove administratively set MAC * CVE-url: https://ubuntu.com/security/CVE-2023-52885 - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() * CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug * Miscellaneous upstream changes - fixup! scsi: qla2xxx: Fix double free of fcport

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 5cd643f6d22ccc38da70bcdc4472b51320d140e1 linux-buildinfo-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb e9b3d9887f5960b36cfdb6c76d1313453bcb2f74 linux-cloud-tools-4.15.0-237-tuxcare.els25_4.15.0-237.248_amd64.deb b242e598c8f7a18bf025f7888ecf54f7c9279420 linux-cloud-tools-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb d4974509d9da332cc841ee4bb249e5538af1c3f8 linux-cloud-tools-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 0b5f53084b06162964cd26d9b4d2993e0a1d5132 linux-cloud-tools-common_4.15.0-237.248_all.deb d9eaa2506a4947330cf8d5faa6ac4ed37f4627c9 linux-cloud-tools-generic_4.15.0.237.248_amd64.deb b7e9e077ae5587955203fc5e4fd6c6ea744ed73a linux-cloud-tools-lowlatency_4.15.0.237.248_amd64.deb e34e95991cc92aef483c394bb3e215b0bc766674 linux-crashdump_4.15.0.237.248_amd64.deb 622972ee9d6477e672f7e0ae63395900dc556cd2 linux-doc_4.15.0-237.248_all.deb 5f4b635a5d1f48ead5360dea7fd3bbac558d76fd linux-generic_4.15.0.237.248_amd64.deb 38106632c5d38bedab7722f37c883cabcfc27b6b linux-headers-4.15.0-237-tuxcare.els25_4.15.0-237.248_all.deb 0ec20fcc0163f21d1414a1fa7eade8411244075b linux-headers-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 275bc23fe180d440c343e64cc787798ba000baca linux-headers-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 52e96be26e6f765d27e05cb62caa2cbcce7003f2 linux-headers-generic_4.15.0.237.248_amd64.deb da874972bfdcb2a39b62302f46ec0341fea70eb1 linux-headers-lowlatency_4.15.0.237.248_amd64.deb dd80837698ae401277ed7a3fec7e186ab2b483b3 linux-image-generic_4.15.0.237.248_amd64.deb 818b7bb446a9d0248e22516de1c69ce13aa0e8d5 linux-image-lowlatency_4.15.0.237.248_amd64.deb c024ec0815ec0a4f948d5c1e7b3838e4fbcffcb5 linux-image-unsigned-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 41320ba7491488971679f4371cc81375a6935913 linux-image-unsigned-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 6f1f7ad9068d423d58819fcdbdc215d628dfe860 linux-libc-dev_4.15.0-237.248_amd64.deb e3be6e36e5cf941701c7e8a365a66893b0941fb1 linux-lowlatency_4.15.0.237.248_amd64.deb 9b74f8b63e3b004dd4f9fd93e209e36aebc40fc9 linux-modules-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb fcce58dd2b3662550286d33d520f8330290e349b linux-modules-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 033baeefb9f4c485535136cdef0ffb125c193e2b linux-modules-extra-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 0a4e2fe5fbd9296366adea82d334b9cbc7a4ccdd linux-source_4.15.0.237.248_all.deb 9742efa06820256261968b563ce2f9205cb19b81 linux-source-4.15.0_4.15.0-237.248_all.deb 4a4d2f64d2fc1ee376c298ad4f5d6bf9ca1e10dc linux-tools-4.15.0-237-tuxcare.els25_4.15.0-237.248_amd64.deb f2205c099a2b4ed38b1424e2a75e385eecbe1987 linux-tools-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb 5b21c52ff023d9bc5f299f635b1b3e1ae2774255 linux-tools-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb 543a9ffd411fcd12881ba13a4cfd4737e58f70c5 linux-tools-common_4.15.0-237.248_all.deb e775acac15453dbd8706fe76063807eef4a3f0e1 linux-tools-generic_4.15.0.237.248_amd64.deb 12ee6ae3adab37b1657720f7754e577ce4998ea1 linux-tools-host_4.15.0-237.248_all.deb c83210d82f495e466aa22e8441ce4ceec154110d linux-tools-lowlatency_4.15.0.237.248_amd64.deb 965c971651e74d29f6073ffa892705031eac21a3 CLSA-2024:1727895277 TuxCare License Agreement 0 * SECURITY UPDATE: Excessive CPU resources usage while parsing cookies with backslashes in value - debian/patches/CVE-2024-7592.patch: Fix quadratic complexity in parsing cookie values with backslashes - CVE-2024-7592 * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile header parsing - debian/patches/CVE-2024-6232.patch: Fix regexp handling in tarfile - CVE-2024-6232 * Replace PROTOCOL_TLSv1 with PROTOCOL_TLSv1_2 in Lib/test/test_ssl.py to fix the check phase on the build system Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Excessive CPU resources usage while parsing cookies with backslashes in value - debian/patches/CVE-2024-7592.patch: Fix quadratic complexity in parsing cookie values with backslashes - CVE-2024-7592 * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile header parsing - debian/patches/CVE-2024-6232.patch: Fix regexp handling in tarfile - CVE-2024-6232 * Replace PROTOCOL_TLSv1 with PROTOCOL_TLSv1_2 in Lib/test/test_ssl.py to fix the check phase on the build system

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_all.deb 784d2caafdc205d48e21572e63ea7d8b0664d8eb libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb 44c5b70707761823edf7aeacdb9bc58191ae2812 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb ab625f241c372e7397707a23e6929fd0cadc6b20 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb 96d90efd130ff120a0e61ffb40a5aa35dd7ee425 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb 8c86583ceaec36555ba635fb15e7242b9b05aaf0 libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_all.deb ee8ba679865f1fa8b770be411114ea450d70cef3 python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb 8928c073054e16cb7ee9b3d3be3763fae6dfc527 python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb 8ef4bb2e74362fb9892ef8b260c9e3ecb7db3a3a python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_all.deb e57d52b50c7a3351fb7dbd7c45589ca8a981f364 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_all.deb e7f30ad075a2dea9974ffbdbca8f3ae651642ce5 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els9_amd64.deb f9c6073d90f5381ab7fc8627363706e2a7f47feb CLSA-2024:1728056367 TuxCare License Agreement 0 * SECURITY UPDATE: Bypass of protections in untrusted repositories - debian/patches/CVE-2024-32465.patch: Disable lazy-fetching by default in upload-pack to prevent arbitrary command execution during clone/fetch - CVE-2024-32465 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Bypass of protections in untrusted repositories - debian/patches/CVE-2024-32465.patch: Disable lazy-fetching by default in upload-pack to prevent arbitrary command execution during clone/fetch - CVE-2024-32465

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els3_amd64.deb 4dc4481bc8ec755c6d14510d36b0b12c61d77ad2 git-all_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb ace223711c747262118f3ea234c02b4c1ec5d6ea git-cvs_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb 09c67f24a6774c77eff940ee44f1534aeafe2051 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb 506dddcd306c3fba13e8a80101995a5898be1422 git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb e53d2b11cbe729c586d8638bc0ce192fa69a24a6 git-doc_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb f85f5438654a86e1bb4c3b5a96ad6f4a587cca3e git-el_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb b2a0c144197ee58704739eb08841808a5b4ee783 git-email_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb b049de143936c14b5452dcb0fb0965cfc2b82505 git-gui_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb e7bf72b3f2a1cf52fb648dd73e5f87436cadeb4a git-man_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb 6f2b7bbeb4c798b1267d28c748ebf7a33f1cfa53 git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb 6048f9b98cec5e3d9fe97277cd36e149d81e539e git-svn_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb 6568ffbebd9ad975c742112b25cf84ed4ab4212e gitk_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb 3a88ec4853a10552f39336aa8031ecbdcdb36b3f gitweb_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb fbf1bcd76cda002e433b9d181eede4bed713309c CLSA-2024:1728478701 TuxCare License Agreement 0 * New microcode update packages from AMD upstream up to 2024-08-11: - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); * SECURITY UPDATE: Fix improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. - CVE-2023-31315 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from AMD upstream up to 2024-08-11: - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); * SECURITY UPDATE: Fix improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. - CVE-2023-31315

0 tuxcare-ubuntu18.04-els amd64-microcode_3.20240811.1ubuntu0.18.04.1+tuxcare.els1_amd64.deb 68ecd41df166fa3ac7a2f75c10a72ed77cf2a548 CLSA-2024:1728479129 TuxCare License Agreement 0 * SECURITY UPDATE: Memory exhaustion due to excessive HTTP/2 incoming headers buffering - debian/patches/CVE-2024-27316.patch: Fix to bail after too many failed reads, increment count on request headers failed to add - CVE-2024-27316 * SECURITY UPDATE: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses - debian/patches/CVE-2023-38709.patch: header validation after content-* are eval'ed - CVE-2023-38709 * SECURITY UPDATE: HTTP response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack - debian/patches/CVE-2024-24795.patch: let httpd handle CL/TE for non-http handlers - CVE-2024-24795 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Memory exhaustion due to excessive HTTP/2 incoming headers buffering - debian/patches/CVE-2024-27316.patch: Fix to bail after too many failed reads, increment count on request headers failed to add - CVE-2024-27316 * SECURITY UPDATE: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses - debian/patches/CVE-2023-38709.patch: header validation after content-* are eval'ed - CVE-2023-38709 * SECURITY UPDATE: HTTP response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack - debian/patches/CVE-2024-24795.patch: let httpd handle CL/TE for non-http handlers - CVE-2024-24795

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb 0177ba9e9b43391c3a7a9047afd3dc3b4a99f7ea apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb 5f68ad84766549ccc6f43a389fdd7aa7fe3ec993 apache2-data_2.4.29-1ubuntu4.27+tuxcare.els4_all.deb a8e8cd0374214f4891d8b92844667d82f7c3658c apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb c36905893bbb0346c69741df137b5bb90199d3fa apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els4_all.deb 11dbaf47f0ab5c86f269613f7ade4257471972f4 apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb 8fdd64f8ac2208924c59f9af0928ad2dc787a40e apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb 83170f28c3bbcd81dc9923aac61122454e326df7 apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb b32849f79f3ed1726f1c3e681dea05bd3684984f apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els4_amd64.deb 8cd5cea4eb5edb866fe666cd32ac356d86437328 CLSA-2024:1728479702 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2024-08-13: - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720 sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688 sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280 sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216 * SECURITY UPDATE: - CVE-2024-24980, INTEL-SA-01100 - CVE-2024-25939, INTEL-SA-01118 - CVE-2023-42667, INTEL-SA-01038 - CVE-2023-49141, INTEL-SA-01046 - CVE-2024-24853, INTEL-SA-01083 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2024-08-13: - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720 sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688 sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280 sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216 * SECURITY UPDATE: - CVE-2024-24980, INTEL-SA-01100 - CVE-2024-25939, INTEL-SA-01118 - CVE-2023-42667, INTEL-SA-01038 - CVE-2023-49141, INTEL-SA-01046 - CVE-2024-24853, INTEL-SA-01083

0 tuxcare-ubuntu18.04-els intel-microcode_3.20240813.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb c1aa0742154335c5382840e3b2762f1277609a58 CLSA-2024:1728583613 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dc_validate_stream * CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpio_id before used as array index * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2024-46854 - net: dpaa: Pad packets to ETH_ZLEN * CVE-url: https://ubuntu.com/security/CVE-2024-46813 - drm/amd/display: Check link_index before accessing dc->links[] * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46782 - ila: call nf_unregister_net_hooks() sooner * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dc_validate_stream * CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpio_id before used as array index * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2024-46854 - net: dpaa: Pad packets to ETH_ZLEN * CVE-url: https://ubuntu.com/security/CVE-2024-46813 - drm/amd/display: Check link_index before accessing dc->links[] * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46782 - ila: call nf_unregister_net_hooks() sooner * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb b262881dc49af93284d27b94296ac656839ef3ef linux-buildinfo-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb 96333e8759ebdb4f59403866f0637097777c8cb7 linux-cloud-tools-4.15.0-238-tuxcare.els26_4.15.0-238.249_amd64.deb e8c45143a4ced032d29cdf0118a606f1bdf3369b linux-cloud-tools-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb e278774ead3fb348a7a772292dddc0febb55efe9 linux-cloud-tools-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb ecbd59f81f438c725aad894fbe22271f8717e908 linux-cloud-tools-common_4.15.0-238.249_all.deb 8894fdc63cd9040892eb4a301ec4271bb10def83 linux-cloud-tools-generic_4.15.0.238.249_amd64.deb d80ce6f4a714731520e9701a4e467056808e7e27 linux-cloud-tools-lowlatency_4.15.0.238.249_amd64.deb 4cb8322dc2ea4746e53ad0adc4ac2135995c09af linux-crashdump_4.15.0.238.249_amd64.deb c270084f8f1eb17ff855771c953e13fe031bc382 linux-doc_4.15.0-238.249_all.deb 2b155c37a373b4aa61b3495f1b9745c2e0d168e4 linux-generic_4.15.0.238.249_amd64.deb ed537bb7350c3c18df74243ec9c8fa8122e4d505 linux-headers-4.15.0-238-tuxcare.els26_4.15.0-238.249_all.deb 58a75295e9d55be8ece525377f6363569ca7df83 linux-headers-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 2ba6391217a9d03809a0323ed582276ed2817d97 linux-headers-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb eae755bfd8ae28750c62aae1e173a55f79c2722c linux-headers-generic_4.15.0.238.249_amd64.deb 5f4f9ec675025db7cd008c000c0842d2685ef9a3 linux-headers-lowlatency_4.15.0.238.249_amd64.deb a60a29e03aa237e6fe5e6db6bef4058919627374 linux-image-generic_4.15.0.238.249_amd64.deb 44105890d5236e62543ec24ddee3270d875cfb94 linux-image-lowlatency_4.15.0.238.249_amd64.deb 26a109c6098d72577c666ede47195083ae6c14bd linux-image-unsigned-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 7f2817c74dfc28f6736e0c31d5ed0bdaefb39634 linux-image-unsigned-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb b8e9bb1b1f34f6c19168b9b25b02ad2c8b4786eb linux-libc-dev_4.15.0-238.249_amd64.deb 6af77aca1aa7298a411a03d20308ce6d87e8dcc5 linux-lowlatency_4.15.0.238.249_amd64.deb 6e33a0d53f7bf7eea04714ac428047754fd1d199 linux-modules-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 85ec09c005a91f131ff26b8102f96866b4ee7442 linux-modules-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb cdc47d92b89d0c7907bcb1aa02f5e14f5a4db2bc linux-modules-extra-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 5571f1957c23cdc4a83eef501f60126bb479b781 linux-source_4.15.0.238.249_all.deb 5fa6958a37b160d0164a16deedfc5b55df4e4fde linux-source-4.15.0_4.15.0-238.249_all.deb cfd3a7b3cdaee6d4209bfe2ef7ad46009aa2ff22 linux-tools-4.15.0-238-tuxcare.els26_4.15.0-238.249_amd64.deb 9238e1ad853c18e5efb1a38737f8f01b66f631e6 linux-tools-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb a43750259256a75b819b0bfb464cff018487de31 linux-tools-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb 6602abb296d1783056416c78f84a73bb9567a62a linux-tools-common_4.15.0-238.249_all.deb e75325b6a3f7fa86231c76e8f7d672eeb0693cc4 linux-tools-generic_4.15.0.238.249_amd64.deb b302e93f7882d339961423f1fa09030097d7cae1 linux-tools-host_4.15.0-238.249_all.deb 9a409a9f2bf721f9b933114200f1787db00029a8 linux-tools-lowlatency_4.15.0.238.249_amd64.deb 7603f3903fa116859bdf5728875de99c4f5fb276 CLSA-2024:1728583928 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dc_validate_stream * CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpio_id before used as array index * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2024-46854 - net: dpaa: Pad packets to ETH_ZLEN * CVE-url: https://ubuntu.com/security/CVE-2024-46813 - drm/amd/display: Check link_index before accessing dc->links[] * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46782 - ila: call nf_unregister_net_hooks() sooner * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dc_validate_stream * CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpio_id before used as array index * CVE-url: https://ubuntu.com/security/CVE-2024-46744 - Squashfs: sanity check symbolic link size * CVE-url: https://ubuntu.com/security/CVE-2024-46854 - net: dpaa: Pad packets to ETH_ZLEN * CVE-url: https://ubuntu.com/security/CVE-2024-46813 - drm/amd/display: Check link_index before accessing dc->links[] * CVE-url: https://ubuntu.com/security/CVE-2024-46731 - drm/amd/pm: fix the Out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46759 - hwmon: (adc128d818) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ftrace: Fix possible use-after-free issue in ftrace_location() * CVE-url: https://ubuntu.com/security/CVE-2024-46743 - of/irq: Prevent device address out-of-bounds read in interrupt map walk * CVE-url: https://ubuntu.com/security/CVE-2024-46738 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46800 - sch/netem: fix use after free in netem_dequeue * CVE-url: https://ubuntu.com/security/CVE-2024-46757 - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46758 - hwmon: (lm95234) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-46782 - ila: call nf_unregister_net_hooks() sooner * CVE-url: https://ubuntu.com/security/CVE-2024-46756 - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes * CVE-url: https://ubuntu.com/security/CVE-2024-40912 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() * CVE-url: https://ubuntu.com/security/CVE-2024-46723 - drm/amdgpu: fix ucode out-of-bounds read warning * CVE-url: https://ubuntu.com/security/CVE-2024-46722 - drm/amdgpu: fix mc_data out-of-bounds read warning

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb b262881dc49af93284d27b94296ac656839ef3ef linux-buildinfo-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb 96333e8759ebdb4f59403866f0637097777c8cb7 linux-cloud-tools-4.15.0-238-tuxcare.els26_4.15.0-238.249_amd64.deb e8c45143a4ced032d29cdf0118a606f1bdf3369b linux-cloud-tools-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb e278774ead3fb348a7a772292dddc0febb55efe9 linux-cloud-tools-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb ecbd59f81f438c725aad894fbe22271f8717e908 linux-cloud-tools-common_4.15.0-238.249_all.deb 8894fdc63cd9040892eb4a301ec4271bb10def83 linux-cloud-tools-generic_4.15.0.238.249_amd64.deb d80ce6f4a714731520e9701a4e467056808e7e27 linux-cloud-tools-lowlatency_4.15.0.238.249_amd64.deb 4cb8322dc2ea4746e53ad0adc4ac2135995c09af linux-crashdump_4.15.0.238.249_amd64.deb c270084f8f1eb17ff855771c953e13fe031bc382 linux-doc_4.15.0-238.249_all.deb 2b155c37a373b4aa61b3495f1b9745c2e0d168e4 linux-generic_4.15.0.238.249_amd64.deb ed537bb7350c3c18df74243ec9c8fa8122e4d505 linux-headers-4.15.0-238-tuxcare.els26_4.15.0-238.249_all.deb 58a75295e9d55be8ece525377f6363569ca7df83 linux-headers-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 2ba6391217a9d03809a0323ed582276ed2817d97 linux-headers-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb eae755bfd8ae28750c62aae1e173a55f79c2722c linux-headers-generic_4.15.0.238.249_amd64.deb 5f4f9ec675025db7cd008c000c0842d2685ef9a3 linux-headers-lowlatency_4.15.0.238.249_amd64.deb a60a29e03aa237e6fe5e6db6bef4058919627374 linux-image-generic_4.15.0.238.249_amd64.deb 44105890d5236e62543ec24ddee3270d875cfb94 linux-image-lowlatency_4.15.0.238.249_amd64.deb 26a109c6098d72577c666ede47195083ae6c14bd linux-image-unsigned-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 7f2817c74dfc28f6736e0c31d5ed0bdaefb39634 linux-image-unsigned-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb b8e9bb1b1f34f6c19168b9b25b02ad2c8b4786eb linux-libc-dev_4.15.0-238.249_amd64.deb 6af77aca1aa7298a411a03d20308ce6d87e8dcc5 linux-lowlatency_4.15.0.238.249_amd64.deb 6e33a0d53f7bf7eea04714ac428047754fd1d199 linux-modules-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 85ec09c005a91f131ff26b8102f96866b4ee7442 linux-modules-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb cdc47d92b89d0c7907bcb1aa02f5e14f5a4db2bc linux-modules-extra-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb 5571f1957c23cdc4a83eef501f60126bb479b781 linux-source_4.15.0.238.249_all.deb 5fa6958a37b160d0164a16deedfc5b55df4e4fde linux-source-4.15.0_4.15.0-238.249_all.deb cfd3a7b3cdaee6d4209bfe2ef7ad46009aa2ff22 linux-tools-4.15.0-238-tuxcare.els26_4.15.0-238.249_amd64.deb 9238e1ad853c18e5efb1a38737f8f01b66f631e6 linux-tools-4.15.0-238-tuxcare.els26-generic_4.15.0-238.249_amd64.deb a43750259256a75b819b0bfb464cff018487de31 linux-tools-4.15.0-238-tuxcare.els26-lowlatency_4.15.0-238.249_amd64.deb 6602abb296d1783056416c78f84a73bb9567a62a linux-tools-common_4.15.0-238.249_all.deb e75325b6a3f7fa86231c76e8f7d672eeb0693cc4 linux-tools-generic_4.15.0.238.249_amd64.deb b302e93f7882d339961423f1fa09030097d7cae1 linux-tools-host_4.15.0-238.249_all.deb 9a409a9f2bf721f9b933114200f1787db00029a8 linux-tools-lowlatency_4.15.0.238.249_amd64.deb 7603f3903fa116859bdf5728875de99c4f5fb276 CLSA-2024:1729197957 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2024-09-10: - Updated microcodes: sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216 sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 * SECURITY UPDATE: - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2024-09-10: - Updated microcodes: sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208 sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216 sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040 sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256 * SECURITY UPDATE: - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103

0 tuxcare-ubuntu18.04-els intel-microcode_3.20240910.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb ba0df41b79eaffe777ca068773799987dea4cec8 CLSA-2024:1729518310 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52510 - ieee802154: ca8210: Fix a potential UAF in ca8210_probe * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-26960 - mm, swap: fix race between swapoff and some swap operations - mm: swap: fix race between free_swap_and_cache() and swapoff() * CVE-url: https://ubuntu.com/security/CVE-2024-27051 - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations * CVE-url: https://ubuntu.com/security/CVE-2024-41073 - nvme: avoid double free special payload * CVE-url: https://ubuntu.com/security/CVE-2024-45016 - netem: fix return value if duplicate enqueue fails * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52510 - ieee802154: ca8210: Fix a potential UAF in ca8210_probe * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-26960 - mm, swap: fix race between swapoff and some swap operations - mm: swap: fix race between free_swap_and_cache() and swapoff() * CVE-url: https://ubuntu.com/security/CVE-2024-27051 - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations * CVE-url: https://ubuntu.com/security/CVE-2024-41073 - nvme: avoid double free special payload * CVE-url: https://ubuntu.com/security/CVE-2024-45016 - netem: fix return value if duplicate enqueue fails * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 816d26247ffe6542516219b2db6d2a952563ff41 linux-buildinfo-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb b7278b648234f91ffb2bf61949c2510381727f58 linux-cloud-tools-4.15.0-239-tuxcare.els27_4.15.0-239.250_amd64.deb 1872c078aefe0968f7168e5728feac1874c91579 linux-cloud-tools-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb eaceaa831777b32ca7eaf9f21a8495f7b194b1b2 linux-cloud-tools-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 87922f9aa012251bebcf56bcaab9f2c12ef17943 linux-cloud-tools-common_4.15.0-239.250_all.deb dd589b2d916a6a749415a526e487fa9338fcb78b linux-cloud-tools-generic_4.15.0.239.250_amd64.deb 644f197b7d28a356019c19b34ea68cbfa5c6b9a1 linux-cloud-tools-lowlatency_4.15.0.239.250_amd64.deb ed329b5c73d62f3412fabb3ff74187b4adc5359f linux-crashdump_4.15.0.239.250_amd64.deb 805def96c677bd5e0a47e3465e834fa7393305da linux-doc_4.15.0-239.250_all.deb c6aa2751ff5ccb7396ba54833978fbe6aa627c26 linux-generic_4.15.0.239.250_amd64.deb 7bba7f44e28d895a1e91d8dd0f2dfaa49e91e51d linux-headers-4.15.0-239-tuxcare.els27_4.15.0-239.250_all.deb 7394a8a1e22c0052e1c61c9a57ec70436807d5db linux-headers-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb ec2e37c30776b69f4d5181f10c87da23a629f540 linux-headers-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb cef4410f33ed9199cac5c55804462ee8cb1f0d20 linux-headers-generic_4.15.0.239.250_amd64.deb 5f05ab039155b016cfa90aff9396ea69f3156c86 linux-headers-lowlatency_4.15.0.239.250_amd64.deb 2f887a0f280af2944ab0ad485f126f2951650491 linux-image-generic_4.15.0.239.250_amd64.deb c9fefd25580fb23fedef411149290aeb5f5d9cde linux-image-lowlatency_4.15.0.239.250_amd64.deb d487d8893f6a4345f6766c5d5720cecae579b55f linux-image-unsigned-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 12368a82003ff32e4e6790560f6b0d456cf3c580 linux-image-unsigned-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 79c95649c8e769843733f4aa08597e4305f177bf linux-libc-dev_4.15.0-239.250_amd64.deb 76253cacf0dfb44854322bf04f9f8c5a307d6b31 linux-lowlatency_4.15.0.239.250_amd64.deb 42fda4fdf28303853f6b901800bf674a12e191d4 linux-modules-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 70095d231971d6598dbf7b7f31e6512abf6d1a3b linux-modules-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 52426fccda8307fe20e7dd3b515b15515e8ab1a2 linux-modules-extra-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 4383691a812141fc9f9d1a9a81b329d808427203 linux-source_4.15.0.239.250_all.deb 5985c68e1a0ff27c535e7df1ae9e987340a765e4 linux-source-4.15.0_4.15.0-239.250_all.deb 5d5533264fedeacbd9769b39092e3dc5b554556f linux-tools-4.15.0-239-tuxcare.els27_4.15.0-239.250_amd64.deb 40674681d6fdaf56b649442bca304e09ecdb81c0 linux-tools-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 05364a05d2141217f81435a213bb5cc54d0a28eb linux-tools-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 27197fc949f1402dbcd1d1825ca658fb9ec373ab linux-tools-common_4.15.0-239.250_all.deb 16efe08a790a1544e911a446dfed32cdd942cd50 linux-tools-generic_4.15.0.239.250_amd64.deb 7a827ef59e5bbace85136b06076271b8b861ef5d linux-tools-host_4.15.0-239.250_all.deb 0749dbec49e817542589560ed23f3ffd92901912 linux-tools-lowlatency_4.15.0.239.250_amd64.deb 0b877367421101678e4acdb8aa03d61d841bb1f6 CLSA-2024:1729518811 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52510 - ieee802154: ca8210: Fix a potential UAF in ca8210_probe * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-26960 - mm, swap: fix race between swapoff and some swap operations - mm: swap: fix race between free_swap_and_cache() and swapoff() * CVE-url: https://ubuntu.com/security/CVE-2024-27051 - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations * CVE-url: https://ubuntu.com/security/CVE-2024-41073 - nvme: avoid double free special payload * CVE-url: https://ubuntu.com/security/CVE-2024-45016 - netem: fix return value if duplicate enqueue fails * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfio_intx_enable() * CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete * CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix racy access to midibuf * CVE-url: https://ubuntu.com/security/CVE-2024-45003 - vfs: Don't evict inode under the inode lru traversing context * CVE-url: https://ubuntu.com/security/CVE-2024-46841 - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() * CVE-url: https://ubuntu.com/security/CVE-2024-44950 - serial: sc16is7xx: fix invalid FIFO access with special register set * CVE-url: https://ubuntu.com/security/CVE-2024-26812 - vfio: Introduce interface to flush virqfd inject workqueue - vfio/pci: Create persistent INTx handler * CVE-url: https://ubuntu.com/security/CVE-2023-52510 - ieee802154: ca8210: Fix a potential UAF in ca8210_probe * CVE-url: https://ubuntu.com/security/CVE-2023-52528 - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg * CVE-url: https://ubuntu.com/security/CVE-2024-26960 - mm, swap: fix race between swapoff and some swap operations - mm: swap: fix race between free_swap_and_cache() and swapoff() * CVE-url: https://ubuntu.com/security/CVE-2024-27051 - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations * CVE-url: https://ubuntu.com/security/CVE-2024-41073 - nvme: avoid double free special payload * CVE-url: https://ubuntu.com/security/CVE-2024-45016 - netem: fix return value if duplicate enqueue fails * CVE-url: https://ubuntu.com/security/CVE-2024-42229 - crypto: aead,cipher - zeroize key buffer after use * CVE-url: https://ubuntu.com/security/CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 816d26247ffe6542516219b2db6d2a952563ff41 linux-buildinfo-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb b7278b648234f91ffb2bf61949c2510381727f58 linux-cloud-tools-4.15.0-239-tuxcare.els27_4.15.0-239.250_amd64.deb 1872c078aefe0968f7168e5728feac1874c91579 linux-cloud-tools-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb eaceaa831777b32ca7eaf9f21a8495f7b194b1b2 linux-cloud-tools-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 87922f9aa012251bebcf56bcaab9f2c12ef17943 linux-cloud-tools-common_4.15.0-239.250_all.deb dd589b2d916a6a749415a526e487fa9338fcb78b linux-cloud-tools-generic_4.15.0.239.250_amd64.deb 644f197b7d28a356019c19b34ea68cbfa5c6b9a1 linux-cloud-tools-lowlatency_4.15.0.239.250_amd64.deb ed329b5c73d62f3412fabb3ff74187b4adc5359f linux-crashdump_4.15.0.239.250_amd64.deb 805def96c677bd5e0a47e3465e834fa7393305da linux-doc_4.15.0-239.250_all.deb c6aa2751ff5ccb7396ba54833978fbe6aa627c26 linux-generic_4.15.0.239.250_amd64.deb 7bba7f44e28d895a1e91d8dd0f2dfaa49e91e51d linux-headers-4.15.0-239-tuxcare.els27_4.15.0-239.250_all.deb 7394a8a1e22c0052e1c61c9a57ec70436807d5db linux-headers-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb ec2e37c30776b69f4d5181f10c87da23a629f540 linux-headers-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb cef4410f33ed9199cac5c55804462ee8cb1f0d20 linux-headers-generic_4.15.0.239.250_amd64.deb 5f05ab039155b016cfa90aff9396ea69f3156c86 linux-headers-lowlatency_4.15.0.239.250_amd64.deb 2f887a0f280af2944ab0ad485f126f2951650491 linux-image-generic_4.15.0.239.250_amd64.deb c9fefd25580fb23fedef411149290aeb5f5d9cde linux-image-lowlatency_4.15.0.239.250_amd64.deb d487d8893f6a4345f6766c5d5720cecae579b55f linux-image-unsigned-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 12368a82003ff32e4e6790560f6b0d456cf3c580 linux-image-unsigned-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 79c95649c8e769843733f4aa08597e4305f177bf linux-libc-dev_4.15.0-239.250_amd64.deb 76253cacf0dfb44854322bf04f9f8c5a307d6b31 linux-lowlatency_4.15.0.239.250_amd64.deb 42fda4fdf28303853f6b901800bf674a12e191d4 linux-modules-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 70095d231971d6598dbf7b7f31e6512abf6d1a3b linux-modules-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 52426fccda8307fe20e7dd3b515b15515e8ab1a2 linux-modules-extra-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 4383691a812141fc9f9d1a9a81b329d808427203 linux-source_4.15.0.239.250_all.deb 5985c68e1a0ff27c535e7df1ae9e987340a765e4 linux-source-4.15.0_4.15.0-239.250_all.deb 5d5533264fedeacbd9769b39092e3dc5b554556f linux-tools-4.15.0-239-tuxcare.els27_4.15.0-239.250_amd64.deb 40674681d6fdaf56b649442bca304e09ecdb81c0 linux-tools-4.15.0-239-tuxcare.els27-generic_4.15.0-239.250_amd64.deb 05364a05d2141217f81435a213bb5cc54d0a28eb linux-tools-4.15.0-239-tuxcare.els27-lowlatency_4.15.0-239.250_amd64.deb 27197fc949f1402dbcd1d1825ca658fb9ec373ab linux-tools-common_4.15.0-239.250_all.deb 16efe08a790a1544e911a446dfed32cdd942cd50 linux-tools-generic_4.15.0.239.250_amd64.deb 7a827ef59e5bbace85136b06076271b8b861ef5d linux-tools-host_4.15.0-239.250_all.deb 0749dbec49e817542589560ed23f3ffd92901912 linux-tools-lowlatency_4.15.0.239.250_amd64.deb 0b877367421101678e4acdb8aa03d61d841bb1f6 CLSA-2024:1729627812 TuxCare License Agreement 0 * SECURITY UPDATE: insecure configuration vulnerability - debian/patches/CVE-2024-8927.patch: fix bypass of cgi.force_redirect configuration - CVE-2024-8927 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insecure configuration vulnerability - debian/patches/CVE-2024-8927.patch: fix bypass of cgi.force_redirect configuration - CVE-2024-8927

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb cd0d0f020854568b4cecc050dbe1e27ccade0820 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb b25c9f424d4c6c457a37f3046711b46e460e7dbd php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_all.deb c9a3fc59a6bd7f00419ce73d7cecf1833d1a50ea php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb ca24cb9a089b99e7de466c547db48eb62b3a6be7 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb b1da8b0dfc295cdfe514683f8c32ca11f1635100 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 4a8948192cc4aad390ab037a0cf131581b21fe7c php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 93451f1f918a09a0d048246f4426c5ef8f560b65 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb eb29840a0a66d5c5c905f42ee73c36e72d225821 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb ae1bb980164003cec50871ffb5d2d73f7161f198 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb faf9b4743899c577de7fb2f19985aaf8a7a09ff9 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 2ced3a98b25965d0e14e5b38b18275788d2d05d0 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb bb5a1edc06f04e7d9cb81f00de6f91b501d7f7cf php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb b663b6e1b864a3fe44d56458b018cd730f87bd82 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb cf1cfd2348b93caa964e13ea75c45acd28e70138 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 9144c77ce6312c43e8403db4f99a1587524b3edc php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 7c762161583497a2ca293b7a7b8a0c4555b5e768 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 15bca530a15aef4a592d9237f4280981649e6681 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 24f839a8a1c6a82a6049290518000a814058ecb6 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 997efc3ecb245f4cadd6e2171505da4992e73087 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 6c9036d116c4c08f1056112965917dcd2d22c189 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb c82fa2b6a46c2d13b5cd351fd2cc03f11907751b php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 055e980710a6c4973ed1f009ea580a3e630235d6 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb a022eaeec1af029a90e7c52ba92e03aacf772901 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 299b7dd00aecfb4f3c480a9c3e3cf644e383ef4b php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb ec2ccb5b5e1e5d2598df09879b1dab2f7831697b php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb b55711a9cd3f16a94f3522b670207948ff667095 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 8abad9b316319961d2cd6246999025d0ab15a1d8 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 6ea8dfffe71bd3abded2fc9b5720c8f58758ab1f php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb d1895f2782ef35e86a30af59d140dfc197ef8b26 php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb a9d1c3f9b7000d9bb0b2e069228dc6e68e48db9e php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 7fc11a71453df7f52e455c85bc52e18277998b49 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb a71aca9702669800415a60865ee89e9027158be8 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb ae516ab37a828c425f0e32eb77496b7f7bfdb4b4 php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 43367789a2c24471e6542f1a12d825b23b16b497 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb c79d66d8a5e72f5371ff782aa7978e9aa9bbdce4 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb d3a2d1f2859719dd3ec3c17cfb50f42669fe4733 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_all.deb cd241272977dc2c1123f0e1848a68e9f9031a94c php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els6_amd64.deb 52ce57ed2891c553fd245f2f6a4a426fc4cfe2c0 CLSA-2024:1729628050 TuxCare License Agreement 0 * SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - debian/patches/fix-urllib2-test.patch: Fix error in test_issue16464() by rewriting it with a local HTTP server instead of an external resource - CVE-2023-27043 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - debian/patches/fix-urllib2-test.patch: Fix error in test_issue16464() by rewriting it with a local HTTP server instead of an external resource - CVE-2023-27043

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_all.deb f74444ea2d5263184e6c953efa0c4ee3b1cbe8ed libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb 646767bf1b2185544f1c916a89d10476d8c28776 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb fddbea6a8f38dced5abf14385b05148dfa2f39f4 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb 562bc46ae4a59f41e4ff7305437a1670efc3453e libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb 92c80de90f77d8315fa1fcd2248b2e50f5c4194d libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_all.deb efda92c5c0d5d1eaf1ead8797073ac3c3fb13619 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb 3f5cffca6bc1fc9445f1c67a40b9f7f175e826f9 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb b5c0e366d89855a7ec9c6df5270566459450acdc python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_all.deb 552aaa32515458e237655d6bd05010c1c9009737 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_all.deb 06ee620d9b7d779a6dc3da4727d1ad6f689a1d54 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb 24dec2af420d503d766455c122ff3ef2b706d0a1 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els8_amd64.deb 0ed1e488a3ceef1592ca8874f3be302b1eed3f81 CLSA-2024:1730133909 TuxCare License Agreement 0 * SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - CVE-2023-27043 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses() and parseaddr() functions - CVE-2023-27043

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_all.deb 7668836c9c16dd42586057c3abfc3ac07663782f libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb c300927fca089b3fe7684a54e54102b126116404 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb 4a78b2f81f94329dbaa620b08bb1eb8a05da91f3 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb ca3c1e8721f7ac3a9ac4e88e64da09ccf0b4e942 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb a557a3ea32499fe3d5eae0068063e6992462fcaf libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_all.deb 57c8a7a939873276f0ec6760b7de836bd71ec5a2 python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb de8dbb29eebd8b3317d865b6c3390d846a9efbba python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb 8a5f678c5144f8b90c496a1be16bf0b39f4ea11a python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_all.deb 416afbfd11736821e9133b87155e405bc86d802e python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_all.deb 46fb7020c2389bcc80117ef8ca3e9d55eef62e2e python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els10_amd64.deb cd33c195d5424dd96862b7bc3ccacd03ac10b60c CLSA-2024:1730227233 TuxCare License Agreement 0 * SECURITY UPDATE: prevent erroneous parsing - debian/patches/CVE-2024-8925.patch: limit boundary size to prevent erroneous parsing in multipart/form-data POST data - CVE-2024-8925 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: prevent erroneous parsing - debian/patches/CVE-2024-8925.patch: limit boundary size to prevent erroneous parsing in multipart/form-data POST data - CVE-2024-8925

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb e303ff4258b23114b4ffa2415abd13b1121a7e8c libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 1748cbb07717c025101c5310422576072a4e4ad8 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_all.deb e104ee417ab9b61b40fe58c0d40cdbed9c5704f8 php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 6e236f885fbf720f2eed7b31ed996cd216a125bd php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb a1ba6e3d3169aa93b794af1324e3c480e2319283 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 0de9460d8741974f00fa6320657d048a3492c5d8 php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 90afcfb3f5f23015b0cffc54f4be5644df2ef427 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 0fc423cb75360e27a459473b6fdcd36c397001c1 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 23f9c78778091f391b79a8122a02ae0d245ca571 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 4052d59d1171198ffa6c4e47e6a4f2fd50de0e7b php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 7ba2dedbe68eaf661550f8a584dc7354bc1782b9 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 2f13b71c8f2f5e9968c12fd3f791b4ffbdb8b91a php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 92c5b5a035165d6045abd7dbef3687612945435a php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb c8e665d9794fc091867c2614071a12302929ac05 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb ce87bdebe549f407a0df41d6849ffd60a2539ade php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 0863d1909fec8aa3038ac2abad12b8601796a705 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 08f1f3e909a5613840737817bc8b1d0d22346f77 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb ca59bfd70e0922d06689d2a8c1cd342eb129469b php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 850a72acf4d908781bad901641c9733959ca40c7 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb c297533e70dbb548b192d8b826ec2c54510556af php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb aadf7a9065a7b552a562016527b31210f6b4e548 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 5b75f9b68d00d41bfde242f57c6e5cdd457586a8 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 5cab1e3458a851d88d175b2af9b1c96f3ea92910 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb db069f4f71081bb98c97363b2d506a2426148219 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 3bebe1dd68f02de508503be09acfd82003642497 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb fff1a7c0021f14181ea026def45bac471ef6fab5 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 9fa9f319cbdfc802a63a76e28e325270643c7dea php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb f5f9db30aa4c3700083b637d8c3ccca1c4e3ca0a php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb a1b3fce484da8cbd6db93c0613dab09f91077abf php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 73ca9d4843a8e90f97d7675c858a3d1a62a25fb3 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 1dc2be34b0b6db431141b8aabec5d1b1a6a6860c php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb d7977b5284d64c4126ce25f810d5d3dd9c5ff7ae php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 59e29149d1f43ab23aceb4581a8f8023c9a16c6b php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb ca0aa80a178666695f614bbf4f35806030b70ad0 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 6ccf8916789bd72a26b3d8c03e59edc50f0f47e0 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 84656c4f4d51b26e34bccc7d1f70de7eeabd2e4a php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_all.deb 8b7e3154c8d57918b00bc1efe0d5f61340958406 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els7_amd64.deb 46bce5b386b20c4a8f12099270807c09e6b18c72 CLSA-2024:1730479456 TuxCare License Agreement 0 * SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els4_amd64.deb d2ffe28602ee8be23a8bf0afa432d7b5dfbb925e git-all_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb ba37ceaeba106e9b9fd0fd58003ee8407431aee6 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb e64e45f6221abc0e7597af602ea69d1b749fc553 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb 5e9cb57dc64ec3bb9becb7bef510bff20538a007 git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb 5e9366e41a4c94d3ff1947f70d068ad8fd4f7723 git-doc_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb c0781c6e1188a4eb476b631bec102b9128334941 git-el_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb 54500ef383b7f9bee006566b705812b31e985b08 git-email_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb 72e187eb9551b4a893a2b3f1f52d84a26e412663 git-gui_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb 946bd334b43ead1dd123493944617571e3d90be3 git-man_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb b4ee7405e319a2137640e8db1ce8f0b69c8bdeba git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb c916d197d32d1f2fcc995e9a1ccb82f80977925e git-svn_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb 0df00b6caa2fc22b2ee0e0a602b41d412da25dd8 gitk_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb af81269ef486caf76f527f3331cc358f9a90e910 gitweb_2.17.1-1ubuntu0.18+tuxcare.els4_all.deb ecde6807a601fcf0843cd1ae69be531366076798 CLSA-2024:1730479989 TuxCare License Agreement 0 * SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347

0 tuxcare-ubuntu18.04-els libnginx-mod-http-auth-pam_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 4ccc30677da8746ae309c9ce8bc64ff7740ab5ce libnginx-mod-http-cache-purge_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb fd3567eb6b7778d9e876bc96680f88980533eb91 libnginx-mod-http-dav-ext_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 195b60ae4d8a89b3eff0140471e5864f2cf72f2d libnginx-mod-http-echo_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 4b4446ee5ef87f161b3e86ee274a3274fe21dd73 libnginx-mod-http-fancyindex_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 7f692ddb1f4c983806b9dafa3da33d9eaed00010 libnginx-mod-http-geoip_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 3543802f60de92f58d17efca5f99c593e783d365 libnginx-mod-http-headers-more-filter_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb c11d11688fedde7b61e8744c454bf23d1845d47c libnginx-mod-http-image-filter_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 1f0ebc82da0a5ab9f1e66d32d35f3bda70fe8da3 libnginx-mod-http-lua_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 4c69dcc2fc16424110075785f5c276f163d1ce0d libnginx-mod-http-ndk_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 746a7ebc95049f6a4e141e7a5ab0603d15a8c565 libnginx-mod-http-perl_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb f6e241b5d1b83eeb5dc47497efac6a470265b8ff libnginx-mod-http-subs-filter_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 676d7820eda6e22d2849a86628dc274f674fb47f libnginx-mod-http-uploadprogress_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 2535e1ab1f15d0d6ad383e0817beef6f91f4c6ed libnginx-mod-http-upstream-fair_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 76d036e110ca3167d01fec0414b45b3697c6c843 libnginx-mod-http-xslt-filter_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 285b9b01cfcf6db70b81411ef88e692765c29e56 libnginx-mod-mail_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb e9990eb18bfcd217c3cfe164dedfa5112a0c75ca libnginx-mod-nchan_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 7a1a0621ef1b3fd121bfbd8cfc86157261779d2f libnginx-mod-rtmp_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb d1cc5b8f5995edd8bc2ddc68f38f1f9f8fe36258 libnginx-mod-stream_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb a0934cc2168be17aaadf0a9bb671764b67603b68 nginx_1.14.0-0ubuntu1.11+tuxcare.els2_all.deb 29b26aa09c0d47ce374131b3506e1f3312a37441 nginx-common_1.14.0-0ubuntu1.11+tuxcare.els2_all.deb 178ea24c7ed6559b961f3b3c53d711a98d11bcd6 nginx-core_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 6c0f46325b1d986c5b075b6cd3830f0bedbecdaf nginx-doc_1.14.0-0ubuntu1.11+tuxcare.els2_all.deb 3505a3e120e7350a412e69b72d09660b28b89213 nginx-extras_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb ec8818acde5e61b3de651dbde5a60c0a0d38e2cc nginx-full_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 52e949f7df0658a8d13a3de2dd90f05d8ea00728 nginx-light_1.14.0-0ubuntu1.11+tuxcare.els2_amd64.deb 3d97b4f8f001e2a1f47e782833118eb3adce58ab CLSA-2024:1730916816 TuxCare License Agreement 0 * Update ca-certificates database to 20240823: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.69. - The following certificates were updated: # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - The following certificates were removed: # Certificate "Security Communication Root CA" # Certificate "Autoridad de Certificacion Firmaprofesional" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "E-Tugra Global Root CA ECC v3" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20240823: - mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.69. - The following certificates were updated: # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - The following certificates were removed: # Certificate "Security Communication Root CA" # Certificate "Autoridad de Certificacion Firmaprofesional" # Certificate "E-Tugra Global Root CA RSA v3" # Certificate "E-Tugra Global Root CA ECC v3"

0 tuxcare-ubuntu18.04-els ca-certificates_20240823ubuntu0.18.04.1+tuxcare.els1_all.deb 06865bb770d76bd7080924edc6d1de317cbfb787 CLSA-2024:1730916930 TuxCare License Agreement 0 * Update ca-certificates database to 20240909: - mozilla\{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.70. - The following certificates were updated: # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "D-Trust SBR Root CA 1 2022" # Certificate "D-Trust SBR Root CA 2 2022" # Certificate "Telekom Security SMIME ECC Root 2021" # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security SMIME RSA Root 2023" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" # Certificate "TWCA CYBER Root CA" # Certificate "TWCA Global Root CA G2" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" - The following certificates were removed: # Certificate "Security Communication Root CA" # Certificate "Camerfirma Chambers of Commerce Root" # Certificate "Chambers of Commerce Root - 2008" # Certificate "Global Chambersign Root - 2008" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "E-Tugra Global Root CA RSA v3" # Duplicated certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20240909: - mozilla\{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.70. - The following certificates were updated: # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "D-Trust SBR Root CA 1 2022" # Certificate "D-Trust SBR Root CA 2 2022" # Certificate "Telekom Security SMIME ECC Root 2021" # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security SMIME RSA Root 2023" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" # Certificate "TWCA CYBER Root CA" # Certificate "TWCA Global Root CA G2" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" - The following certificates were removed: # Certificate "Security Communication Root CA" # Certificate "Camerfirma Chambers of Commerce Root" # Certificate "Chambers of Commerce Root - 2008" # Certificate "Global Chambersign Root - 2008" # Certificate "E-Tugra Global Root CA ECC v3" # Certificate "E-Tugra Global Root CA RSA v3" # Duplicated certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"

0 tuxcare-ubuntu18.04-els libnss3_3.35-2ubuntu2.16+tuxcare.els3_amd64.deb c0a645949951d06f8eddd27a8e58a0662b05db00 libnss3-dev_3.35-2ubuntu2.16+tuxcare.els3_amd64.deb 3dc37546bc3ed41b4f19d5d8155df329200d499d libnss3-tools_3.35-2ubuntu2.16+tuxcare.els3_amd64.deb 26a492cb491a8f02193259b1358ce93dff597e0e CLSA-2024:1730919636 TuxCare License Agreement 0 * SECURITY UPDATE: Race condition when hardlinking file from the source repository into the destination file in the target repository. - debian/patches/CVE-2024-32021.patch: builtin/clone: abort when hardlinked source and target file differ - CVE-2024-32021 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Race condition when hardlinking file from the source repository into the destination file in the target repository. - debian/patches/CVE-2024-32021.patch: builtin/clone: abort when hardlinked source and target file differ - CVE-2024-32021

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els5_amd64.deb e81d21459e06b39b4e4a02795a1ed9686d0731cb git-all_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 0d0bbd449268c226dcbbe1d16ef0f79dea5b9016 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb e51480284ea39f74b216a9bc4ed42255175fb9f9 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 67a5341f1e5cd034f23def3768091b0e8aecc6bf git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 4d54cbd37e24f2a7cb74c10d6ed8f85e89794caa git-doc_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb a49a1a27245d10977997ca22fac9b427f0a37319 git-el_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 1558d7636244aa73ae0d12ad5f2759913ffb69fa git-email_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 1c4612141984cd3e55ae0cabeeb5d4c1e5035bba git-gui_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 73181ddbac1fa638fa95b3f4ae3f81af080f3d3a git-man_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 3b730247a0b0f372563046699429cd9d27bea230 git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 24e15f71059a498c161b52617dc91a28904eddfd git-svn_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb d278fd20725aba03953e2715016a3e0a45e890c3 gitk_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb cce7c1c0e33910197f341b64364f2a11715bc85f gitweb_2.17.1-1ubuntu0.18+tuxcare.els5_all.deb 486671a4b2169571c2c8008ffdb0e08131567d66 CLSA-2024:1731345748 TuxCare License Agreement 0 * SECURITY UPDATE: The DNS message parsing code in `named` includes a section whose computational complexity is overly high - debian/patches/CVE-2023-4408.patch: refactoring parsing code - debian/libdns1100.symbols: some function declarations were removed according to the CVE-2023-4408.patch - CVE-2023-4408 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The DNS message parsing code in `named` includes a section whose computational complexity is overly high - debian/patches/CVE-2023-4408.patch: refactoring parsing code - debian/libdns1100.symbols: some function declarations were removed according to the CVE-2023-4408.patch - CVE-2023-4408

0 tuxcare-ubuntu18.04-els bind9_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb fc5d8f075fd09ff2ffce631688fd618c7723bd57 bind9-doc_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_all.deb acc109866270951e0c34b6f2d3f1efa0af4cd98b bind9-host_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 5f9b3d30e91f48102f2a894fc3e7e83181d21662 bind9utils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 422dc0b15a75b1c05d13bf483a475b8173a9b2bd dnsutils_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 5c34c1ac7b0a7e86937d53368b4e1e4d550ba2bb libbind-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 1e0213d2d4bb1a290c6cbd723ce464bb3f2407f5 libbind-export-dev_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 2ca75303fb2653fd76d25378b18567f812eea868 libbind9-160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 456df8a14b6fbb7770ccbb56184c3acf05227873 libdns-export1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 9b330b59c95fb846973b473dd964c5652361395d libdns1100_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 938638b44f0e6e6316e319bf3a50442099042c1b libirs-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 9cec2c383ebb778a30ecbdba20601dd6784d401e libirs160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 51908a2ad448553555890fefb73a35bbda024599 libisc-export169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 55b1d08063e7caed9558810e57891f3965178aec libisc169_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 4d07aae38ceb4a83c4354bb5b5e2378bfc98ef19 libisccc-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb a9a306ac696f3c91b909f48891ad4130ae8ae1cb libisccc160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb c97bbcdb6d3e5de587bd380cf7eede1287fa5db6 libisccfg-export160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 43859e1b55dd2c3b564d3586ff1274494f3e1c8e libisccfg160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 119612bae502ccbc06a46cc256def263ee35da60 liblwres160_9.11.3+dfsg-1ubuntu1.18+tuxcare.els6_amd64.deb 314f53a43b5933a661df84a0a9eb13d5dfaf15ee CLSA-2024:1731602566 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcm_sendmsg() for the same socket. * CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobject_uevent: Fix OOB access within zap_modalias_env() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-47663 - staging: iio: frequency: ad9833: Load clock using clock framework - staging: iio: frequency: ad9834: Validate frequency parameter value * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-44960 - usb: gadget: core: Check for unset descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-42297 - f2fs: fix to don't dirty inode for readonly filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46761 - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46679 - ethtool: check device is present when getting link settings * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-46685 - pinctrl: single: fix potential NULL dereference in pcs_get_function() * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-46677 - gtp: fix a potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-43861 - net: usb: qmi_wwan: fix memory leak for not ip packets * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-45006 - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration * CVE-url: https://ubuntu.com/security/CVE-2024-43853 - cgroup/cpuset: Prevent UAF in proc_cpuset_show() * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43860 - remoteproc: imx_rproc: Skip over memory region when node value is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-42289 - scsi: qla2xxx: During vport delete send async logout explicitly * CVE-url: https://ubuntu.com/security/CVE-2024-44995 - net: hns3: fix a deadlock problem when config TC during resetting * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-43871 - devres: Fix memory leakage caused by driver API devm_free_percpu() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: reject configurations that cause integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-47747 - net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-49981 - media: venus: fix use after free bug in venus_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-39476 - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-38611 - media: i2c: et8ek8: Don't strip remove function when driver is builtin Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcm_sendmsg() for the same socket. * CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobject_uevent: Fix OOB access within zap_modalias_env() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-47663 - staging: iio: frequency: ad9833: Load clock using clock framework - staging: iio: frequency: ad9834: Validate frequency parameter value * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-44960 - usb: gadget: core: Check for unset descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-42297 - f2fs: fix to don't dirty inode for readonly filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46761 - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46679 - ethtool: check device is present when getting link settings * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-46685 - pinctrl: single: fix potential NULL dereference in pcs_get_function() * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-46677 - gtp: fix a potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-43861 - net: usb: qmi_wwan: fix memory leak for not ip packets * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-45006 - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration * CVE-url: https://ubuntu.com/security/CVE-2024-43853 - cgroup/cpuset: Prevent UAF in proc_cpuset_show() * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43860 - remoteproc: imx_rproc: Skip over memory region when node value is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-42289 - scsi: qla2xxx: During vport delete send async logout explicitly * CVE-url: https://ubuntu.com/security/CVE-2024-44995 - net: hns3: fix a deadlock problem when config TC during resetting * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-43871 - devres: Fix memory leakage caused by driver API devm_free_percpu() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: reject configurations that cause integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-47747 - net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-49981 - media: venus: fix use after free bug in venus_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-39476 - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-38611 - media: i2c: et8ek8: Don't strip remove function when driver is builtin

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb c60e0751e84de3250af28530c0b505dc03bb52e8 linux-buildinfo-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb c13bfae70f81a96b985772298284f46c455b4ebd linux-cloud-tools-4.15.0-240-tuxcare.els28_4.15.0-240.251_amd64.deb 3ac49071669d428ca5211b0b482761b7fca8f376 linux-cloud-tools-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 37de310b1527ae52779323c0ff7a28f533a1b6d4 linux-cloud-tools-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb b5db9fa63e6f6b161e8632bbac2eea66319bbb7b linux-cloud-tools-common_4.15.0-240.251_all.deb 6bbd2349e65ac4c99338250e0bf0d536e1f62cb1 linux-cloud-tools-generic_4.15.0.240.251_amd64.deb 08be7cc57534ed56c5636be7ffcecb2f5ced4079 linux-cloud-tools-lowlatency_4.15.0.240.251_amd64.deb 13e2b81db3e92bb6042156fcf4ac6b255c94d392 linux-crashdump_4.15.0.240.251_amd64.deb b0fd4c04ef3ed95a4a47bf4cc70befd75fc37982 linux-doc_4.15.0-240.251_all.deb f435f0af99bca6ec3c5baf30c0ac79e89ab2e9bb linux-generic_4.15.0.240.251_amd64.deb 17422ab01fea46588d1c538be77f9f4f608c7f06 linux-headers-4.15.0-240-tuxcare.els28_4.15.0-240.251_all.deb 507f22d76ab81ce29787a264b7526f28cb5fcf39 linux-headers-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 59b2494c1524a9d53d2df53476df97db8cbea1f5 linux-headers-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb f5e9189ff4632c0a984353b377d9bb6bdf692114 linux-headers-generic_4.15.0.240.251_amd64.deb be7502d4feecbcb51d098dcb7d38a01438b706ec linux-headers-lowlatency_4.15.0.240.251_amd64.deb 2c21992095a964c4f6e1b28a97e949648ed03a14 linux-image-generic_4.15.0.240.251_amd64.deb 77f3bc81872b56eba4c357aed53db24a9a4bc310 linux-image-lowlatency_4.15.0.240.251_amd64.deb 0ce8feeff0ed218a0c6a1ba09afd8792a2725e0a linux-image-unsigned-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb aba8727e3fca30b3446c6c41dc36d6373fcca385 linux-image-unsigned-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb a6fd4227efead7e71c40b9f0ea1781b5d4a76452 linux-libc-dev_4.15.0-240.251_amd64.deb 09bd246ee5dc8cfa40e98383f84d6ff7f9e7922e linux-lowlatency_4.15.0.240.251_amd64.deb 5695bf38b2e6aa40a5eea7271cdb6a6c46988359 linux-modules-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb c2bb38e68eb79fbd5bfb69f73820df07e9841167 linux-modules-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb a2070e48fa761adccda5bd730ea56e6e509d2f40 linux-modules-extra-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 8eda36529392ff71406390fd50883fe40c951ed6 linux-source_4.15.0.240.251_all.deb e2a5e75f5a9c5b7dc53e2fad177bf83f363062fc linux-source-4.15.0_4.15.0-240.251_all.deb 5c64264a723d75ffa1490baaa2bcd5c826e813da linux-tools-4.15.0-240-tuxcare.els28_4.15.0-240.251_amd64.deb 4d4bcd23a2c051b685d7acddc789599c7909990a linux-tools-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 532ccc38f9aefb3d3cdb624bb999ed1857b772f2 linux-tools-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb bef6287d17850d8445c6a833aaafb31aa8b99ad3 linux-tools-common_4.15.0-240.251_all.deb 8d47ecdef5b42d148a22819954448e1e16ef3d99 linux-tools-generic_4.15.0.240.251_amd64.deb 5f75226e992daea1540171db7f7ba215ea7bf7ee linux-tools-host_4.15.0-240.251_all.deb ef8ed05d4ad41f1954e276a6e55e68733c9bec6c linux-tools-lowlatency_4.15.0.240.251_amd64.deb 5e90f13dd758f4bd0c00f9ee8ebcae8c724135b2 CLSA-2024:1731603213 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcm_sendmsg() for the same socket. * CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobject_uevent: Fix OOB access within zap_modalias_env() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-47663 - staging: iio: frequency: ad9833: Load clock using clock framework - staging: iio: frequency: ad9834: Validate frequency parameter value * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-44960 - usb: gadget: core: Check for unset descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-42297 - f2fs: fix to don't dirty inode for readonly filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46761 - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46679 - ethtool: check device is present when getting link settings * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-46685 - pinctrl: single: fix potential NULL dereference in pcs_get_function() * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-46677 - gtp: fix a potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-43861 - net: usb: qmi_wwan: fix memory leak for not ip packets * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-45006 - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration * CVE-url: https://ubuntu.com/security/CVE-2024-43853 - cgroup/cpuset: Prevent UAF in proc_cpuset_show() * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43860 - remoteproc: imx_rproc: Skip over memory region when node value is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-42289 - scsi: qla2xxx: During vport delete send async logout explicitly * CVE-url: https://ubuntu.com/security/CVE-2024-44995 - net: hns3: fix a deadlock problem when config TC during resetting * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-43871 - devres: Fix memory leakage caused by driver API devm_free_percpu() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: reject configurations that cause integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-47747 - net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-49981 - media: venus: fix use after free bug in venus_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-39476 - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-38611 - media: i2c: et8ek8: Don't strip remove function when driver is builtin Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcm_sendmsg() for the same socket. * CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobject_uevent: Fix OOB access within zap_modalias_env() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions * CVE-url: https://ubuntu.com/security/CVE-2024-50036 - net: do not delay dst_entries_add() in dst_release() * CVE-url: https://ubuntu.com/security/CVE-2024-47663 - staging: iio: frequency: ad9833: Load clock using clock framework - staging: iio: frequency: ad9834: Validate frequency parameter value * CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function * CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci: cx23885: check cx23885_vdev_init() return * CVE-url: https://ubuntu.com/security/CVE-2024-44960 - usb: gadget: core: Check for unset descriptor * CVE-url: https://ubuntu.com/security/CVE-2024-42297 - f2fs: fix to don't dirty inode for readonly filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-46750 - PCI: Add missing bridge lock to pci_bus_lock() * CVE-url: https://ubuntu.com/security/CVE-2024-46676 - nfc: pn533: Add poll mod list filling check * CVE-url: https://ubuntu.com/security/CVE-2024-46761 - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv * CVE-url: https://ubuntu.com/security/CVE-2024-46755 - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() * CVE-url: https://ubuntu.com/security/CVE-2024-46679 - ethtool: check device is present when getting link settings * CVE-url: https://ubuntu.com/security/CVE-2024-46721 - apparmor: fix possible NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-46685 - pinctrl: single: fix potential NULL dereference in pcs_get_function() * CVE-url: https://ubuntu.com/security/CVE-2024-44947 - fuse: Initialize beyond-EOF page contents before setting uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-46675 - usb: dwc3: core: Prevent USB core invalid event buffer address access * CVE-url: https://ubuntu.com/security/CVE-2024-43893 - serial: core: check uartclk for zero to avoid divide by zero * CVE-url: https://ubuntu.com/security/CVE-2024-45021 - memcg_write_event_control(): fix a user-triggerable oops * CVE-url: https://ubuntu.com/security/CVE-2024-46677 - gtp: fix a potential NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-43861 - net: usb: qmi_wwan: fix memory leak for not ip packets * CVE-url: https://ubuntu.com/security/CVE-2024-41063 - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() * CVE-url: https://ubuntu.com/security/CVE-2024-45006 - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration * CVE-url: https://ubuntu.com/security/CVE-2024-43853 - cgroup/cpuset: Prevent UAF in proc_cpuset_show() * CVE-url: https://ubuntu.com/security/CVE-2024-42310 - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-42311 - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() * CVE-url: https://ubuntu.com/security/CVE-2024-41012 - filelock: Remove locks reliably when fcntl/close race is detected * CVE-url: https://ubuntu.com/security/CVE-2024-45028 - mmc: mmc_test: Fix NULL dereference on allocation failure * CVE-url: https://ubuntu.com/security/CVE-2024-43860 - remoteproc: imx_rproc: Skip over memory region when node value is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-43914 - md/raid5: avoid BUG_ON() while continue reshape after reassembling * CVE-url: https://ubuntu.com/security/CVE-2024-45025 - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE * CVE-url: https://ubuntu.com/security/CVE-2024-43856 - dma: fix call order in dmam_free_coherent * CVE-url: https://ubuntu.com/security/CVE-2024-42289 - scsi: qla2xxx: During vport delete send async logout explicitly * CVE-url: https://ubuntu.com/security/CVE-2024-44995 - net: hns3: fix a deadlock problem when config TC during resetting * CVE-url: https://ubuntu.com/security/CVE-2024-43854 - block: initialize integrity buffer to zero before writing it to media * CVE-url: https://ubuntu.com/security/CVE-2024-43884 - Bluetooth: MGMT: Add error handling to pair_device() * CVE-url: https://ubuntu.com/security/CVE-2024-43871 - devres: Fix memory leakage caused by driver API devm_free_percpu() * CVE-url: https://ubuntu.com/security/CVE-2024-42309 - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes * CVE-url: https://ubuntu.com/security/CVE-2024-26668 - netfilter: nft_limit: reject configurations that cause integer overflow * CVE-url: https://ubuntu.com/security/CVE-2024-50044 - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change * CVE-url: https://ubuntu.com/security/CVE-2024-49967 - ext4: no need to continue when the number of entries is 1 * CVE-url: https://ubuntu.com/security/CVE-2024-50033 - slip: make slhc_remember() more robust against malicious packets * CVE-url: https://ubuntu.com/security/CVE-2024-47670 - ocfs2: add bounds checking to ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-49950 - Bluetooth: L2CAP: Fix uaf in l2cap_connect * CVE-url: https://ubuntu.com/security/CVE-2024-49883 - ext4: aovid use-after-free in ext4_ext_insert_extent() * CVE-url: https://ubuntu.com/security/CVE-2024-47745 - mm: call the security_mmap_file() LSM hook in remap_file_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-49860 - ACPI: sysfs: validate return type of _STR method * CVE-url: https://ubuntu.com/security/CVE-2024-49882 - ext4: fix double brelse() the buffer of the extents path * CVE-url: https://ubuntu.com/security/CVE-2024-49995 - tipc: guard against string buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-47723 - jfs: fix out-of-bounds in dbNextAG() and diAlloc() * CVE-url: https://ubuntu.com/security/CVE-2024-50055 - driver core: bus: Fix double free in driver API bus_register() * CVE-url: https://ubuntu.com/security/CVE-2024-47698 - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-49026 - e100: Fix possible use after free in e100_xmit_prepare * CVE-url: https://ubuntu.com/security/CVE-2024-47742 - firmware_loader: Block path traversal * CVE-url: https://ubuntu.com/security/CVE-2024-50035 - ppp: fix ppp_async_encode() illegal access * CVE-url: https://ubuntu.com/security/CVE-2024-47757 - nilfs2: fix potential oob read in nilfs_btree_check_delete() * CVE-url: https://ubuntu.com/security/CVE-2024-49884 - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - ext4: fix slab-use-after-free in ext4_split_extent_at() * CVE-url: https://ubuntu.com/security/CVE-2022-49006 - tracing: Free buffers when a used dynamic event is removed * CVE-url: https://ubuntu.com/security/CVE-2024-49903 - jfs: Fix uaf in dbFreeBits * CVE-url: https://ubuntu.com/security/CVE-2024-47701 - ext4: avoid OOB when system.data xattr changes underneath the filesystem * CVE-url: https://ubuntu.com/security/CVE-2024-49889 - ext4: avoid use-after-free in ext4_ext_show_leaf() * CVE-url: https://ubuntu.com/security/CVE-2024-50073 - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux * CVE-url: https://ubuntu.com/security/CVE-2024-47747 - net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition * CVE-url: https://ubuntu.com/security/CVE-2024-49900 - jfs: Fix uninit-value access of new_ea in ea_buffer * CVE-url: https://ubuntu.com/security/CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error * CVE-url: https://ubuntu.com/security/CVE-2022-48951 - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() * CVE-url: https://ubuntu.com/security/CVE-2024-49981 - media: venus: fix use after free bug in venus_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2024-43839 - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures * CVE-url: https://ubuntu.com/security/CVE-2024-47659 - smack: tcp: ipv4, fix incorrect labeling * CVE-url: https://ubuntu.com/security/CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() * CVE-url: https://ubuntu.com/security/CVE-2024-39476 - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING * CVE-url: https://ubuntu.com/security/CVE-2024-27397 - netfilter: nf_tables: use timestamp to check for set element timeout - netfilter: nf_tables: annotate data-races around element expiration - netfilter: nf_tables: support timeouts larger than 23 days * CVE-url: https://ubuntu.com/security/CVE-2024-26641 - net: Fix unwanted sign extension in netdev_stats_to_stats64() - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() * CVE-url: https://ubuntu.com/security/CVE-2024-38611 - media: i2c: et8ek8: Don't strip remove function when driver is builtin

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb c60e0751e84de3250af28530c0b505dc03bb52e8 linux-buildinfo-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb c13bfae70f81a96b985772298284f46c455b4ebd linux-cloud-tools-4.15.0-240-tuxcare.els28_4.15.0-240.251_amd64.deb 3ac49071669d428ca5211b0b482761b7fca8f376 linux-cloud-tools-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 37de310b1527ae52779323c0ff7a28f533a1b6d4 linux-cloud-tools-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb b5db9fa63e6f6b161e8632bbac2eea66319bbb7b linux-cloud-tools-common_4.15.0-240.251_all.deb 6bbd2349e65ac4c99338250e0bf0d536e1f62cb1 linux-cloud-tools-generic_4.15.0.240.251_amd64.deb 08be7cc57534ed56c5636be7ffcecb2f5ced4079 linux-cloud-tools-lowlatency_4.15.0.240.251_amd64.deb 13e2b81db3e92bb6042156fcf4ac6b255c94d392 linux-crashdump_4.15.0.240.251_amd64.deb b0fd4c04ef3ed95a4a47bf4cc70befd75fc37982 linux-doc_4.15.0-240.251_all.deb f435f0af99bca6ec3c5baf30c0ac79e89ab2e9bb linux-generic_4.15.0.240.251_amd64.deb 17422ab01fea46588d1c538be77f9f4f608c7f06 linux-headers-4.15.0-240-tuxcare.els28_4.15.0-240.251_all.deb 507f22d76ab81ce29787a264b7526f28cb5fcf39 linux-headers-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 59b2494c1524a9d53d2df53476df97db8cbea1f5 linux-headers-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb f5e9189ff4632c0a984353b377d9bb6bdf692114 linux-headers-generic_4.15.0.240.251_amd64.deb be7502d4feecbcb51d098dcb7d38a01438b706ec linux-headers-lowlatency_4.15.0.240.251_amd64.deb 2c21992095a964c4f6e1b28a97e949648ed03a14 linux-image-generic_4.15.0.240.251_amd64.deb 77f3bc81872b56eba4c357aed53db24a9a4bc310 linux-image-lowlatency_4.15.0.240.251_amd64.deb 0ce8feeff0ed218a0c6a1ba09afd8792a2725e0a linux-image-unsigned-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb aba8727e3fca30b3446c6c41dc36d6373fcca385 linux-image-unsigned-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb a6fd4227efead7e71c40b9f0ea1781b5d4a76452 linux-libc-dev_4.15.0-240.251_amd64.deb 09bd246ee5dc8cfa40e98383f84d6ff7f9e7922e linux-lowlatency_4.15.0.240.251_amd64.deb 5695bf38b2e6aa40a5eea7271cdb6a6c46988359 linux-modules-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb c2bb38e68eb79fbd5bfb69f73820df07e9841167 linux-modules-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb a2070e48fa761adccda5bd730ea56e6e509d2f40 linux-modules-extra-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 8eda36529392ff71406390fd50883fe40c951ed6 linux-source_4.15.0.240.251_all.deb e2a5e75f5a9c5b7dc53e2fad177bf83f363062fc linux-source-4.15.0_4.15.0-240.251_all.deb 5c64264a723d75ffa1490baaa2bcd5c826e813da linux-tools-4.15.0-240-tuxcare.els28_4.15.0-240.251_amd64.deb 4d4bcd23a2c051b685d7acddc789599c7909990a linux-tools-4.15.0-240-tuxcare.els28-generic_4.15.0-240.251_amd64.deb 532ccc38f9aefb3d3cdb624bb999ed1857b772f2 linux-tools-4.15.0-240-tuxcare.els28-lowlatency_4.15.0-240.251_amd64.deb bef6287d17850d8445c6a833aaafb31aa8b99ad3 linux-tools-common_4.15.0-240.251_all.deb 8d47ecdef5b42d148a22819954448e1e16ef3d99 linux-tools-generic_4.15.0.240.251_amd64.deb 5f75226e992daea1540171db7f7ba215ea7bf7ee linux-tools-host_4.15.0-240.251_all.deb ef8ed05d4ad41f1954e276a6e55e68733c9bec6c linux-tools-lowlatency_4.15.0.240.251_amd64.deb 5e90f13dd758f4bd0c00f9ee8ebcae8c724135b2 CLSA-2024:1732194412 TuxCare License Agreement 0 * Update to 8u432-ga fixing a number of CVEs - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: infinite loop vunlerability in SymbolTable - CVE-2024-21140: int overflow/underflow in Range Check Elimination - CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: out-of-bounds access in MaskFill - CVE-2024-21147: out-of-bounds array index in Range Check Elimination - CVE-2024-21208: improper handling of maxHeaderSize in HTTP client - CVE-2024-21210: integer overflow in array indexing in SuperWord - CVE-2024-21217: out-of-memory because of unbounded allocation in MessageFormat - CVE-2024-21235: incorrect range check because of integer conversion error in LoopNode * Update patches - debian/patches/zero-sh.diff * Remove patches that became part of the update - debian/patches/CVE-2024-21011.patch - debian/patches/CVE-2024-21068.patch - debian/patches/CVE-2024-21085.patch - debian/patches/CVE-2024-21094.patch Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update to 8u432-ga fixing a number of CVEs - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: infinite loop vunlerability in SymbolTable - CVE-2024-21140: int overflow/underflow in Range Check Elimination - CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: out-of-bounds access in MaskFill - CVE-2024-21147: out-of-bounds array index in Range Check Elimination - CVE-2024-21208: improper handling of maxHeaderSize in HTTP client - CVE-2024-21210: integer overflow in array indexing in SuperWord - CVE-2024-21217: out-of-memory because of unbounded allocation in MessageFormat - CVE-2024-21235: incorrect range check because of integer conversion error in LoopNode * Update patches - debian/patches/zero-sh.diff * Remove patches that became part of the update - debian/patches/CVE-2024-21011.patch - debian/patches/CVE-2024-21068.patch - debian/patches/CVE-2024-21085.patch - debian/patches/CVE-2024-21094.patch

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u432-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 1662dc28074706ccb900ff60031c547961d55089 openjdk-8-doc_8u432-ga-0ubuntu1~18.04+tuxcare.els1_all.deb cd792210b28ef1e01961ebe6740f73036ae41c61 openjdk-8-jdk_8u432-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 13eeb1e9722dfb343a84b2a23006aebf9e0d7bfa openjdk-8-jdk-headless_8u432-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb f852ed8095e8e19db3ec4e0d6996a32eb5d5e103 openjdk-8-jre_8u432-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 6afca9685cc7b275e37b5d0c7a4c7668b2456398 openjdk-8-jre-headless_8u432-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 4218941a862765d087e55adf04ef78d75aeeb948 openjdk-8-jre-zero_8u432-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 19152d9d570b14ef74974c91bed07c7382789abc openjdk-8-source_8u432-ga-0ubuntu1~18.04+tuxcare.els1_all.deb 350d994b8ff3cf4b4a8405c05d9cbdfae0c19447 CLSA-2024:1732555216 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer overflow due to off-by-one error in gsocks4aproxy.c - debian/patches/CVE-2024-52533.patch: Fix single byte buffer overflow in connect messages due to incorrect calculation in SOCKS4_CONN_MSG_LEN - CVE-2024-52533 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overflow due to off-by-one error in gsocks4aproxy.c - debian/patches/CVE-2024-52533.patch: Fix single byte buffer overflow in connect messages due to incorrect calculation in SOCKS4_CONN_MSG_LEN - CVE-2024-52533

0 tuxcare-ubuntu18.04-els libglib2.0-0_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_amd64.deb ca17bd0b0111785cb9fde42edc305613ffc42f2a libglib2.0-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_amd64.deb 598b81ba70453f816bc44389cf44e43875d3c9bd libglib2.0-data_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_all.deb 058f22b4caf98afb35493f4da57dcd11e0253d79 libglib2.0-dev_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_amd64.deb 459070720382e1a076f48daad85427cf60ab11d3 libglib2.0-dev-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_amd64.deb 473bc56f44d62385c3411813f0f6cb74233f1e1d libglib2.0-doc_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_all.deb e3520c15f9c945879bb6216faed6dd420edcd5b2 libglib2.0-tests_2.56.4-0ubuntu0.18.04.9+tuxcare.els2_amd64.deb e56a0caa5f735f1f947791aa68309ffef25d5859 CLSA-2024:1732637149 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service vulnerability - debian/patches/CVE-2024-23672.patch: refactor WebSocket close for suspend/resume to ensure WebSocket connection closure completes - CVE-2024-23672 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service vulnerability - debian/patches/CVE-2024-23672.patch: refactor WebSocket close for suspend/resume to ensure WebSocket connection closure completes - CVE-2024-23672

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb bf9656ae87cb59889b26d9b450afd53a575c376a libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb 7e6d9a5d0247afe31922d0d799916ceba6f6ef4c tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb 5fb15481fcdb6924ae662b5a1f4ca91a7fd6f0e2 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb 127931b48be3844b6056bdb76bfd1f188746c8cd tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb 54edc9825fdacc4791ee9714b94a19f1934ecc44 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb d591cfc5ea549aa0844161f5414247e9b0111aca tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb 3c56e7b6abbd354605abb012adc8fffb05c037e1 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els6_all.deb aea6fc95da3c0c19cb88f7134bb66229274b96e7 CLSA-2024:1732699822 TuxCare License Agreement 0 * SECURITY UPDATE: Fix DoS by a trusted server by disable ESI - CVE-2024-45802 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix DoS by a trusted server by disable ESI - CVE-2024-45802

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els8_amd64.deb cf1f37dcd6e0552539d1efadf89777f4e8746d96 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els8_amd64.deb 1e3a41bc672539fa2b83aa8f116ffd559fd1def6 squid-common_3.5.27-1ubuntu1.14+tuxcare.els8_all.deb 835f0e8798ee75d2cdd28590c2b35401f256d1af squid-purge_3.5.27-1ubuntu1.14+tuxcare.els8_amd64.deb 635a4aae925e61616e046ba078aad8d095af41fe squid3_3.5.27-1ubuntu1.14+tuxcare.els8_all.deb c9f855555b73bf1070138e60cda392f64042036b squidclient_3.5.27-1ubuntu1.14+tuxcare.els8_amd64.deb 4e6ee2c97c44f43bd4e622bf2f9976df9a38e935 CLSA-2024:1732701424 TuxCare License Agreement 0 * SECURITY UPDATE: DoS via incomplete cleanup vulnerability - debian/patches/CVE-2024-23672.patch: refactor WebSocket close for suspend/resume to ensure connection closure completes - CVE-2024-23672 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DoS via incomplete cleanup vulnerability - debian/patches/CVE-2024-23672.patch: refactor WebSocket close for suspend/resume to ensure connection closure completes - CVE-2024-23672

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb 48c2cefe2a12bd5228e8d289eae99723c9dd7977 libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb fd7cee95566231b2e867e19885f879b4ca31aec6 tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb 99414825c2a43a1830877b1d30f879f064aee049 tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb a7eb655e070cb95352143a11f2cb51ff4da6c060 tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb 6fa9f3143561a7a23106d944a42828cd79c3057a tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb 626f94c3d8d55051911734850f265fa6289e36a4 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb eca527b7cc8becff4ed0743602ca8cb704df1117 tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els7_all.deb cc1173453903c318b9180ea15f9c51b24ba0ab4e CLSA-2024:1733246466 TuxCare License Agreement 0 * SECURITY UPDATE: Race condition allows local attackers to execute arbitrary code as root - debian/patches/CVE-2024-48991.patch: Prevent race condition on /proc/$PID/exec evaluation by synchronizing $exe with the initial value from Proc:ProcessTable - CVE-2024-48991 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Race condition allows local attackers to execute arbitrary code as root - debian/patches/CVE-2024-48991.patch: Prevent race condition on /proc/$PID/exec evaluation by synchronizing $exe with the initial value from Proc:ProcessTable - CVE-2024-48991

0 tuxcare-ubuntu18.04-els needrestart_3.1-1ubuntu0.1+tuxcare.els3_all.deb ac254edc08fa9debd4a38ac0fb81d96553d03c9d CLSA-2024:1733429722 TuxCare License Agreement 0 * SECURITY UPDATE: Arbitrary code execution via manipulated RUBYLIB environment variable - debian/patches/CVE-2024-48992.patch: Prevent script from setting RUBYLIB environment variable to avoid LPE - CVE-2024-48992 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Arbitrary code execution via manipulated RUBYLIB environment variable - debian/patches/CVE-2024-48992.patch: Prevent script from setting RUBYLIB environment variable to avoid LPE - CVE-2024-48992

0 tuxcare-ubuntu18.04-els needrestart_3.1-1ubuntu0.1+tuxcare.els4_all.deb a89650fe5e7fb60685a14b44466f758dda656633 CLSA-2024:1733483766 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-49992 - drm: remove all control node code - drm: add managed resources tied to drm_device - drm: Set final_kfree in drm_dev_alloc - drm/plane: add drmm_universal_plane_alloc() - drm: Handle dev->unique with drmm_ - drm: Use drmm_ for drm_dev_init cleanup - drm: manage drm_minor cleanup with drmm_ - drm/stm: Avoid use-after-free issues with crtc and plane * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Fix buffer overflow in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-49992 - drm: remove all control node code - drm: add managed resources tied to drm_device - drm: Set final_kfree in drm_dev_alloc - drm/plane: add drmm_universal_plane_alloc() - drm: Handle dev->unique with drmm_ - drm: Use drmm_ for drm_dev_init cleanup - drm: manage drm_minor cleanup with drmm_ - drm/stm: Avoid use-after-free issues with crtc and plane * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Fix buffer overflow in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb dde9ebe5acf636776c0719cbdf65ab46c0ecc426 linux-buildinfo-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 5556de0ad0fa2cb01945b61b92fc0044b1a809c0 linux-cloud-tools-4.15.0-241-tuxcare.els29_4.15.0-241.252_amd64.deb 3dbbe4a24158423a1fd81f73857a76969a448b3b linux-cloud-tools-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb 939cc1b393b6eca7c7cd8ff240b41c86b8d8b1e6 linux-cloud-tools-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 4f8757b277cc82636753d9e02e3d735bf2586d6b linux-cloud-tools-common_4.15.0-241.252_all.deb 56559c01cfc4cdb3ea86976e5f1e3c6f8cc38662 linux-cloud-tools-generic_4.15.0.241.252_amd64.deb ccbb7c592f251f941b6066d9c6573499ec0c1399 linux-cloud-tools-lowlatency_4.15.0.241.252_amd64.deb c8bcb438a0a6a4ee9b4d98076d1f9bd8d28494b0 linux-crashdump_4.15.0.241.252_amd64.deb e5309c8f1061037a34029f50a024173fdf86f2c1 linux-doc_4.15.0-241.252_all.deb 92ccbcc0bcfc24cd42d48d1e2add63f39a0b68cc linux-generic_4.15.0.241.252_amd64.deb ccc673ad1b86e8e36f98255e9a2de9c8cca1f725 linux-headers-4.15.0-241-tuxcare.els29_4.15.0-241.252_all.deb 767429d9f3549412388d468eab9971ee433e444f linux-headers-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb a97ec94d5e799f603a7c3945761d10b6e8fcee2b linux-headers-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 8e993ba61df3905ad59b50263298912a7f0d95b7 linux-headers-generic_4.15.0.241.252_amd64.deb af3677792b9c537ad5de53cbe08dd09b53cbe343 linux-headers-lowlatency_4.15.0.241.252_amd64.deb dbd60b43a2888ada89856ce43c221de1ca30fcd9 linux-image-generic_4.15.0.241.252_amd64.deb 860ecd5d81cf63593f78c83b9f33158d158ddeda linux-image-lowlatency_4.15.0.241.252_amd64.deb 37c4c74587852c26faa722c925faa7a2b2c068e5 linux-image-unsigned-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb d58ef3274febbc07f9132c205a22972e866600fb linux-image-unsigned-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb ea885736faa2064c4236ea83e06e9c63cb079a3f linux-libc-dev_4.15.0-241.252_amd64.deb 511b93909530a9d6d83349f8baf1f67d00204621 linux-lowlatency_4.15.0.241.252_amd64.deb 0f9470e076bd4b30b581d8520790f32ad95aa01c linux-modules-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb 0e0590d46870cb0d5d0f713ee6ba29767d9c5220 linux-modules-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 50fc70ccca684d685a4a78c41e06538632cb2b69 linux-modules-extra-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb d0c6bba37b0a8f77bb333d82d4d39b0fdb6f1f97 linux-source_4.15.0.241.252_all.deb 088f8eb4bf08c3e7a85acbd9af55f68b957aa7a2 linux-source-4.15.0_4.15.0-241.252_all.deb 8dfadf3c085e4fa2ca197f5f75bd57a42cea6e8d linux-tools-4.15.0-241-tuxcare.els29_4.15.0-241.252_amd64.deb 40c05f37447701e2af87abcb54f0194d3360d898 linux-tools-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb e28ddaef69f9fe5886e3b66a4d5a489286ca6460 linux-tools-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 4b33b17d5c8d5f53421628a00e41ff8217d27d3b linux-tools-common_4.15.0-241.252_all.deb 5e64b512a17557c61727243a34a05a5cf25b17f2 linux-tools-generic_4.15.0.241.252_amd64.deb 2e16bf5497cd5c58d9a3bd4b5902c9bf1a9c1f4b linux-tools-host_4.15.0-241.252_all.deb 34c79d8d30f53a46ba85ac93e548d19cb1f7f155 linux-tools-lowlatency_4.15.0.241.252_amd64.deb 6ec883f145ec8aa066ce82067adbf5501e311781 CLSA-2024:1733483945 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-49992 - drm: remove all control node code - drm: add managed resources tied to drm_device - drm: Set final_kfree in drm_dev_alloc - drm/plane: add drmm_universal_plane_alloc() - drm: Handle dev->unique with drmm_ - drm: Use drmm_ for drm_dev_init cleanup - drm: manage drm_minor cleanup with drmm_ - drm/stm: Avoid use-after-free issues with crtc and plane * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Fix buffer overflow in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-49992 - drm: remove all control node code - drm: add managed resources tied to drm_device - drm: Set final_kfree in drm_dev_alloc - drm/plane: add drmm_universal_plane_alloc() - drm: Handle dev->unique with drmm_ - drm: Use drmm_ for drm_dev_init cleanup - drm: manage drm_minor cleanup with drmm_ - drm/stm: Avoid use-after-free issues with crtc and plane * CVE-url: https://ubuntu.com/security/CVE-2023-52531 - wifi: iwlwifi: mvm: Fix a memory corruption issue * CVE-url: https://ubuntu.com/security/CVE-2024-35877 - mm: introduce page_needs_cow_for_dma() for deciding whether cow - x86/mm/pat: fix VM_PAT handling in COW mappings * CVE-url: https://ubuntu.com/security/CVE-2023-52578 - net: bridge: use DEV_STATS_INC() * CVE-url: https://ubuntu.com/security/CVE-2024-42240 - x86/bhi: Avoid warning in #DB handler due to BHI mitigation * CVE-url: https://ubuntu.com/security/CVE-2022-48938 - CDC-NCM: avoid overflow in sanity checking * CVE-url: https://ubuntu.com/security/CVE-2023-52502 - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() * CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64_to_msecs() - PM / devfreq: Fix buffer overflow in trans_stat_show * CVE-url: https://ubuntu.com/security/CVE-2024-50067 - uprobe: avoid out-of-bounds memory access of fetching args

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb dde9ebe5acf636776c0719cbdf65ab46c0ecc426 linux-buildinfo-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 5556de0ad0fa2cb01945b61b92fc0044b1a809c0 linux-cloud-tools-4.15.0-241-tuxcare.els29_4.15.0-241.252_amd64.deb 3dbbe4a24158423a1fd81f73857a76969a448b3b linux-cloud-tools-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb 939cc1b393b6eca7c7cd8ff240b41c86b8d8b1e6 linux-cloud-tools-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 4f8757b277cc82636753d9e02e3d735bf2586d6b linux-cloud-tools-common_4.15.0-241.252_all.deb 56559c01cfc4cdb3ea86976e5f1e3c6f8cc38662 linux-cloud-tools-generic_4.15.0.241.252_amd64.deb ccbb7c592f251f941b6066d9c6573499ec0c1399 linux-cloud-tools-lowlatency_4.15.0.241.252_amd64.deb c8bcb438a0a6a4ee9b4d98076d1f9bd8d28494b0 linux-crashdump_4.15.0.241.252_amd64.deb e5309c8f1061037a34029f50a024173fdf86f2c1 linux-doc_4.15.0-241.252_all.deb 92ccbcc0bcfc24cd42d48d1e2add63f39a0b68cc linux-generic_4.15.0.241.252_amd64.deb ccc673ad1b86e8e36f98255e9a2de9c8cca1f725 linux-headers-4.15.0-241-tuxcare.els29_4.15.0-241.252_all.deb 767429d9f3549412388d468eab9971ee433e444f linux-headers-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb a97ec94d5e799f603a7c3945761d10b6e8fcee2b linux-headers-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 8e993ba61df3905ad59b50263298912a7f0d95b7 linux-headers-generic_4.15.0.241.252_amd64.deb af3677792b9c537ad5de53cbe08dd09b53cbe343 linux-headers-lowlatency_4.15.0.241.252_amd64.deb dbd60b43a2888ada89856ce43c221de1ca30fcd9 linux-image-generic_4.15.0.241.252_amd64.deb 860ecd5d81cf63593f78c83b9f33158d158ddeda linux-image-lowlatency_4.15.0.241.252_amd64.deb 37c4c74587852c26faa722c925faa7a2b2c068e5 linux-image-unsigned-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb d58ef3274febbc07f9132c205a22972e866600fb linux-image-unsigned-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb ea885736faa2064c4236ea83e06e9c63cb079a3f linux-libc-dev_4.15.0-241.252_amd64.deb 511b93909530a9d6d83349f8baf1f67d00204621 linux-lowlatency_4.15.0.241.252_amd64.deb 0f9470e076bd4b30b581d8520790f32ad95aa01c linux-modules-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb 0e0590d46870cb0d5d0f713ee6ba29767d9c5220 linux-modules-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 50fc70ccca684d685a4a78c41e06538632cb2b69 linux-modules-extra-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb d0c6bba37b0a8f77bb333d82d4d39b0fdb6f1f97 linux-source_4.15.0.241.252_all.deb 088f8eb4bf08c3e7a85acbd9af55f68b957aa7a2 linux-source-4.15.0_4.15.0-241.252_all.deb 8dfadf3c085e4fa2ca197f5f75bd57a42cea6e8d linux-tools-4.15.0-241-tuxcare.els29_4.15.0-241.252_amd64.deb 40c05f37447701e2af87abcb54f0194d3360d898 linux-tools-4.15.0-241-tuxcare.els29-generic_4.15.0-241.252_amd64.deb e28ddaef69f9fe5886e3b66a4d5a489286ca6460 linux-tools-4.15.0-241-tuxcare.els29-lowlatency_4.15.0-241.252_amd64.deb 4b33b17d5c8d5f53421628a00e41ff8217d27d3b linux-tools-common_4.15.0-241.252_all.deb 5e64b512a17557c61727243a34a05a5cf25b17f2 linux-tools-generic_4.15.0.241.252_amd64.deb 2e16bf5497cd5c58d9a3bd4b5902c9bf1a9c1f4b linux-tools-host_4.15.0-241.252_all.deb 34c79d8d30f53a46ba85ac93e548d19cb1f7f155 linux-tools-lowlatency_4.15.0.241.252_amd64.deb 6ec883f145ec8aa066ce82067adbf5501e311781 CLSA-2024:1734007022 TuxCare License Agreement 0 * SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038

0 tuxcare-ubuntu18.04-els quagga_1.2.4-1+tuxcare.els2_amd64.deb c22b97447d3f16662d281c54c45373dab96fc809 quagga-bgpd_1.2.4-1+tuxcare.els2_amd64.deb de3726a263b1630ba1445f0620dbc072a9c17095 quagga-core_1.2.4-1+tuxcare.els2_amd64.deb 47e19b3daf5330823820d8029712b43928a0e26d quagga-doc_1.2.4-1+tuxcare.els2_all.deb 627e1e9c0facac5c660b0d6fc51d0871531dd3a1 quagga-isisd_1.2.4-1+tuxcare.els2_amd64.deb 6892dfa9004a027491830b5bbf840ab690758818 quagga-ospf6d_1.2.4-1+tuxcare.els2_amd64.deb d2e43c1abb59896ade39f5ed75393191f09693ed quagga-ospfd_1.2.4-1+tuxcare.els2_amd64.deb c3bc419a4318feb7b2187ebbe805cf8014027b2f quagga-pimd_1.2.4-1+tuxcare.els2_amd64.deb 74e25d4f5972eb7eafabee33d66d61e1d55be07b quagga-ripd_1.2.4-1+tuxcare.els2_amd64.deb f8499abbc01b26fd87d1e1e28ffdcb128c9927bb quagga-ripngd_1.2.4-1+tuxcare.els2_amd64.deb 6fe07c44f2beb7aed8b4860a34c870379e6d97d2 CLSA-2024:1734532539 TuxCare License Agreement 0 * CVE-2022-38076 - linux-firmware: Update for Intel Dual Band Wireless AC 3168 - linux-firmware: Upadte for Intel Wireless 7265 (Rev D) Family - linux-firmware: Update for Intel Dual Band Wireless AC 3165 - linux-firmware: Update for Intel Dual Band Wireless AC 8265 - linux-firmware: Update for Intel Dual Band Wireless AC 8260 - linux-firmware: Update for Intel Wireless AC 9560 - linux-firmware: Update for Intel Wireless AC 9462 - linux-firmware: Update for Intel Wireless AC 9461 - linux-firmware: Update for Intel Wireless AC 9260 - linux-firmware: Update for Intel Wireless AC Wi-Fi 6 AX101 - linux-firmware: Update for Intel Wireless AC Wi-Fi 6 AX201 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2022-38076 - linux-firmware: Update for Intel Dual Band Wireless AC 3168 - linux-firmware: Upadte for Intel Wireless 7265 (Rev D) Family - linux-firmware: Update for Intel Dual Band Wireless AC 3165 - linux-firmware: Update for Intel Dual Band Wireless AC 8265 - linux-firmware: Update for Intel Dual Band Wireless AC 8260 - linux-firmware: Update for Intel Wireless AC 9560 - linux-firmware: Update for Intel Wireless AC 9462 - linux-firmware: Update for Intel Wireless AC 9461 - linux-firmware: Update for Intel Wireless AC 9260 - linux-firmware: Update for Intel Wireless AC Wi-Fi 6 AX101 - linux-firmware: Update for Intel Wireless AC Wi-Fi 6 AX201

0 tuxcare-ubuntu18.04-els linux-firmware_1.173.21+tuxcare.els1_all.deb 724823256b860d85a07e5bdf5f75214b2b2ab3cf CLSA-2024:1734643401 TuxCare License Agreement 0 * SECURITY UPDATE: Improper quoting of newlines in email headers - debian/patches/CVE-2024-6923.patch: Fix serialization of display name in originator or destination address fields with both encoded words and special chars - CVE-2024-6923 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper quoting of newlines in email headers - debian/patches/CVE-2024-6923.patch: Fix serialization of display name in originator or destination address fields with both encoded words and special chars - CVE-2024-6923

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_all.deb b229af51429460faefa519b6ba2496f26511ba0d libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb 2e0e523e36b5525a7fc3e73e4f0b3c656bf05afd libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb 4a8d678ba98a99009c6fc5666af31a9656c915f7 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb 725b8eb075b83d6876212874794b03d94d5f694c libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb e5611157156cb19a321e68bd92037e00e0c7ec5d libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_all.deb 565233e11a21fb70c096ce6d3b7954588c5b9f8d python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb c06a02da574257b5901a29b54516949668001ac7 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb 74974e9cce329c9a0dd2a3eb558b80056d3a3054 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_all.deb c1363f85253122e238fb63f1e4fafee77a3497ed python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_all.deb b074642690fa5c8d21cb4af43c52382a24cf851e python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb 135e72f5e8e72b38134aad78ab8494ebba9e2448 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els9_amd64.deb 1ef1b2141e4904c777be12cfa8a4335649b29656 CLSA-2024:1734705832 TuxCare License Agreement 0 * SECURITY UPDATE: Improper quoting of newlines for email headers allows for header injection - debian/patches/CVE-2024-6923.patch: Encode newlines in headers and verify headers are safe - CVE-2024-6923 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper quoting of newlines for email headers allows for header injection - debian/patches/CVE-2024-6923.patch: Encode newlines in headers and verify headers are safe - CVE-2024-6923

0 tuxcare-ubuntu18.04-els idle-python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_all.deb c05104631f44858370e79ad3281672908d2e50b5 libpython2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb c92ed1d755958ab29395942c95877a8d3010e217 libpython2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb 3299f0dc5543787687f487de00b21e9dc33164f0 libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb d8912481e9aa7893e12b1c9cb27ddbd852a04ed0 libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb 0484657337dffd9d8f4e7e5ef4715df2f7b6178d libpython2.7-testsuite_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_all.deb 19cc4e10a77e75b13f0ed92c1dd59b8ad3e4ee91 python2.7_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb 3aec0cc09c0c3bbe07af8f5b845077ba2192fd54 python2.7-dev_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb d9283eb8dc362210ebd149d5c9eed64c363e52a7 python2.7-doc_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_all.deb 223a849c63196e8f41ab9da4db5ba919b77a72f6 python2.7-examples_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_all.deb 838bd8bdaf4b72d9d4ba98a6caccd13d6e094396 python2.7-minimal_2.7.17-1~18.04ubuntu1.11+tuxcare.els11_amd64.deb 965db6445831a0bb3734c4d0a25010d92658cc9c CLSA-2024:1734708244 TuxCare License Agreement 0 * OpenJDK 11.0.25 release, build 9. - CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21145, CVE-2024-21147, CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235. - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-October/038512.html - d/control, d/rules: bump dependency from jtreg6 to jtreg7 - d/rules: build --without-jtreg if with_check is false, change location of --with-jtreg, change definition of min_jtreg_version * Adjust patches - debian/patches/jtreg-location.diff (removed from d/p/series) - debian/patches/reproducible-javadoc-timestamp.diff - debian/patches/reproducible-copyright-headers.diff - debian/patches/nss-limited-ecc-tests.patch (added from Debian sources) * Remove patches that became part of the update - debian/patches/CVE-2024-21011.patch - debian/patches/CVE-2024-21012.patch - debian/patches/CVE-2024-21068.patch - debian/patches/CVE-2024-21085.patch - debian/patches/CVE-2024-21094.patch Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 11.0.25 release, build 9. - CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21145, CVE-2024-21147, CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235. - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2024-October/038512.html - d/control, d/rules: bump dependency from jtreg6 to jtreg7 - d/rules: build --without-jtreg if with_check is false, change location of --with-jtreg, change definition of min_jtreg_version * Adjust patches - debian/patches/jtreg-location.diff (removed from d/p/series) - debian/patches/reproducible-javadoc-timestamp.diff - debian/patches/reproducible-copyright-headers.diff - debian/patches/nss-limited-ecc-tests.patch (added from Debian sources) * Remove patches that became part of the update - debian/patches/CVE-2024-21011.patch - debian/patches/CVE-2024-21012.patch - debian/patches/CVE-2024-21068.patch - debian/patches/CVE-2024-21085.patch - debian/patches/CVE-2024-21094.patch

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 78cb76608faa05444123a59b8865d74d7e4bb91e openjdk-11-doc_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_all.deb 9fa904e4950704a64b88b3fbed7deef28fe5b7f8 openjdk-11-jdk_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb d2cb100ae500472046e3c646159f01a3e0d152e6 openjdk-11-jdk-headless_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 4945cd531187771d4a7ffad760dd95862b18c6bc openjdk-11-jre_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 4949825f4f1b4f826534df32aea679c71820058a openjdk-11-jre-headless_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 4c5ba25894a38978d06a50b7c3b70f3fee7cd82d openjdk-11-jre-zero_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 7d9e5ff90036db3d8f7f3ffddf80fbdcf1e5cb26 openjdk-11-source_11.0.25+9-0ubuntu1~18.04.1+tuxcare.els1_all.deb 03c7be0ef1c0fec235617c240db3990454f1eb5e CLSA-2024:1735064231 TuxCare License Agreement 0 * SECURITY UPDATE: Security vulnerability - debian/patches/CVE-2024-11234.patch: Fix stream HTTP fulluri CRLF injection issue - CVE-2024-11234 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Security vulnerability - debian/patches/CVE-2024-11234.patch: Fix stream HTTP fulluri CRLF injection issue - CVE-2024-11234

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb be9c86c34c9c15b04ddb33125567b0c78f047e65 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb f9e620dc4964608184e4b024898a2da90d4b6972 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_all.deb 3c62015097048f3fe8d0f7f80a40c6a51d327a51 php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 28eb7a694e7b29e27be4cb99aa332a4674e09b08 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 10f20ed3c3094ee367f5b5de0595a47b6b8e3a7b php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb a8d78e874309714fabe2d792265b3d0ca1a5fc8d php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 37c2d933341e8a178e0d542f278bc3cc7490dd50 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb c8f7bf0daa2fe97080322c9547c083b2dc2abeee php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb ceeb37ae9e75b0ec6a9ee1fd5599ed9b58427a77 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 6f4d3efd51ffbcc01df7edc3d0d07d279ba94125 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb d1a5139208a095140d78e18cb80a3b14e52997f6 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb c0cf72e711a1b79c76ebea9728e2a8f42b358ff4 php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 771cfbd887c994a963429ad761b4ed347613c254 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 731dc9d44c687e62b977cae9b651d5ab43577a2c php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 8b5392529ee841050889d13affd574bcab4e2b9d php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 3a3830b7074ef54447cbc9340e0f18cdfadce0d9 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb da28346e488624186656652fc611eb74d07f962c php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 884c52190479c0ebabb01a750488f18ffd8cb8dc php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 28046e37d2ff426e5efe85b6760695c1f0c59da1 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 777f8a10e8880c35540acf6ba04531d673bd9ab6 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 56f64ac029c39ac357c7174681529ab60007830e php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb d286f3d60b7ecd7ed7f4688bea00fe50418a24b7 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 57e85fa425617b5b3017559e79fcdd5725bcf4c2 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb d10f52f076d135c2bebe435ff9f1e50735994f89 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 6efd878dd2c39f9a8934db6062d10b506ed49429 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 6937fae74544eef71437118cd90c21c2aeea69b1 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb b8db6cc15cb97dd727d421898893ffabdb562ab7 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 12b800f4ad10226d2712c29a5a730a5b849ca861 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 1ce8f6aa1ca1ec6a40d9d5c5debe8cbffeb20bab php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb dcc826a254aa997fa01ec566c401eef7cd0e1f11 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 23ba587091dc00c1ddbcc4c45090124ce8c86971 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb d6203327c2f7969253b08f2fdb7c9ce72235c4f9 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb fb1da4a51f5788ab15ca3304afb8ab318d2669ec php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb ddbdcc80792a6c155865b5abbc25db85db675e1f php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 8110e5c33cbd58b3940434007c4c0f27ef97ced9 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb a5b666c37303f67f3676f83aa603e5009483c758 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_all.deb e1bddbba3377220a0fdfe4fd8fe654c89db05409 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els8_amd64.deb 1be8898b8264e63a0c44ace2d398773ca56a86d0 CLSA-2024:1735064733 TuxCare License Agreement 0 * SECURITY UPDATE: Missing secure attribute in session cookies with RemoteIpFilter - debian/patches/CVE-2023-28708.patch: Fix JSessionId secure attribute missing with RemoteIpFilter and X-Forwarded-Proto set to https - CVE-2023-28708 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Missing secure attribute in session cookies with RemoteIpFilter - debian/patches/CVE-2023-28708.patch: Fix JSessionId secure attribute missing with RemoteIpFilter and X-Forwarded-Proto set to https - CVE-2023-28708

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb ead3c489b366310db7ec00e76cc0b8ff01969d8b libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb 2ff0e0c08c2b985709546ea3e3a3155171c05b66 tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb 79b1aee238af3f7260cdbccb5ac27ec33d73bc15 tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb c3906e9636ddc859b7dce4afa621a90c460f94e5 tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb b3e43032a3136f3b9cce898609a376d36fb02365 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb 7bc0f09aa028ac5e34974cf3d93f7fabccfc4fbb tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb a918ab9ec6f819cd3ac80e97a465c9f3fa1390c3 tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb ecf7d10b172ee7898c7246024a05a07e4ac79273 CLSA-2024:1735065713 TuxCare License Agreement 0 * SECURITY UPDATE: Missing secure attribute in session cookies when using RemoteIpFilter with X-Forwarded-Proto header set to https - debian/patches/CVE-2023-28708.patch: Fix JSessionId secure attribute missing when RemoteIpFilter determines request submitted via secure channel - CVE-2023-28708 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Missing secure attribute in session cookies when using RemoteIpFilter with X-Forwarded-Proto header set to https - debian/patches/CVE-2023-28708.patch: Fix JSessionId secure attribute missing when RemoteIpFilter determines request submitted via secure channel - CVE-2023-28708

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb 6420cfacdfd8dab6726cf1e3eac4ecd504508646 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb b6c88459a5b8a8feff383a989701cf7a306931f1 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb 0c3f9298f705cdc41a34ce1dd1e8a3499ef661e1 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb e4b40fa239ea02dc9442f6b6cef9fe77aa8baf3a tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb c6e927aa5a4cd4ce63506d394084d96730a1ba77 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb ce1ececc9b161563c27d366dcc20f90e76c482d5 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb 238317acd4afebc720584fabcc72900d1915d2dc tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els7_all.deb 9ff6ba082b9f31bc4fe5795efe19d48072f9df74 CLSA-2024:1735065830 TuxCare License Agreement 0 * SECURITY UPDATE: Security vulnerability in package - debian/patches/CVE-2024-11233.patch: fix error in convert.quoted printable-decode filter certain data leading to buffer overread. Fix segfault with streams and invalid data. - CVE-2024-11233 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Security vulnerability in package - debian/patches/CVE-2024-11233.patch: fix error in convert.quoted printable-decode filter certain data leading to buffer overread. Fix segfault with streams and invalid data. - CVE-2024-11233

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb aa8df3cbd30cc0def885674c8fba2fc06560c846 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 8810fd5a394ce00b4be3a49d359f47eb306728de php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_all.deb d686b36f4eed643b1beadfeb00458df7367ca301 php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb dd6c944749989b48c47a613980c88c13d4c4e5d6 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 57d40cdaa8fcc7c6d5204136fc7a39b8ef1b13a3 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 66419e338cb01528e5f84542156cc26252731b6e php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 11d5bffad9bc36f715124c7442b7fc677397e70a php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 4feff1d352450794db0594b02fcaa70bb6c4868f php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 107aabe977554869a24eaeab8b91977f0ff2e208 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 62ab4cd6fa3188a0c127194fb02fb1eb71603714 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 33788ec25a3754c8b8ab2f8cfb860e59301d77b8 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 57a3dfe3238134c2684c926a7a24fd92d3b3150b php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb b7e017843fec39dfec71ba3ab1dc13179ffbc0b3 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 15581f75513c5ecff17150947ecb90ba9046f838 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 4c674c5cf822745f1a8f91f7f78b4a199bdd596a php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 1a8c15d6684b2e245c08f9e8e40aa25ec4771b96 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 05fc6b9421f589121be0257f075aa0be23ed32ac php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 5c1777fd77da7dc4bc62ec5472a45a776e6abe09 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 9166368c6cd42994f89a4fdd6ed120f7e4d828c3 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb a097ea5e6b7a4c8c1a1d39247860de68526f6cb5 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 2cdc2fbeaba0851b4ad7f1551fe5d47ca9731a05 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 857224dfda3b609004e763683610919ab1820d3b php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb adf3bc3da963406ad946ef989884e793119db6c9 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 46d8b56e1e09489f184b3d1440d69662a8e92081 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 9356eedb52dd624b1f04d40a1778cc94f9666633 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb aa7126c9dba2c4fa42b8a0085ddf27dd4358c568 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 49065a918b7aaa20a3e910c75a77ba3714660e58 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb c7b71f743ff6fba4b7a65a83aaf8e1681127a7c1 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 4e720c672900aac5436c81832bc444f81a23aee8 php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 3306ca605c9f7dd14219e2629d23f7fe77254264 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb db0e78e6679ad8f304e4475adcf7ddd6475d69bc php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb e936ff0a24403584b68eba48f95a427988f80698 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 2f1627b3f7a548b0644e32f444a7303b95addb8e php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 55459540c133c70d6b5374e704adc97b4dd0e3f8 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 4529a38fb3c59c0d4e8679c55dc4ef4876b1170e php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb e4c56604e4047487f1bed841ac281194ea1d7307 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_all.deb 270d650d1c5bf2a5c445a41a2e093cd24d1bb195 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els9_amd64.deb 7660f30baad7f59d3f6aa532106755393fc37395 CLSA-2024:1735119580 TuxCare License Agreement 0 * SECURITY UPDATE: Untrusted Site Redirection Vulnerability in FORM authentication feature - debian/patches/CVE-2023-41080.patch: Avoid protocol relative redirects in FORM authentication - CVE-2023-41080 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Untrusted Site Redirection Vulnerability in FORM authentication feature - debian/patches/CVE-2023-41080.patch: Avoid protocol relative redirects in FORM authentication - CVE-2023-41080

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb b32f67af37f46d232e78fded6ceddb3a9322f8d5 libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 1a22156ac0f2d4fbcce8443afe4a029ff916ac18 tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 32afbd785d475965d5223cc191119219e1f255b0 tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 0ac8720e2f26c1bb84f0ac28ef014deb6bef4d1e tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 5043ef1d9dcafa061029ac60c7239652945b8a04 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 5a0a3336594c52a12b9b6f131aff653ba200b7e7 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 8e9afbdfa351521844f2760cd48d928dc1f305ec tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els9_all.deb 78671f9abd779a1846b55186cc78f05f414bfb58 CLSA-2024:1735128985 TuxCare License Agreement 0 * SECURITY UPDATE: Crash in XML_ResumeParser due to XML_StopParser issue - debian/patches/CVE-2024-50602.patch: Refuse to stop/suspend an unstarted parser due to XML_ERROR_NOT_STARTED - debian/patches/CVE-2024-50602-1.patch: Explicitly specify XML_PARSING in XML_StopParser to ensure correct parsing status handling - debian/patches/CVE-2024-50602-2.patch: Add test_misc_resumeparser_not_crashing and test_misc_stopparser_rejects_unstarted_parser to cover the issue - CVE-2024-50602 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash in XML_ResumeParser due to XML_StopParser issue - debian/patches/CVE-2024-50602.patch: Refuse to stop/suspend an unstarted parser due to XML_ERROR_NOT_STARTED - debian/patches/CVE-2024-50602-1.patch: Explicitly specify XML_PARSING in XML_StopParser to ensure correct parsing status handling - debian/patches/CVE-2024-50602-2.patch: Add test_misc_resumeparser_not_crashing and test_misc_stopparser_rejects_unstarted_parser to cover the issue - CVE-2024-50602

0 tuxcare-ubuntu18.04-els expat_2.2.5-3ubuntu0.9+tuxcare.els3_amd64.deb 76ccd1977598353fcaa882d409cf62813843f640 libexpat1_2.2.5-3ubuntu0.9+tuxcare.els3_amd64.deb ff7e5aee67afa8abc69c22d0e4fffda72bf0862b libexpat1-dev_2.2.5-3ubuntu0.9+tuxcare.els3_amd64.deb eb682027be814e821263d8cef021760b114bc092 CLSA-2025:1736469006 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52664 - net: atlantic: eliminate double free in error handling logic * CVE-url: https://ubuntu.com/security/CVE-2023-52698 - calipso: fix memory leak in netlbl_calipso_add_pass() * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2023-52757 - smb: client: fix potential deadlock when releasing mids * CVE-url: https://ubuntu.com/security/CVE-2023-52749 - spi: Fix null dereference on suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26921 - net: ipv4: do not handle duplicate fragments as overlapping - net: IP defrag: encapsulate rbtree defrag code into callable functions - ipv4: remove unnecessary type castings - skb_expand_head() adjust skb->truesize incorrectly - inet: inet_defrag: prevent sk release while still in use * CVE-url: https://ubuntu.com/security/CVE-2021-47082 - tun: avoid double free in tun_free_netdev * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2021-47101 - net: asix: fix uninit value bugs - asix: fix uninit-value in asix_mdio_read() * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2024-50264 - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2021-47076 - RDMA/rxe: Return CQE error if invalid lkey was supplied * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2024-39489 - ipv6: sr: fix memleak in seg6_hmac_init_algo Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52664 - net: atlantic: eliminate double free in error handling logic * CVE-url: https://ubuntu.com/security/CVE-2023-52698 - calipso: fix memory leak in netlbl_calipso_add_pass() * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2023-52757 - smb: client: fix potential deadlock when releasing mids * CVE-url: https://ubuntu.com/security/CVE-2023-52749 - spi: Fix null dereference on suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26921 - net: ipv4: do not handle duplicate fragments as overlapping - net: IP defrag: encapsulate rbtree defrag code into callable functions - ipv4: remove unnecessary type castings - skb_expand_head() adjust skb->truesize incorrectly - inet: inet_defrag: prevent sk release while still in use * CVE-url: https://ubuntu.com/security/CVE-2021-47082 - tun: avoid double free in tun_free_netdev * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2021-47101 - net: asix: fix uninit value bugs - asix: fix uninit-value in asix_mdio_read() * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2024-50264 - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2021-47076 - RDMA/rxe: Return CQE error if invalid lkey was supplied * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2024-39489 - ipv6: sr: fix memleak in seg6_hmac_init_algo

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb b3755238531998193d13768cebed1dad0d14f559 linux-buildinfo-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 96f98e2db9ac5d44944edd7e5bf048619c9bd4bf linux-cloud-tools-4.15.0-242-tuxcare.els30_4.15.0-242.253_amd64.deb 2b7c99bdf6e21f26018857faf92cd45064443d93 linux-cloud-tools-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb 25383109d04f7ce2637f45f467559d6923983f81 linux-cloud-tools-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 101f39cd5ad594179979e3f6329b076394bf5f11 linux-cloud-tools-common_4.15.0-242.253_all.deb 4a31735fde4d5bea4e23bd73cb8ba103cf61b3e4 linux-cloud-tools-generic_4.15.0.242.253_amd64.deb 815ba6e975f7e6eb2917233b1c4aa134230c3540 linux-cloud-tools-lowlatency_4.15.0.242.253_amd64.deb 0d536bf925969c15633b3580a6b4eb4e03a03e50 linux-crashdump_4.15.0.242.253_amd64.deb 35ac24792f2d2c76389f059e3a10b99bd1d0e7c6 linux-doc_4.15.0-242.253_all.deb ae57d246cccb81ecb746ac1f275ef859fb21732a linux-generic_4.15.0.242.253_amd64.deb 0def929df27c711953655b8e8810ca2135658d66 linux-headers-4.15.0-242-tuxcare.els30_4.15.0-242.253_all.deb cb0318c3cd2f9cc9e9a1e2a385ea06304a8c21b4 linux-headers-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb a6d6ac46e5862bcd91046d86a0097353a088e1c8 linux-headers-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 3b4269b8229dc08a278b7c69aae16bc236e3e2c8 linux-headers-generic_4.15.0.242.253_amd64.deb 48d1479698a547f6aef25fc99a4ef7d0f34d9b66 linux-headers-lowlatency_4.15.0.242.253_amd64.deb 5119f8f3e3225da2d255cd54add2814536c3c6ee linux-image-generic_4.15.0.242.253_amd64.deb 5fae53f2652f966c6faf8171d57df048f35f3961 linux-image-lowlatency_4.15.0.242.253_amd64.deb 2a63458c0264a4b071924519bd78915129492512 linux-image-unsigned-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb ceb992e496dfdee181fb8a4fc53606c96f63e894 linux-image-unsigned-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb fce860380ae2f75692064c8ea0cc4aa6230d1e66 linux-libc-dev_4.15.0-242.253_amd64.deb 5780bbd01bb016a5fc1a297b67eff5b469447f7d linux-lowlatency_4.15.0.242.253_amd64.deb 45d236c2e0a778c0ccb3f65c921e6d6471dceb20 linux-modules-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb 7b10f55113cec664ac2fd10ecadb2be82487ff03 linux-modules-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 81a972047c3922b1a4b03e5cb53fd2ac99ccc2c2 linux-modules-extra-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb ed91d89a4353f30fc5589723df25b87cc564865b linux-source_4.15.0.242.253_all.deb 835d293349b1a8f53a424b8ac4644ca3afa55747 linux-source-4.15.0_4.15.0-242.253_all.deb 9cf40d5af05b7b8aaa08cf54a1aa7d847a7a7baa linux-tools-4.15.0-242-tuxcare.els30_4.15.0-242.253_amd64.deb f7f4bef94cf9b3e1954189802264b1202dc56045 linux-tools-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb 56a24882320e1da576ee5922292f4333d9018944 linux-tools-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 852db188d89d1c4f95eeb23ab575c2c7c748b6f6 linux-tools-common_4.15.0-242.253_all.deb 4bcdab7ff7244ca929322520fad2c174342430e3 linux-tools-generic_4.15.0.242.253_amd64.deb 27e80783aa5bd2ec85160c19deac0ecc5d4cdba9 linux-tools-host_4.15.0-242.253_all.deb 37ca0c4c552879e6261098fc54269aab541e17d9 linux-tools-lowlatency_4.15.0.242.253_amd64.deb fe6697b2fb93a8b5f651ef6a1abafa22c96edfbe CLSA-2025:1736469452 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2023-52664 - net: atlantic: eliminate double free in error handling logic * CVE-url: https://ubuntu.com/security/CVE-2023-52698 - calipso: fix memory leak in netlbl_calipso_add_pass() * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2023-52757 - smb: client: fix potential deadlock when releasing mids * CVE-url: https://ubuntu.com/security/CVE-2023-52749 - spi: Fix null dereference on suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26921 - net: ipv4: do not handle duplicate fragments as overlapping - net: IP defrag: encapsulate rbtree defrag code into callable functions - ipv4: remove unnecessary type castings - skb_expand_head() adjust skb->truesize incorrectly - inet: inet_defrag: prevent sk release while still in use * CVE-url: https://ubuntu.com/security/CVE-2021-47082 - tun: avoid double free in tun_free_netdev * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2021-47101 - net: asix: fix uninit value bugs - asix: fix uninit-value in asix_mdio_read() * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2024-50264 - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2021-47076 - RDMA/rxe: Return CQE error if invalid lkey was supplied * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2024-39489 - ipv6: sr: fix memleak in seg6_hmac_init_algo None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2023-52664 - net: atlantic: eliminate double free in error handling logic * CVE-url: https://ubuntu.com/security/CVE-2023-52698 - calipso: fix memory leak in netlbl_calipso_add_pass() * CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open() * CVE-url: https://ubuntu.com/security/CVE-2023-52757 - smb: client: fix potential deadlock when releasing mids * CVE-url: https://ubuntu.com/security/CVE-2023-52749 - spi: Fix null dereference on suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26921 - net: ipv4: do not handle duplicate fragments as overlapping - net: IP defrag: encapsulate rbtree defrag code into callable functions - ipv4: remove unnecessary type castings - skb_expand_head() adjust skb->truesize incorrectly - inet: inet_defrag: prevent sk release while still in use * CVE-url: https://ubuntu.com/security/CVE-2021-47082 - tun: avoid double free in tun_free_netdev * CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() * CVE-url: https://ubuntu.com/security/CVE-2023-52507 - nfc: nci: assert requested protocol is valid * CVE-url: https://ubuntu.com/security/CVE-2024-44944 - netfilter: ctnetlink: use helper function to calculate expect ID * CVE-url: https://ubuntu.com/security/CVE-2024-35861 - smb: client: fix potential UAF in cifs_debug_files_proc_show() - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() * CVE-url: https://ubuntu.com/security/CVE-2024-35863 - smb: client: fix potential UAF in smb2_is_valid_oplock_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35864 - smb: client: fix potential UAF in smb2_is_valid_lease_break() * CVE-url: https://ubuntu.com/security/CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write() * CVE-url: https://ubuntu.com/security/CVE-2024-35896 - netfilter: validate user input for expected length * CVE-url: https://ubuntu.com/security/CVE-2024-27010 - net/sched: Fix mirred deadlock on device recursion * CVE-url: https://ubuntu.com/security/CVE-2024-26961 - mac802154: fix llsec key resources release in mac802154_llsec_key_del * CVE-url: https://ubuntu.com/security/CVE-2024-26958 - NFS: Fix up commit deadlocks - nfs: fix UAF in direct writes * CVE-url: https://ubuntu.com/security/CVE-2024-50115 - KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory * CVE-url: https://ubuntu.com/security/CVE-2024-50148 - Bluetooth: bnep: fix wild-memory-access in proto_unregister * CVE-url: https://ubuntu.com/security/CVE-2024-40910 - ax25: Fix refcount imbalance on inbound connections * CVE-url: https://ubuntu.com/security/CVE-2024-53057 - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2021-47101 - net: asix: fix uninit value bugs - asix: fix uninit-value in asix_mdio_read() * CVE-url: https://ubuntu.com/security/CVE-2024-36952 - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up * CVE-url: https://ubuntu.com/security/CVE-2023-52488 - regmap: Add regmap_noinc_read API - regmap: Add regmap_noinc_write API - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO * CVE-url: https://ubuntu.com/security/CVE-2024-50142 - xfrm: validate new SA's prefixlen using SA family when sel.family is unset * CVE-url: https://ubuntu.com/security/CVE-2024-50256 - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() * CVE-url: https://ubuntu.com/security/CVE-2024-50264 - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans * CVE-url: https://ubuntu.com/security/CVE-2021-47501 - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc * CVE-url: https://ubuntu.com/security/CVE-2021-47076 - RDMA/rxe: Return CQE error if invalid lkey was supplied * CVE-url: https://ubuntu.com/security/CVE-2023-52574 - team: fix null-ptr-deref when team device type is changed * CVE-url: https://ubuntu.com/security/CVE-2023-52477 - usb: hub: Guard against accesses to uninitialized BOS descriptors * CVE-url: https://ubuntu.com/security/CVE-2023-52475 - Input: powermate - fix use-after-free in powermate_config_complete * CVE-url: https://ubuntu.com/security/CVE-2024-39489 - ipv6: sr: fix memleak in seg6_hmac_init_algo

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb b3755238531998193d13768cebed1dad0d14f559 linux-buildinfo-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 96f98e2db9ac5d44944edd7e5bf048619c9bd4bf linux-cloud-tools-4.15.0-242-tuxcare.els30_4.15.0-242.253_amd64.deb 2b7c99bdf6e21f26018857faf92cd45064443d93 linux-cloud-tools-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb 25383109d04f7ce2637f45f467559d6923983f81 linux-cloud-tools-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 101f39cd5ad594179979e3f6329b076394bf5f11 linux-cloud-tools-common_4.15.0-242.253_all.deb 4a31735fde4d5bea4e23bd73cb8ba103cf61b3e4 linux-cloud-tools-generic_4.15.0.242.253_amd64.deb 815ba6e975f7e6eb2917233b1c4aa134230c3540 linux-cloud-tools-lowlatency_4.15.0.242.253_amd64.deb 0d536bf925969c15633b3580a6b4eb4e03a03e50 linux-crashdump_4.15.0.242.253_amd64.deb 35ac24792f2d2c76389f059e3a10b99bd1d0e7c6 linux-doc_4.15.0-242.253_all.deb ae57d246cccb81ecb746ac1f275ef859fb21732a linux-generic_4.15.0.242.253_amd64.deb 0def929df27c711953655b8e8810ca2135658d66 linux-headers-4.15.0-242-tuxcare.els30_4.15.0-242.253_all.deb cb0318c3cd2f9cc9e9a1e2a385ea06304a8c21b4 linux-headers-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb a6d6ac46e5862bcd91046d86a0097353a088e1c8 linux-headers-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 3b4269b8229dc08a278b7c69aae16bc236e3e2c8 linux-headers-generic_4.15.0.242.253_amd64.deb 48d1479698a547f6aef25fc99a4ef7d0f34d9b66 linux-headers-lowlatency_4.15.0.242.253_amd64.deb 5119f8f3e3225da2d255cd54add2814536c3c6ee linux-image-generic_4.15.0.242.253_amd64.deb 5fae53f2652f966c6faf8171d57df048f35f3961 linux-image-lowlatency_4.15.0.242.253_amd64.deb 2a63458c0264a4b071924519bd78915129492512 linux-image-unsigned-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb ceb992e496dfdee181fb8a4fc53606c96f63e894 linux-image-unsigned-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb fce860380ae2f75692064c8ea0cc4aa6230d1e66 linux-libc-dev_4.15.0-242.253_amd64.deb 5780bbd01bb016a5fc1a297b67eff5b469447f7d linux-lowlatency_4.15.0.242.253_amd64.deb 45d236c2e0a778c0ccb3f65c921e6d6471dceb20 linux-modules-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb 7b10f55113cec664ac2fd10ecadb2be82487ff03 linux-modules-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 81a972047c3922b1a4b03e5cb53fd2ac99ccc2c2 linux-modules-extra-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb ed91d89a4353f30fc5589723df25b87cc564865b linux-source_4.15.0.242.253_all.deb 835d293349b1a8f53a424b8ac4644ca3afa55747 linux-source-4.15.0_4.15.0-242.253_all.deb 9cf40d5af05b7b8aaa08cf54a1aa7d847a7a7baa linux-tools-4.15.0-242-tuxcare.els30_4.15.0-242.253_amd64.deb f7f4bef94cf9b3e1954189802264b1202dc56045 linux-tools-4.15.0-242-tuxcare.els30-generic_4.15.0-242.253_amd64.deb 56a24882320e1da576ee5922292f4333d9018944 linux-tools-4.15.0-242-tuxcare.els30-lowlatency_4.15.0-242.253_amd64.deb 852db188d89d1c4f95eeb23ab575c2c7c748b6f6 linux-tools-common_4.15.0-242.253_all.deb 4bcdab7ff7244ca929322520fad2c174342430e3 linux-tools-generic_4.15.0.242.253_amd64.deb 27e80783aa5bd2ec85160c19deac0ecc5d4cdba9 linux-tools-host_4.15.0-242.253_all.deb 37ca0c4c552879e6261098fc54269aab541e17d9 linux-tools-lowlatency_4.15.0.242.253_amd64.deb fe6697b2fb93a8b5f651ef6a1abafa22c96edfbe CLSA-2025:1736503077 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2024-11-12: - Updated microcodes: sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240 sig 0x000b0671, pf_mask 0x32, 2024-08-29, rev 0x012b, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 * SECURITY UPDATE: - CVE-2024-21853, INTEL-SA-01101 - CVE-2024-23918, CVE-2024-21820, INTEL-SA-01079 - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2024-11-12: - Updated microcodes: sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800 sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232 sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240 sig 0x000b0671, pf_mask 0x32, 2024-08-29, rev 0x012b, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160 sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256 sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128 * SECURITY UPDATE: - CVE-2024-21853, INTEL-SA-01101 - CVE-2024-23918, CVE-2024-21820, INTEL-SA-01079 - CVE-2024-24968, INTEL-SA-01097 - CVE-2024-23984, INTEL-SA-01103

0 tuxcare-ubuntu18.04-els intel-microcode_3.20241112.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 73e6c9b9d183823f5e3e10f8a136e77d752d5720 CLSA-2025:1736889411 TuxCare License Agreement 0 * SECURITY UPDATE: Security vulnerability in URL redirection - debian/patches/CVE-2023-41080.patch: Avoid protocol relative redirects in FORM authentication - CVE-2023-41080 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Security vulnerability in URL redirection - debian/patches/CVE-2023-41080.patch: Avoid protocol relative redirects in FORM authentication - CVE-2023-41080

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb d9b671eb1b6bf8f6b005c337f647f9089e9aa04b libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb 17052a14543b2ed02b239fc7b22011607c3c438e tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb afcf09ff0b75426d86ff2f7275d01e73ab4173e3 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb 9ee7118d6d5efcc7027d89262036a9bdaabc1834 tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb 8ad785cee05761c27d7b549b67aabb08537c7e3b tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb f8487d66787a72410b786058d95f068a19863feb tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb 1db0ad6345156b87caf9adbd2d9b73c3602cefc9 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els8_all.deb c1618e42ced270f0a88789d6fab485e0b596b304 CLSA-2025:1737569495 TuxCare License Agreement 0 * SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12085.patch: fix issue with checksum length manipulation leading to uninitialized memory leak - CVE-2024-12085 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: possible information leak via checksum comparison - debian/patches/CVE-2024-12085.patch: fix issue with checksum length manipulation leading to uninitialized memory leak - CVE-2024-12085

0 tuxcare-ubuntu18.04-els rsync_3.1.2-2.1ubuntu1.6+tuxcare.els1_amd64.deb a09bb20352d27b9e4f3a8a31ce3fc7ee672f027c CLSA-2025:1737569580 TuxCare License Agreement 0 * SECURITY UPDATE: Information Disclosure - debian/patches/CVE-2023-42795.patch: Improve handling of failures during recycle() methods - CVE-2023-42795 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Information Disclosure - debian/patches/CVE-2023-42795.patch: Improve handling of failures during recycle() methods - CVE-2023-42795

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb 8473ffa7ba6b05290c9205ac6b37e7db4cdaf539 libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb d087bdc41459e9af31effa56647d14fcdf2fc591 tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb 682dd9e21fd1765aa3bf6e53607141c1e15cd5a5 tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb e5da8eff85d9c0fb4443f66c97618b35eb17d48b tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb 6525ae59483719a68568c69df2c9e8dedf6e02e1 tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb 5c9b6c9e2685632a192e3ce6252ae83c26d8f573 tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb 994fc7e0f718696daca3263212bc0ce86a45dea8 tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els10_all.deb 2bb3040dc4b0c77ab7890dc5b4d036d496d9655b CLSA-2025:1738170525 TuxCare License Agreement 0 * SECURITY UPDATE: Privilege escalation via HTTP request interpretation - debian/patches/CVE-2019-18928.patch: drop auth credentials if not a backend in a Murder to prevent unauthorized access - CVE-2019-18928 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Privilege escalation via HTTP request interpretation - debian/patches/CVE-2019-18928.patch: drop auth credentials if not a backend in a Murder to prevent unauthorized access - CVE-2019-18928

0 tuxcare-ubuntu18.04-els cyrus-admin_2.5.10-3ubuntu1.1+tuxcare.els2_all.deb de98966922b06e8ae8ed7397e89ee05a7d091456 cyrus-caldav_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb d475a68b81bac9b6aba932226ab868322a9c47db cyrus-clients_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb 8be9adbc62e54ce211b15bdbe67d9db82a3ef778 cyrus-common_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb 83f684bb66545f891b0785f768a70042e6804faa cyrus-dev_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb e496c229122b4bb37c7012f813534ab1686b6c4a cyrus-doc_2.5.10-3ubuntu1.1+tuxcare.els2_all.deb ed29c7870bb01b65c27987bb2108da904507d14a cyrus-imapd_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb 7de0574a2fcc942a0e9262d6bcfb4b15ddf2a32a cyrus-murder_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb 8deeefc9bd22bebf13a4c2b3771f3140ed6f4ffb cyrus-nntpd_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb ca0d88bb6aa1a80198f9f2579fc9a0297579eccc cyrus-pop3d_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb 7b8dd71255e911f9c7eb7ac90f2be04a6956bb88 cyrus-replication_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb 4b1d47ec85e6e8ec55a717fa5be6428d83461282 libcyrus-imap-perl_2.5.10-3ubuntu1.1+tuxcare.els2_amd64.deb e2ea9c353289d630657937210a0fcd5e32163261 CLSA-2025:1738265190 TuxCare License Agreement 0 * SECURITY UPDATE: Improper handling of TLV values in bgp_attr_encap - debian/patches/CVE-2024-44070.patch: check actual remaining stream length before taking TLV value - CVE-2024-44070 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper handling of TLV values in bgp_attr_encap - debian/patches/CVE-2024-44070.patch: check actual remaining stream length before taking TLV value - CVE-2024-44070

0 tuxcare-ubuntu18.04-els quagga_1.2.4-1+tuxcare.els3_amd64.deb f5ec32093b56501d265e1c5429e0d5bebdeed983 quagga-bgpd_1.2.4-1+tuxcare.els3_amd64.deb a977985a5efbd3d932c76903da4aefec0031b823 quagga-core_1.2.4-1+tuxcare.els3_amd64.deb 470ec9424fe9237de903b36f08813142be31a8a6 quagga-doc_1.2.4-1+tuxcare.els3_all.deb 0b645dfd0365c0a166c842af72b3e7814543adb8 quagga-isisd_1.2.4-1+tuxcare.els3_amd64.deb 29e9f0cd3e89ae856c1b5b7513106b389c5115b3 quagga-ospf6d_1.2.4-1+tuxcare.els3_amd64.deb 43ee3c7d42fcd5a06573ba8964e7e1f6e676d22e quagga-ospfd_1.2.4-1+tuxcare.els3_amd64.deb 79fc1e8b03ba2dc8132fa228030cdd49827ade1e quagga-pimd_1.2.4-1+tuxcare.els3_amd64.deb d5547b456d0da32ffa1b6dbe05340b058a305677 quagga-ripd_1.2.4-1+tuxcare.els3_amd64.deb c0a59bd33092513b90d2f399544e38ff13f245ba quagga-ripngd_1.2.4-1+tuxcare.els3_amd64.deb 1bb44b5b85cdb187fbd4b9e90656647c494d67b8 CLSA-2025:1738632064 TuxCare License Agreement 0 * SECURITY UPDATE: path traversal vulnerability via improper symlink verification, when using the `--safe-links` option - debian/patches/CVE-2024-12088.patch: make --safe-links stricter - CVE-2024-12088 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: path traversal vulnerability via improper symlink verification, when using the `--safe-links` option - debian/patches/CVE-2024-12088.patch: make --safe-links stricter - CVE-2024-12088

0 tuxcare-ubuntu18.04-els rsync_3.1.2-2.1ubuntu1.6+tuxcare.els3_amd64.deb 79a46249a442ea9ba1ddd98a04ee17db2e89fdcc CLSA-2025:1738852812 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-42252 - closures: Change BUG_ON() to WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() - fixup! ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57892 - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * CVE-url: https://ubuntu.com/security/CVE-2024-56615 - bpf: fix OOB devmap writes when deleting elements * CVE-url: https://ubuntu.com/security/CVE-2024-57887 - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56775 - drm/amd/display: Fix handling of plane refcount * CVE-url: https://ubuntu.com/security/CVE-2024-57900 - ila: serialize calls to nf_register_net_hooks() * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * CVE-url: https://ubuntu.com/security/CVE-2022-48739 - ASoC: hdmi-codec: Fix OOB memory accesses * CVE-url: https://ubuntu.com/security/CVE-2024-56704 - 9p/xen: fix release of IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * CVE-url: https://ubuntu.com/security/CVE-2023-52691 - drm/amd/pm: fix a double-free in si_dpm_init * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56651 - can: hi311x: hi3110_can_ist(): fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56662 - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * CVE-url: https://ubuntu.com/security/CVE-2024-53103 - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer * CVE-url: https://ubuntu.com/security/CVE-2024-56581 - btrfs: ref-verify: fix use-after-free after invalid ref action * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2024-27011 - netfilter: nf_tables: fix memleak in map from abort path * CVE-url: https://ubuntu.com/security/CVE-2024-53088 - i40e: fix race condition by adding filter's intermediate sync state Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-42252 - closures: Change BUG_ON() to WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() - fixup! ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57892 - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * CVE-url: https://ubuntu.com/security/CVE-2024-56615 - bpf: fix OOB devmap writes when deleting elements * CVE-url: https://ubuntu.com/security/CVE-2024-57887 - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56775 - drm/amd/display: Fix handling of plane refcount * CVE-url: https://ubuntu.com/security/CVE-2024-57900 - ila: serialize calls to nf_register_net_hooks() * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * CVE-url: https://ubuntu.com/security/CVE-2022-48739 - ASoC: hdmi-codec: Fix OOB memory accesses * CVE-url: https://ubuntu.com/security/CVE-2024-56704 - 9p/xen: fix release of IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * CVE-url: https://ubuntu.com/security/CVE-2023-52691 - drm/amd/pm: fix a double-free in si_dpm_init * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56651 - can: hi311x: hi3110_can_ist(): fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56662 - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * CVE-url: https://ubuntu.com/security/CVE-2024-53103 - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer * CVE-url: https://ubuntu.com/security/CVE-2024-56581 - btrfs: ref-verify: fix use-after-free after invalid ref action * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2024-27011 - netfilter: nf_tables: fix memleak in map from abort path * CVE-url: https://ubuntu.com/security/CVE-2024-53088 - i40e: fix race condition by adding filter's intermediate sync state

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 0726b9c4bc10e52bf3df86ca2dea53c4e0209a76 linux-buildinfo-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 375ddf306f194ae27ea8cd743f9534399454b278 linux-cloud-tools-4.15.0-243-tuxcare.els31_4.15.0-243.254_amd64.deb 15e832bfdff4aa8ea082e04c08a9539fc25b22b4 linux-cloud-tools-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 1eb12c42fe1ab68f208bee3726f3e803687a859e linux-cloud-tools-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 9d37b3908a31895d66347fa656ab097c1dc1033a linux-cloud-tools-common_4.15.0-243.254_all.deb a2c12d5a6ae48f18e5787602b1e2283bdcae68f1 linux-cloud-tools-generic_4.15.0.243.254_amd64.deb 4385742dab71fc3b1442914ed7977760b8baac96 linux-cloud-tools-lowlatency_4.15.0.243.254_amd64.deb 571caeaf26ab9b094cdca5ec54be7f198e58462b linux-crashdump_4.15.0.243.254_amd64.deb 5768045a3b9c17aa268f44f36fc0e66709b14e8c linux-doc_4.15.0-243.254_all.deb e85f6196f3d94b85febec3dd3042ecc66e9de052 linux-generic_4.15.0.243.254_amd64.deb 8f4d855643cbe943ae4f9f7a18654308d8e53272 linux-headers-4.15.0-243-tuxcare.els31_4.15.0-243.254_all.deb 751700e5e62811b3a55b97c61f6192ea59f36f71 linux-headers-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 6b812f37f2eb30a0417f036e29ebcd8f544e3905 linux-headers-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 152a0a3473f6f07e24d8fbb6f96fc890ec1537c2 linux-headers-generic_4.15.0.243.254_amd64.deb 7bba12f37d37a448f4754c994abef29b22f93b84 linux-headers-lowlatency_4.15.0.243.254_amd64.deb 316c739826fafad5fe5942030ec80f05d5f9f232 linux-image-generic_4.15.0.243.254_amd64.deb a0bc321310ea597c11c5c920de0f26c02457233b linux-image-lowlatency_4.15.0.243.254_amd64.deb 534de11b85508f92371a9c7c550762b05299cb5a linux-image-unsigned-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 5824052d06860ee9c3defecc4acc2a3ddde6e44c linux-image-unsigned-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 3318b12ea1b8f1fa84d9e8cdbffa5cfca964f793 linux-libc-dev_4.15.0-243.254_amd64.deb d5c6fb2381fcca5513333f63c2e42494f9fb70e2 linux-lowlatency_4.15.0.243.254_amd64.deb 1b0bac1c3188cc2100c88ef2b5f62a595b02f51c linux-modules-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 9645708ac720d148b3ed34c0ec8d3289e6c1176d linux-modules-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb edf340939937b61856d39a9d984d3725a4518626 linux-modules-extra-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 8d1580632990e0266ff2c871c6b06f575645394b linux-source_4.15.0.243.254_all.deb 2018c28a85b47425ded24529a36759ad9fce213d linux-source-4.15.0_4.15.0-243.254_all.deb 5c6ddfa3a4d83fb0085c3ff9bc70064c501b156e linux-tools-4.15.0-243-tuxcare.els31_4.15.0-243.254_amd64.deb 05eb7e0baa669c1bf6a4b39db54eb8464afaae3f linux-tools-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 4b3c4d9b21ff08e68407d41c9adf79f2a400a7e6 linux-tools-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb ba602c1a28ab1f4e0cca068b2fff5f9abe7e9374 linux-tools-common_4.15.0-243.254_all.deb 53ce3aaf2bd46e329266669b119b18cdad703273 linux-tools-generic_4.15.0.243.254_amd64.deb 14dbebba78325861b5d8069ce67dcf11199967a9 linux-tools-host_4.15.0-243.254_all.deb 6376ab48c28250e1493a3c4e674a9ff18842e890 linux-tools-lowlatency_4.15.0.243.254_amd64.deb 1f4cd743980d9943b17abad3f3b667be62508fba CLSA-2025:1738853271 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-42252 - closures: Change BUG_ON() to WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() - fixup! ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57892 - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * CVE-url: https://ubuntu.com/security/CVE-2024-56615 - bpf: fix OOB devmap writes when deleting elements * CVE-url: https://ubuntu.com/security/CVE-2024-57887 - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56775 - drm/amd/display: Fix handling of plane refcount * CVE-url: https://ubuntu.com/security/CVE-2024-57900 - ila: serialize calls to nf_register_net_hooks() * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * CVE-url: https://ubuntu.com/security/CVE-2022-48739 - ASoC: hdmi-codec: Fix OOB memory accesses * CVE-url: https://ubuntu.com/security/CVE-2024-56704 - 9p/xen: fix release of IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * CVE-url: https://ubuntu.com/security/CVE-2023-52691 - drm/amd/pm: fix a double-free in si_dpm_init * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56651 - can: hi311x: hi3110_can_ist(): fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56662 - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * CVE-url: https://ubuntu.com/security/CVE-2024-53103 - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer * CVE-url: https://ubuntu.com/security/CVE-2024-56581 - btrfs: ref-verify: fix use-after-free after invalid ref action * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2024-27011 - netfilter: nf_tables: fix memleak in map from abort path * CVE-url: https://ubuntu.com/security/CVE-2024-53088 - i40e: fix race condition by adding filter's intermediate sync state None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-42252 - closures: Change BUG_ON() to WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() - fixup! ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57892 - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * CVE-url: https://ubuntu.com/security/CVE-2024-56615 - bpf: fix OOB devmap writes when deleting elements * CVE-url: https://ubuntu.com/security/CVE-2024-57887 - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56775 - drm/amd/display: Fix handling of plane refcount * CVE-url: https://ubuntu.com/security/CVE-2024-57900 - ila: serialize calls to nf_register_net_hooks() * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * CVE-url: https://ubuntu.com/security/CVE-2022-48739 - ASoC: hdmi-codec: Fix OOB memory accesses * CVE-url: https://ubuntu.com/security/CVE-2024-56704 - 9p/xen: fix release of IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * CVE-url: https://ubuntu.com/security/CVE-2023-52691 - drm/amd/pm: fix a double-free in si_dpm_init * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56651 - can: hi311x: hi3110_can_ist(): fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56662 - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * CVE-url: https://ubuntu.com/security/CVE-2024-53103 - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer * CVE-url: https://ubuntu.com/security/CVE-2024-56581 - btrfs: ref-verify: fix use-after-free after invalid ref action * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2024-27011 - netfilter: nf_tables: fix memleak in map from abort path * CVE-url: https://ubuntu.com/security/CVE-2024-53088 - i40e: fix race condition by adding filter's intermediate sync state

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 0726b9c4bc10e52bf3df86ca2dea53c4e0209a76 linux-buildinfo-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 375ddf306f194ae27ea8cd743f9534399454b278 linux-cloud-tools-4.15.0-243-tuxcare.els31_4.15.0-243.254_amd64.deb 15e832bfdff4aa8ea082e04c08a9539fc25b22b4 linux-cloud-tools-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 1eb12c42fe1ab68f208bee3726f3e803687a859e linux-cloud-tools-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 9d37b3908a31895d66347fa656ab097c1dc1033a linux-cloud-tools-common_4.15.0-243.254_all.deb a2c12d5a6ae48f18e5787602b1e2283bdcae68f1 linux-cloud-tools-generic_4.15.0.243.254_amd64.deb 4385742dab71fc3b1442914ed7977760b8baac96 linux-cloud-tools-lowlatency_4.15.0.243.254_amd64.deb 571caeaf26ab9b094cdca5ec54be7f198e58462b linux-crashdump_4.15.0.243.254_amd64.deb 5768045a3b9c17aa268f44f36fc0e66709b14e8c linux-doc_4.15.0-243.254_all.deb e85f6196f3d94b85febec3dd3042ecc66e9de052 linux-generic_4.15.0.243.254_amd64.deb 8f4d855643cbe943ae4f9f7a18654308d8e53272 linux-headers-4.15.0-243-tuxcare.els31_4.15.0-243.254_all.deb 751700e5e62811b3a55b97c61f6192ea59f36f71 linux-headers-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 6b812f37f2eb30a0417f036e29ebcd8f544e3905 linux-headers-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 152a0a3473f6f07e24d8fbb6f96fc890ec1537c2 linux-headers-generic_4.15.0.243.254_amd64.deb 7bba12f37d37a448f4754c994abef29b22f93b84 linux-headers-lowlatency_4.15.0.243.254_amd64.deb 316c739826fafad5fe5942030ec80f05d5f9f232 linux-image-generic_4.15.0.243.254_amd64.deb a0bc321310ea597c11c5c920de0f26c02457233b linux-image-lowlatency_4.15.0.243.254_amd64.deb 534de11b85508f92371a9c7c550762b05299cb5a linux-image-unsigned-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 5824052d06860ee9c3defecc4acc2a3ddde6e44c linux-image-unsigned-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb 3318b12ea1b8f1fa84d9e8cdbffa5cfca964f793 linux-libc-dev_4.15.0-243.254_amd64.deb d5c6fb2381fcca5513333f63c2e42494f9fb70e2 linux-lowlatency_4.15.0.243.254_amd64.deb 1b0bac1c3188cc2100c88ef2b5f62a595b02f51c linux-modules-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 9645708ac720d148b3ed34c0ec8d3289e6c1176d linux-modules-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb edf340939937b61856d39a9d984d3725a4518626 linux-modules-extra-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 8d1580632990e0266ff2c871c6b06f575645394b linux-source_4.15.0.243.254_all.deb 2018c28a85b47425ded24529a36759ad9fce213d linux-source-4.15.0_4.15.0-243.254_all.deb 5c6ddfa3a4d83fb0085c3ff9bc70064c501b156e linux-tools-4.15.0-243-tuxcare.els31_4.15.0-243.254_amd64.deb 05eb7e0baa669c1bf6a4b39db54eb8464afaae3f linux-tools-4.15.0-243-tuxcare.els31-generic_4.15.0-243.254_amd64.deb 4b3c4d9b21ff08e68407d41c9adf79f2a400a7e6 linux-tools-4.15.0-243-tuxcare.els31-lowlatency_4.15.0-243.254_amd64.deb ba602c1a28ab1f4e0cca068b2fff5f9abe7e9374 linux-tools-common_4.15.0-243.254_all.deb 53ce3aaf2bd46e329266669b119b18cdad703273 linux-tools-generic_4.15.0.243.254_amd64.deb 14dbebba78325861b5d8069ce67dcf11199967a9 linux-tools-host_4.15.0-243.254_all.deb 6376ab48c28250e1493a3c4e674a9ff18842e890 linux-tools-lowlatency_4.15.0.243.254_amd64.deb 1f4cd743980d9943b17abad3f3b667be62508fba CLSA-2025:1739522296 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-57911 - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-57911 - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 1d6858f47d39e79e28c3c74a40a8d7ffece76676 linux-buildinfo-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 9ab6d7776a5cbb7bb2066384f32b5da1676e5667 linux-cloud-tools-4.15.0-244-tuxcare.els32_4.15.0-244.255_amd64.deb ea3b2cf9ca1aa0fed84d080427a133b2c2a7b4eb linux-cloud-tools-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 37399e93a370b1702eb9161db999a1eef7c3ef35 linux-cloud-tools-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 297376b9f9bf231bf62aaa478f8fb64ba83118c1 linux-cloud-tools-common_4.15.0-244.255_all.deb b654b25bb981b39182898c44b63abb6a9736cd83 linux-cloud-tools-generic_4.15.0.244.255_amd64.deb ebaf73a47610601abe2d635f075a718075de92e3 linux-cloud-tools-lowlatency_4.15.0.244.255_amd64.deb c716e3f6144bf28c49e51e6ba5c0c79b141fb526 linux-crashdump_4.15.0.244.255_amd64.deb 85e9e2c127635022bf5554fa7fc06a441b0590d5 linux-doc_4.15.0-244.255_all.deb 1ef71973b97c2ee77dede2ed92b39d67c83795a4 linux-generic_4.15.0.244.255_amd64.deb 6b757b78c8747b0e71e77ff363d00934a2b612e4 linux-headers-4.15.0-244-tuxcare.els32_4.15.0-244.255_all.deb 5515d042fc0ad0fc828092f2e1e959a17d2dc978 linux-headers-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 106f66704c4eaf63ab5f7873dc3febab78a7c67f linux-headers-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 8fb9ec074b586076943fc7d18c0356155c72c78e linux-headers-generic_4.15.0.244.255_amd64.deb 1dd11c790032d731f02fd5640d253536bfdbd10f linux-headers-lowlatency_4.15.0.244.255_amd64.deb 2e3abaa540269b51632ce63aef18950101fcfd53 linux-image-generic_4.15.0.244.255_amd64.deb 694eb1050282dd94601a664989a309444d11660e linux-image-lowlatency_4.15.0.244.255_amd64.deb cce7ea8d339c194831fe84a57ec6eea338557fbd linux-image-unsigned-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 238f6b3062254c9b2f15b0728d9f586f56f864f5 linux-image-unsigned-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb e2b3139551d78ee04e284fd09b7fae3a4edece62 linux-libc-dev_4.15.0-244.255_amd64.deb 205965f5c44d6bed46cff7934c794889b0943444 linux-lowlatency_4.15.0.244.255_amd64.deb 027a95986052749a4aeea9e38f77d64d499683b4 linux-modules-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 06784b3a1385b315517fdd2e048a1d45cf274a8b linux-modules-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 66c574a6aa0e6ad42325cf737761a8b9cc8a467b linux-modules-extra-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 34af727a70f77a670d9aa0e4b535c0968ea35102 linux-source_4.15.0.244.255_all.deb 8398389114bf2eac9b14a8cf0b16d110d04861d6 linux-source-4.15.0_4.15.0-244.255_all.deb bab5c8e0a594cf28abd5ef8b4cf6b8e0a3bbe10a linux-tools-4.15.0-244-tuxcare.els32_4.15.0-244.255_amd64.deb bbb389b0bc7a60d23c204d78b942c88eef2b091a linux-tools-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb ffc731d8b16393e79813fbfe9e1b5b20dc4dd9dd linux-tools-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 89ebb6d1907e2ed3069766fdd1ce5f35d53fe7ee linux-tools-common_4.15.0-244.255_all.deb 4988752f041df4632986cf9b01543605544ecf47 linux-tools-generic_4.15.0.244.255_amd64.deb f79b7932ad9c17961f59b7aab90bb2c4ebf0fd20 linux-tools-host_4.15.0-244.255_all.deb 20f665e0f440b320852900576bf039f000a769de linux-tools-lowlatency_4.15.0.244.255_amd64.deb b44f4dcbb9e2cb759ab40092a44a37df3d897e27 CLSA-2025:1739524909 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-57911 - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format * CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path * CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg: protect concurrent access to mem_cgroup_idr * CVE-url: https://ubuntu.com/security/CVE-2021-47379 - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd * CVE-url: https://ubuntu.com/security/CVE-2024-57911 - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer * CVE-url: https://ubuntu.com/security/CVE-2024-53239 - ALSA: 6fire: Release resources at card release * CVE-url: https://ubuntu.com/security/CVE-2024-50051 - spi: mpc52xx: Add cancel_work_sync before module remove

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 1d6858f47d39e79e28c3c74a40a8d7ffece76676 linux-buildinfo-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 9ab6d7776a5cbb7bb2066384f32b5da1676e5667 linux-cloud-tools-4.15.0-244-tuxcare.els32_4.15.0-244.255_amd64.deb ea3b2cf9ca1aa0fed84d080427a133b2c2a7b4eb linux-cloud-tools-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 37399e93a370b1702eb9161db999a1eef7c3ef35 linux-cloud-tools-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 297376b9f9bf231bf62aaa478f8fb64ba83118c1 linux-cloud-tools-common_4.15.0-244.255_all.deb b654b25bb981b39182898c44b63abb6a9736cd83 linux-cloud-tools-generic_4.15.0.244.255_amd64.deb ebaf73a47610601abe2d635f075a718075de92e3 linux-cloud-tools-lowlatency_4.15.0.244.255_amd64.deb c716e3f6144bf28c49e51e6ba5c0c79b141fb526 linux-crashdump_4.15.0.244.255_amd64.deb 85e9e2c127635022bf5554fa7fc06a441b0590d5 linux-doc_4.15.0-244.255_all.deb 1ef71973b97c2ee77dede2ed92b39d67c83795a4 linux-generic_4.15.0.244.255_amd64.deb 6b757b78c8747b0e71e77ff363d00934a2b612e4 linux-headers-4.15.0-244-tuxcare.els32_4.15.0-244.255_all.deb 5515d042fc0ad0fc828092f2e1e959a17d2dc978 linux-headers-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 106f66704c4eaf63ab5f7873dc3febab78a7c67f linux-headers-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 8fb9ec074b586076943fc7d18c0356155c72c78e linux-headers-generic_4.15.0.244.255_amd64.deb 1dd11c790032d731f02fd5640d253536bfdbd10f linux-headers-lowlatency_4.15.0.244.255_amd64.deb 2e3abaa540269b51632ce63aef18950101fcfd53 linux-image-generic_4.15.0.244.255_amd64.deb 694eb1050282dd94601a664989a309444d11660e linux-image-lowlatency_4.15.0.244.255_amd64.deb cce7ea8d339c194831fe84a57ec6eea338557fbd linux-image-unsigned-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 238f6b3062254c9b2f15b0728d9f586f56f864f5 linux-image-unsigned-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb e2b3139551d78ee04e284fd09b7fae3a4edece62 linux-libc-dev_4.15.0-244.255_amd64.deb 205965f5c44d6bed46cff7934c794889b0943444 linux-lowlatency_4.15.0.244.255_amd64.deb 027a95986052749a4aeea9e38f77d64d499683b4 linux-modules-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 06784b3a1385b315517fdd2e048a1d45cf274a8b linux-modules-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 66c574a6aa0e6ad42325cf737761a8b9cc8a467b linux-modules-extra-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb 34af727a70f77a670d9aa0e4b535c0968ea35102 linux-source_4.15.0.244.255_all.deb 8398389114bf2eac9b14a8cf0b16d110d04861d6 linux-source-4.15.0_4.15.0-244.255_all.deb bab5c8e0a594cf28abd5ef8b4cf6b8e0a3bbe10a linux-tools-4.15.0-244-tuxcare.els32_4.15.0-244.255_amd64.deb bbb389b0bc7a60d23c204d78b942c88eef2b091a linux-tools-4.15.0-244-tuxcare.els32-generic_4.15.0-244.255_amd64.deb ffc731d8b16393e79813fbfe9e1b5b20dc4dd9dd linux-tools-4.15.0-244-tuxcare.els32-lowlatency_4.15.0-244.255_amd64.deb 89ebb6d1907e2ed3069766fdd1ce5f35d53fe7ee linux-tools-common_4.15.0-244.255_all.deb 4988752f041df4632986cf9b01543605544ecf47 linux-tools-generic_4.15.0.244.255_amd64.deb f79b7932ad9c17961f59b7aab90bb2c4ebf0fd20 linux-tools-host_4.15.0-244.255_all.deb 20f665e0f440b320852900576bf039f000a769de linux-tools-lowlatency_4.15.0.244.255_amd64.deb b44f4dcbb9e2cb759ab40092a44a37df3d897e27 CLSA-2025:1739812201 TuxCare License Agreement 0 * SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 * debian/control: add package Recommends to krb5-doc Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 * debian/control: add package Recommends to krb5-doc

0 tuxcare-ubuntu18.04-els krb5-admin-server_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb aae322fa939234cc30114d43e1b10ab261aefd1e krb5-doc_1.16-2ubuntu0.4+tuxcare.els3_all.deb d4a529350f89e874225f27730bfd29c0634bfebd krb5-gss-samples_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 55ca5884f4ce417ba5c82dbd75ba5ac32dd1b2f5 krb5-k5tls_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb b76092a4f74490434c55460064d4ddf2cc1da24c krb5-kdc_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb e4cd1d8736e23dd47fc1f5a13864e603b4481d52 krb5-kdc-ldap_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 5554a206609b213e1cbacc7a0e0d817fe8440b3a krb5-kpropd_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb e7f149eca20e78545eb52433bee9ecc08d5a7f87 krb5-locales_1.16-2ubuntu0.4+tuxcare.els3_all.deb ace113c18afd94c3662f4fa55236549f12fb062d krb5-multidev_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 8a7f36bcc8de6fbcd7158730d6a04efb162b5ad0 krb5-otp_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb e23947231d5fcbf7fa5386b859caae1a6dc58752 krb5-pkinit_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb b316e9ce4916eb96ce73b7b561091620041a3f37 krb5-user_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 449f2d3d9a8a608e959fff7663122f81d70c8a11 libgssapi-krb5-2_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb b53eee0df7417d0661ceb33efc49d365ccb5661c libgssrpc4_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb df5e7a10ef561fa0e12aec4ba3524df9afff7e84 libk5crypto3_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 3529a54a221c3df0be3f9ab0b7ccb6957036bb53 libkadm5clnt-mit11_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 5fb38a3891f013f3186adb364621d5210ad49a9a libkadm5srv-mit11_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 96b94a2e12039974008aca61e20c6b280ece7582 libkdb5-9_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb cdc588a48a20a715cb87c033d8e35510af27fab4 libkrad-dev_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb ddf49a5b27d6aaec67f59b2aec30837f4d3b2c2b libkrad0_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 8b594f8ac2eb7c251d02bbf42f63b10ed7b5e9d8 libkrb5-3_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb c7c936435509f5e14abd9e043f1396d8a4324d54 libkrb5-dev_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb 6d73a92d48923dbb33d191ecbae2804d021c40bd libkrb5support0_1.16-2ubuntu0.4+tuxcare.els3_amd64.deb b7157d37cb83c2f06ea9608307fa479f98098ffb CLSA-2025:1739904482 TuxCare License Agreement 0 * SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile - debian/patches/CVE-2024-6232.patch: Fix header parsing vulnerability that could lead to ReDoS - CVE-2024-6923 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Regular expressions that allowed excessive backtracking during tarfile - debian/patches/CVE-2024-6232.patch: Fix header parsing vulnerability that could lead to ReDoS - CVE-2024-6923

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_all.deb cb9e8dc00a2444d3daad89d4ecdf55d6d3c7785d libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb 727b9ff43bf058dedcd5e80962a49ebe2e8586e6 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb a65ba92a86f569c5155eb3cad2b8540d878004b9 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb 0892f8a760eaa0b4efbb9e175ed493413e132f0c libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb 9504a4e8256ceeece335ff400af20926b12f88b6 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_all.deb 8c877c90eb11064e4579a02684957f60b9cd26d9 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb 5fad2070e40fda4cb68aff8f558544a7f60f5382 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb bf8a2b9920427bb28f149fb5b6d4fae108592e57 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_all.deb e5b025f43f30b81e33340f0e590a6da3106cc20f python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_all.deb f8bc00f562ba74811515525b4c313521fac5856c python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb a689038094ca6655152cb1fd34fb3e5cc7da60be python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els10_amd64.deb aa6070e5b10482610897265f80f32754daa0f5f1 CLSA-2025:1740131776 TuxCare License Agreement 0 * SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 * debian/rules, debian/patches/series: use series file to manage patches * debian/patches/ssh-6-option.diff: adjust changes to align with the new patch application approach. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 * debian/rules, debian/patches/series: use series file to manage patches * debian/patches/ssh-6-option.diff: adjust changes to align with the new patch application approach.

0 tuxcare-ubuntu18.04-els rsync_3.1.2-2.1ubuntu1.6+tuxcare.els5_amd64.deb 68e36c2afc1e7def8a89d004d2af2e0c25a73b31 CLSA-2025:1740230107 TuxCare License Agreement 0 * SECURITY UPDATE: insufficient space allocation in assert() function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abort_msg_s struct to store the length of the message string - CVE-2025-0395 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insufficient space allocation in assert() function leading to buffer overflow - debian/patches/any/CVE-2025-0395.patch: Fix underallocation of abort_msg_s struct to store the length of the message string - CVE-2025-0395

0 tuxcare-ubuntu18.04-els glibc-doc_2.27-3ubuntu1.6+tuxcare.els5_all.deb a438529b7e6dfa80e0731acf69af43d4e9f53706 glibc-source_2.27-3ubuntu1.6+tuxcare.els5_all.deb d9f4a4f92a7df4c82820a21bd959507f3b3c7129 libc-bin_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb f2f87e9ebd903584b611e0f76a0bda9e839c7cfa libc-dev-bin_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 9029ed4cbc36052ed0e4f1b369dee481d285c32d libc6_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 7854f819a803c9a4199a3b1bcf97fc3da2f2f1ad libc6-dev_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb fb8291095407891f5942b6d63e5b372450199afc libc6-dev-i386_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 3db76f64a4620a859dda42388c6be9177e1fc9b7 libc6-dev-x32_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 4dff48229009999f722c066361c66c6ad9f25620 libc6-i386_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 6e2ae5cebff54043d9b762d2a60082e1b5e8c80e libc6-pic_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 0fcc994108570754a01321839ab0a8a3ac63ab14 libc6-x32_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb f0bdc6f5d8c91a6ca22624b9ef8df67d2faeb134 locales_2.27-3ubuntu1.6+tuxcare.els5_all.deb 1f1c0ff05c37e0402b9e7929ab234b8e8d9a986f locales-all_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb ceff8da6ce890705714e42006d683a8d87a07e03 multiarch-support_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb 16ef67eeeb2258d280e809c9fb5f6c3ca5001af7 nscd_2.27-3ubuntu1.6+tuxcare.els5_amd64.deb f59ca08ae482afc5a0378299304d3cbbe00d82eb CLSA-2025:1740645424 TuxCare License Agreement 0 * SECURITY UPDATE: Ability to modify permissions with privileged programs - debian/patches/CVE-2023-6597.patch: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2023-6597 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ability to modify permissions with privileged programs - debian/patches/CVE-2023-6597.patch: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2023-6597

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_all.deb c5462ba3f9e2a4b9e87dc01a16e2e3df0e14944b libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb d662a25a540ed2cb052e16b5c799b0f6944b3629 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb f52c8546f2552f2dc3fce711f7c98b2af749df9b libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb 6d8cf971ca9021c49e8f3cb9932fc5ca8bd55c56 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb 7ee00695bacca08b282366ec8e905339e4fb2357 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_all.deb 03594a0713774023d2bae12ad6f2a6a899bae75f python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb a9ac32c40c2c95b7d9841a552e7a721a83e22827 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb 909a44ba6c0404e1ab757e4fea83908bb5f20b72 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_all.deb ed4e1668eda5070ab08d4406478b37cce7822661 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_all.deb 5ff80680cfc31d2d6a1064891fea4793418eb29c python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb 2054f8466da65e734504bbdb90162e1eec6120fa python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els11_amd64.deb d6e4f27985d6ac880f49b6cd708448deaf96f848 CLSA-2025:1740645619 TuxCare License Agreement 0 * Internal tests: - debian/test_certs/*: Update the keystore files and certificates from the upstream branch 9.0.x to fix internal tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Internal tests: - debian/test_certs/*: Update the keystore files and certificates from the upstream branch 9.0.x to fix internal tests

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb e45bd2f0b4117c666f195ef297d4e5092d7cd5e7 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb eb1f3d406937fe36712bab9330302ed65d6a1c92 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb 210e5de15a0c0fa1052a66c28fbed38835c02651 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb 870d362f3e3fab4ca288f9648eef918c30a1faea tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb 9d78782a1b9acc8d3d2c426af7e8dc884fcb4785 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb 215db317b373b65e0eb1bd4de9cd9c363939cec3 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb 55c4dc74a8374fe52afa249d835608373dc2267a tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els10_all.deb 2b8d95f09c8e05691d9d03347060364592d28751 CLSA-2025:1741215440 TuxCare License Agreement 0 * SECURITY UPDATE: PPD injection issues - debian/patches/CVE-2024-47175.patch: validate URIs, attribute names, capabilities, and sanitize make and model in cups/ppd-cache.c, scheduler/ipp.c - CVE-2024-47175 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: PPD injection issues - debian/patches/CVE-2024-47175.patch: validate URIs, attribute names, capabilities, and sanitize make and model in cups/ppd-cache.c, scheduler/ipp.c - CVE-2024-47175

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb f408db213ac093d26818c11c80185d76a3e8b7dd cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 700434954fac4a405e2c7edb9fe520d884e36d58 cups-client_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 19b335a344beaf88f13c24a7200555cf8c0147eb cups-common_2.2.7-1ubuntu2.10+tuxcare.els4_all.deb b63e1f125ca432d6a49059500387b64a5c79a602 cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb ac446927360cf684a35ac041b1488e0d19912fa0 cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 3ea0e35947dde16c058978e44e99d0016b1f09f2 cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 8c8eefe0917bc760e0339c1b85af44c1834259b9 cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 97da409329bedcd7c85231541bdb8fc53eb55df0 cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els4_all.deb 10dfd10492082f0ec2fd66bdb768e4b8ebafc852 libcups2_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 6bd78f9d1eefe94a347f05633bf9add620acb470 libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb b7e984bc7cd116b3f9d0a40ae0b0d58655ac3bd0 libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 8c97d38fa38bf778c7eb9350aefae2c325702285 libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 5c1ad21ac1ee8bbed20742dd5a1c7f16c78e3114 libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 9d178ad50f6603598df6f92e53b26aaa20b53d29 libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb e2c7a6817c88b14d76b529dd3e58546fcd751ab8 libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els4_amd64.deb 4a48468c18d913abd56ee85ce2dbdf0136628a48 CLSA-2025:1741215575 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-02-11: - New microcodes: sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952 sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032 sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496 sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 * SECURITY UPDATE: - CVE-2024-31068 (INTEL-SA-01166) - CVE-2024-36293 (INTEL-SA-01213) - CVE-2024-39279 (INTEL-SA-01139) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-02-11: - New microcodes: sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952 sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224 sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032 sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592 sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824 sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496 sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544 sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968 sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160 sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240 sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280 sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128 * SECURITY UPDATE: - CVE-2024-31068 (INTEL-SA-01166) - CVE-2024-36293 (INTEL-SA-01213) - CVE-2024-39279 (INTEL-SA-01139)

0 tuxcare-ubuntu18.04-els intel-microcode_3.20250211.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 873ae64dd02710e0a2a8b496d2a185138322dd17 CLSA-2025:1741286028 TuxCare License Agreement 0 * SECURITY UPDATE: Incomplete Cleanup vulnerability in Tomcat - debian/patches/CVE-2023-42795.patch: Improve handling of failures during recycle() methods - CVE-2023-42795 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Incomplete Cleanup vulnerability in Tomcat - debian/patches/CVE-2023-42795.patch: Improve handling of failures during recycle() methods - CVE-2023-42795

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb da7c91f4e7ab1f78200e862b139987089385691f libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb aac086ab61abb8bb24e6bc6408ab4f8a4bbfa584 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb 3b9eae32d2067b0ca494a3bd8ab05ce7dc834662 tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb 5fcf5744ce2b333256da14cbaad5b5d09dabedc6 tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb 177206ac3c329aaf3bb8f16f684baf1a92252816 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb ab9b6cb30686f2a79b2b24be8a894cb8bf1d9f90 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb 62cded2e9ea71bc3a8d5cb1bf9b6010037fd80f5 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els11_all.deb f86d5be02be75a74d9df9ba0f3001e387f5568d9 CLSA-2025:1741286348 TuxCare License Agreement 0 * SECURITY UPDATE: buffer over-read in xmlHTMLPrintFileContext - debian/patches/CVE-2024-34459.patch: Fix buffer overread with `xmllint --htmlout` by adding a missing bounds check - CVE-2024-34459 * SECURITY UPDATE: use-after-free vulnerability in xinclude.c - debian/patches/CVE-2022-49043.patch: Fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free - CVE-2022-49043 * SECURITY UPDATE: stack-based buffer overflow in xmlSnprintfElements in valid.c - debian/patches/CVE-2025-24928.patch: Fix stack-buffer-overflow in xmlSnprintfElements caused by improperly calculating qname length - CVE-2025-24928 * SECURITY UPDATE: NULL pointer dereference in xmlPatMatch in pattern.c - debian/patches/CVE-2025-27113.patch: Fix compilation of explicit child axis to generate XML_OP_ELEM like the case without an axis - CVE-2025-27113 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: buffer over-read in xmlHTMLPrintFileContext - debian/patches/CVE-2024-34459.patch: Fix buffer overread with `xmllint --htmlout` by adding a missing bounds check - CVE-2024-34459 * SECURITY UPDATE: use-after-free vulnerability in xinclude.c - debian/patches/CVE-2022-49043.patch: Fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free - CVE-2022-49043 * SECURITY UPDATE: stack-based buffer overflow in xmlSnprintfElements in valid.c - debian/patches/CVE-2025-24928.patch: Fix stack-buffer-overflow in xmlSnprintfElements caused by improperly calculating qname length - CVE-2025-24928 * SECURITY UPDATE: NULL pointer dereference in xmlPatMatch in pattern.c - debian/patches/CVE-2025-27113.patch: Fix compilation of explicit child axis to generate XML_OP_ELEM like the case without an axis - CVE-2025-27113 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els2_amd64.deb 99e4a0887a96148fff35102f63ae0935c2073d28 libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els2_amd64.deb d69560f3cae050a1b974005d8be54215e0e92b9d libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els2_all.deb ea917750444e303b2739a7452961b336a36cfc30 libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els2_amd64.deb 9802630af14cc345cc69e3835e0e61d1f328eee3 python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els2_amd64.deb 24318b88c2e4757ef9b04dbc1bc27c10fa5f9387 python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els2_amd64.deb 49ed972a6fb16428ff0180e9e3a492f129708ae5 CLSA-2025:1742317463 TuxCare License Agreement 0 * SECURITY UPDATE: address stack-based buffer overflow in disassemble_bytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow in disassemble_bytes caused by oversized buffer - CVE-2025-0840 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: address stack-based buffer overflow in disassemble_bytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow in disassemble_bytes caused by oversized buffer - CVE-2025-0840

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 322ae503b89c2d815b1054a45cf4249e900c2953 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 3e6b6f11e03a363275b622815b186c00030f312b binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb a149b59d5de0ba74462e48229cf2ac18d3468697 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb b78e9e470f5971c18be3e37e63aeef00f021d111 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 2ac33720b92975ec7eee2dd7ab707cbde575628b binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb d3f0d64b7e7105058ea159efd3f5d8bde7fb5e2b binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 97b01c3966a35bfc5b9100f1f71390525e02264c binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els8_all.deb 5f70a2015adcd747ba782cc822742f4d2b3f4fd3 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els8_all.deb 13de0ff95564d0b21922df303fd5879b02bf179e binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 7e5ec24b3bb1d5468f9c2c46f54652fab19e42be binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb d13065b4ce31ae5a58df2ca52d2009bee250f19a binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb aa0d846a2eb34b29375fa28ad353e4d9b24332ad binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb e301be175b9ce76894f4631a96d893b16be87145 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb aa3b9f6b0bc3156537f302758882f2040d3848ad binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb f975718f1a33c7acd364dc9939a68c04b01caf34 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb de441fe9fccb3a3287e06a2950cbadfe0e3e05dc binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 33124b9cd335515e4328ea3311b0ba8f4b2e6c7f binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 0eef5b44d82742b5c9a00e7e806c7c0cf707830d binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 9dae5ab643d78e2c3810eefb6f796d416eb07e19 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 3bc967bbae9582458943dd8f92942e157268e7a5 binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb dbaa4033dc46951462bf529eaa7f05efcf01bd25 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 2fd98534ebed63b619bb6030fd6729565f767280 binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 38442518c263b6d18ff265f38097284116156c36 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 7c3630e294b21422de92ab9eb7add460ac038757 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb dfee945030151ef981e2027e4d08a245397744ec binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb b7a353c32a466d67a46e38bda93cb957b38948b7 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb c23ad44fb33370c5319ef2f5cb0870fc8b1ebc57 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 586800d95fd92a942f91b5a81236bfc5a5d6125a binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb d1e1124dfe4d7a80ca22d8926f08617b84f5e10e binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb a20b915c5c5ce62e115d8b0e20b2b42273be24a5 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 5874cfd9738fd1e305ffc1b10b224f2d1b430fd5 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 911a49b349b1c58012327dd2799215fbaff1f881 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 37857600b43c4f3d1ce2f23e43155e2b97df7bdc binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb b410ab024e6d3f3f3a1e1579c70aa1767be43dcb binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 44aaf9ec0d648e72e5724692aa8ab2f20ad34ed2 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 3fe9ea6fb14b8968e27e6bce641043461bbb0482 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 2305f51790b67d07fc2aba5829bcd627de8b6ba5 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb d1c3db3013c206b8f8266cf8a9b6e1ac623fd523 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els8_all.deb f79a370a909d837e85cb7de72e52da6a2f90f65f binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb fbd7bd3d2c0fad3582bcb87cb38707cb6a397200 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 41b6c2956d46b094b0ce00f9cd544ebf1db40bf3 binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 8e6ff2472e0f7d2c749d7500ec79a7b9fe8fa926 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 8ddac169774dc69543ad1aebb78808e2c0feed26 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els8_amd64.deb 8808e66b19238f2fae3641e9f156fb45733d3a8b CLSA-2025:1742319747 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2024-50180 - fbdev: sisfb: Fix strbuf array overflow * CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neigh_periodic_work() * CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211_get_station * CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma buf fence polling * CVE-url: https://ubuntu.com/security/CVE-2024-44931 - gpio: prevent potential speculation leaks in gpio_device_get_desc() * CVE-url: https://ubuntu.com/security/CVE-2024-23848 - media: cec: cec-api: add locking in cec_release() - media: cec: core: avoid recursive cec_claim_log_addrs * CVE-url: https://ubuntu.com/security/CVE-2024-50229 - nilfs2: fix potential deadlock with newly created symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-50171 - net: systemport: fix potential memory leak in bcm_sysport_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-50233 - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() * CVE-url: https://ubuntu.com/security/CVE-2024-50134 - drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA * CVE-url: https://ubuntu.com/security/CVE-2024-44938 - jfs: Fix shift-out-of-bounds in dbDiscardAG * CVE-url: https://ubuntu.com/security/CVE-2024-50117 - drm/amd: Guard against bad data for ATIF ACPI method * CVE-url: https://ubuntu.com/security/CVE-2024-49902 - jfs: check if leafidx greater than num leaves per dmap tree * CVE-url: https://ubuntu.com/security/CVE-2023-52799 - jfs: fix array-index-out-of-bounds in dbFindLeaf * CVE-url: https://ubuntu.com/security/CVE-2024-49966 - ocfs2: cancel dqi_sync_work before freeing oinfo * CVE-url: https://ubuntu.com/security/CVE-2024-50267 - USB: serial: io_edgeport: fix use after free in debug printk * CVE-url: https://ubuntu.com/security/CVE-2024-50230 - nilfs2: fix kernel bug due to missing clearing of checked flag * CVE-url: https://ubuntu.com/security/CVE-2024-50302 - HID: core: zero-initialize the report buffer * CVE-url: https://ubuntu.com/security/CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing - dm cache: fix potential out-of-bounds access on the first resume * CVE-url: https://ubuntu.com/security/CVE-2024-50234 - wifi: iwlegacy: Clear stale interrupts before resuming device * CVE-url: https://ubuntu.com/security/CVE-2024-50301 - security/keys: fix slab-out-of-bounds in key_task_permission * CVE-url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Add __must_check attribute to check_*() helpers - compiler.h: drop fallback overflow checkers - overflow: Allow mixed type arguments - udf: fix uninit-value use in udf_get_fileshortad * CVE-url: https://ubuntu.com/security/CVE-2024-53061 - media: s5p-jpeg: prevent buffer overflows * CVE-url: https://ubuntu.com/security/CVE-2024-57798 - drm/dp-mst-helper: Remove hotplug callback - drm/dp_mst: Remove huge conditional in drm_dp_mst_handle_up_req() - drm/dp_mst: Refactor drm_dp_mst_handle_up_req() - drm/dp_mst: Rename drm_dp_add_port and drm_dp_update_port - drm/dp_mst: Handle UP requests asynchronously - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() * CVE-url: https://ubuntu.com/security/CVE-2023-52854 - padata: make padata_do_parallel find alternate callback CPU - padata: allocate workqueue internally - crypto: pcrypt - remove padata cpumask notifier - padata, pcrypt: take CPU hotplug lock internally in padata_alloc_possible - padata: use separate workqueues for parallel and serial work - padata: unbind parallel jobs from specific CPUs - workqueue: Make alloc/apply/free_workqueue_attrs() static - workqueue: Remove GPF argument from alloc_workqueue_attrs() - workqueue: unconfine alloc/apply/free_workqueue_attrs() - crypto: pcrypt - Avoid deadlock by using per-instance padata queues - crypto: aead - pass instance to crypto_grab_aead() - crypto: pcrypt - simplify error handling in pcrypt_create_aead() - padata: Fix refcnt handling in padata_free_shell() * CVE-url: https://ubuntu.com/security/CVE-2024-53164 - net: sched: fix ordering of qlen adjustment * CVE-url: https://ubuntu.com/security/CVE-2024-47809 - dlm: fix possible lkb_resource null dereference * CVE-url: https://ubuntu.com/security/CVE-2021-47342 - ext4: fix memory leak in ext4_fill_super - ext4: fix possible UAF when remounting r/o a mmp-protected file system * CVE-url: https://ubuntu.com/security/CVE-2024-53179 - smb: client: fix use-after-free of signing key * Miscellaneous upstream changes - drm/amd/amdgpu: Fix GPR read from debugfs (v2) Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2024-50180 - fbdev: sisfb: Fix strbuf array overflow * CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neigh_periodic_work() * CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211_get_station * CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma buf fence polling * CVE-url: https://ubuntu.com/security/CVE-2024-44931 - gpio: prevent potential speculation leaks in gpio_device_get_desc() * CVE-url: https://ubuntu.com/security/CVE-2024-23848 - media: cec: cec-api: add locking in cec_release() - media: cec: core: avoid recursive cec_claim_log_addrs * CVE-url: https://ubuntu.com/security/CVE-2024-50229 - nilfs2: fix potential deadlock with newly created symlinks * CVE-url: https://ubuntu.com/security/CVE-2024-50171 - net: systemport: fix potential memory leak in bcm_sysport_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-50233 - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() * CVE-url: https://ubuntu.com/security/CVE-2024-50134 - drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA * CVE-url: https://ubuntu.com/security/CVE-2024-44938 - jfs: Fix shift-out-of-bounds in dbDiscardAG * CVE-url: https://ubuntu.com/security/CVE-2024-50117 - drm/amd: Guard against bad data for ATIF ACPI method * CVE-url: https://ubuntu.com/security/CVE-2024-49902 - jfs: check if leafidx greater than num leaves per dmap tree * CVE-url: https://ubuntu.com/security/CVE-2023-52799 - jfs: fix array-index-out-of-bounds in dbFindLeaf * CVE-url: https://ubuntu.com/security/CVE-2024-49966 - ocfs2: cancel dqi_sync_work before freeing oinfo * CVE-url: https://ubuntu.com/security/CVE-2024-50267 - USB: serial: io_edgeport: fix use after free in debug printk * CVE-url: https://ubuntu.com/security/CVE-2024-50230 - nilfs2: fix kernel bug due to missing clearing of checked flag * CVE-url: https://ubuntu.com/security/CVE-2024-50302 - HID: core: zero-initialize the report buffer * CVE-url: https://ubuntu.com/security/CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing - dm cache: fix potential out-of-bounds access on the first resume * CVE-url: https://ubuntu.com/security/CVE-2024-50234 - wifi: iwlegacy: Clear stale interrupts before resuming device * CVE-url: https://ubuntu.com/security/CVE-2024-50301 - security/keys: fix slab-out-of-bounds in key_task_permission * CVE-url: https://ubuntu.com/security/CVE-2024-50143 - overflow: Add __must_check attribute to check_*() helpers - compiler.h: drop fallback overflow checkers - overflow: Allow mixed type arguments - udf: fix uninit-value use in udf_get_fileshortad * CVE-url: https://ubuntu.com/security/CVE-2024-53061 - media: s5p-jpeg: prevent buffer overflows * CVE-url: https://ubuntu.com/security/CVE-2024-57798 - drm/dp-mst-helper: Remove hotplug callback - drm/dp_mst: Remove huge conditional in drm_dp_mst_handle_up_req() - drm/dp_mst: Refactor drm_dp_mst_handle_up_req() - drm/dp_mst: Rename drm_dp_add_port and drm_dp_update_port - drm/dp_mst: Handle UP requests asynchronously - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() * CVE-url: https://ubuntu.com/security/CVE-2023-52854 - padata: make padata_do_parallel find alternate callback CPU - padata: allocate workqueue internally - crypto: pcrypt - remove padata cpumask notifier - padata, pcrypt: take CPU hotplug lock internally in padata_alloc_possible - padata: use separate workqueues for parallel and serial work - padata: unbind parallel jobs from specific CPUs - workqueue: Make alloc/apply/free_workqueue_attrs() static - workqueue: Remove GPF argument from alloc_workqueue_attrs() - workqueue: unconfine alloc/apply/free_workqueue_attrs() - crypto: pcrypt - Avoid deadlock by using per-instance padata queues - crypto: aead - pass instance to crypto_grab_aead() - crypto: pcrypt - simplify error handling in pcrypt_create_aead() - padata: Fix refcnt handling in padata_free_shell() * CVE-url: https://ubuntu.com/security/CVE-2024-53164 - net: sched: fix ordering of qlen adjustment * CVE-url: https://ubuntu.com/security/CVE-2024-47809 - dlm: fix possible lkb_resource null dereference * CVE-url: https://ubuntu.com/security/CVE-2021-47342 - ext4: fix memory leak in ext4_fill_super - ext4: fix possible UAF when remounting r/o a mmp-protected file system * CVE-url: https://ubuntu.com/security/CVE-2024-53179 - smb: client: fix use-after-free of signing key * Miscellaneous upstream changes - drm/amd/amdgpu: Fix GPR read from debugfs (v2)

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 84920494875b2b9c49d618601d0a47c9edb5fc53 linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency_4.15.0-245.256_amd64.deb 3ee587367e6660ba5d8d1bda3c59aecc29c0a5ee linux-cloud-tools-4.15.0-245-tuxcare.els33_4.15.0-245.256_amd64.deb 8a393acd73fd660ffcd85c6795806a9a8c33aef2 linux-cloud-tools-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 3658182bba81f829f33a6fbbfd109b0cd07adf0a linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency_4.15.0-245.256_amd64.deb a53588b3a5c44a5d9f9a7cc8ab53f911af45e99e linux-cloud-tools-common_4.15.0-245.256_all.deb 856eb83b5c91513fcf16d710f0a51f3586257c62 linux-cloud-tools-generic_4.15.0.245.256_amd64.deb 316a79dc12a7dd1df4a0517ae3df071f9ad6e19a linux-cloud-tools-lowlatency_4.15.0.245.256_amd64.deb 0575dd4ee717339fc2209030e26a639bb0b52661 linux-crashdump_4.15.0.245.256_amd64.deb a5edb224f085c729100f5fc871f9b03c147437ea linux-doc_4.15.0-245.256_all.deb 9c7923fabd8cb8331eac6dca86abdf6b4c7357c7 linux-generic_4.15.0.245.256_amd64.deb 560875d2283c05c25f20e70c1e7cdd8f0d1ab112 linux-headers-4.15.0-245-tuxcare.els33_4.15.0-245.256_all.deb a59f0f587c4f4f4d9909ecdc69459b66337b4cde linux-headers-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 0a5a1a6c14a3e89b3d3b721d841f79675e22f2f0 linux-headers-4.15.0-245-tuxcare.els33-lowlatency_4.15.0-245.256_amd64.deb 08c727d15bf8cad929adab362bae782c6117932a linux-headers-generic_4.15.0.245.256_amd64.deb a123b0b402c99431d77d022b48ca01b5d1d8faf8 linux-headers-lowlatency_4.15.0.245.256_amd64.deb 32441d567691daac4a0bdfb8db9c3ed52c8d0042 linux-image-generic_4.15.0.245.256_amd64.deb 5a305f7f522e740318a813941f0c3f8fe9c9235f linux-image-lowlatency_4.15.0.245.256_amd64.deb 111a5e292f5f8319dbdf7e4f58136b0f61ba031a linux-image-unsigned-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 2a56e985f01fa1be4baf2930ccaf5a363d627b29 linux-image-unsigned-4.15.0-245-tuxcare.els33-lowlatency_4.15.0-245.256_amd64.deb 12fad2eddb564c558e4a7085b0b27a03b6a6aa92 linux-libc-dev_4.15.0-245.256_amd64.deb e20bcc243595652cfb67004efcbd135ec197aaee linux-lowlatency_4.15.0.245.256_amd64.deb 7581080f0d6699cc6be599aaced304e368712eac linux-modules-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 3307fa61f197dda856c623efc5fa5e2c26ee93e7 linux-modules-4.15.0-245-tuxcare.els33-lowlatency_4.15.0-245.256_amd64.deb b941d43db88413c4934c3bbd819a1fa89310f3bc linux-modules-extra-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 4ba91a7fd9aa5dbd1a1ec258ade773313e0ca98f linux-source_4.15.0.245.256_all.deb 88853cdc8ff9a8526b1fd9d4cc311b3dd0573ea8 linux-source-4.15.0_4.15.0-245.256_all.deb c36ee849c96459798f2135823676b1fbd87c52d8 linux-tools-4.15.0-245-tuxcare.els33_4.15.0-245.256_amd64.deb ca19de8acc5c0fdc045153f2030ffeee199d0011 linux-tools-4.15.0-245-tuxcare.els33-generic_4.15.0-245.256_amd64.deb 8640c4e0c33e32c2548186c356aa7f7a32cf9bf9 linux-tools-4.15.0-245-tuxcare.els33-lowlatency_4.15.0-245.256_amd64.deb 28f74f089ddf84e843a90481a41413a66aa5fb3b linux-tools-common_4.15.0-245.256_all.deb 5cec4e3080148a1c879f05a0f2968891f3707f24 linux-tools-generic_4.15.0.245.256_amd64.deb 4a9c57638c40ac4c8b7f60aeb080eb4d91d9eca0 linux-tools-host_4.15.0-245.256_all.deb 950215a3570721f0d85e56e88924ba082130977c linux-tools-lowlatency_4.15.0.245.256_amd64.deb dfff7abe17357193c0026ffa35685d711b38cb0d CLSA-2025:1742320375 TuxCare License Agreement 0 * Bump ABI 4.15.0-245 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-245

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.245.256_amd64.deb 316a79dc12a7dd1df4a0517ae3df071f9ad6e19a linux-cloud-tools-lowlatency_4.15.0.245.256_amd64.deb 0575dd4ee717339fc2209030e26a639bb0b52661 linux-crashdump_4.15.0.245.256_amd64.deb a5edb224f085c729100f5fc871f9b03c147437ea linux-generic_4.15.0.245.256_amd64.deb 560875d2283c05c25f20e70c1e7cdd8f0d1ab112 linux-headers-generic_4.15.0.245.256_amd64.deb a123b0b402c99431d77d022b48ca01b5d1d8faf8 linux-headers-lowlatency_4.15.0.245.256_amd64.deb 32441d567691daac4a0bdfb8db9c3ed52c8d0042 linux-image-generic_4.15.0.245.256_amd64.deb 5a305f7f522e740318a813941f0c3f8fe9c9235f linux-image-lowlatency_4.15.0.245.256_amd64.deb 111a5e292f5f8319dbdf7e4f58136b0f61ba031a linux-lowlatency_4.15.0.245.256_amd64.deb 7581080f0d6699cc6be599aaced304e368712eac linux-source_4.15.0.245.256_all.deb 88853cdc8ff9a8526b1fd9d4cc311b3dd0573ea8 linux-tools-generic_4.15.0.245.256_amd64.deb 4a9c57638c40ac4c8b7f60aeb080eb4d91d9eca0 linux-tools-lowlatency_4.15.0.245.256_amd64.deb dfff7abe17357193c0026ffa35685d711b38cb0d CLSA-2025:1742471100 TuxCare License Agreement 0 * SECURITY UPDATE: PostgreSQL libpq incorrect neutralization of quoting syntax allows SQL injection - debian/patches/CVE-2025-1094.patch: Add full encoding validation in libpq data-quoting functions. - CVE-2025-1094 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: PostgreSQL libpq incorrect neutralization of quoting syntax allows SQL injection - debian/patches/CVE-2025-1094.patch: Add full encoding validation in libpq data-quoting functions. - CVE-2025-1094

0 tuxcare-ubuntu18.04-els libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 07f9d72bca1f6d3e2728171883f5254388df3a78 libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 969d77fd77b59c443a9a63f110a8b9872434ca2c libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 1c3fd13ef85c23c4bebc59ec220c9dc67513a660 libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb e5abe338b5a2b3b278c1869ff871ed7014ceb0fb libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb d821d36e4cbf9f5cdd36eeda3674d02ef69af93d libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 0c44021d6babe5a06e18e0b6813b38c779002f8d postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 9bfe50b6dd5ee5aac6ed1e09bcb6fa8bc0dee968 postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 4dfb3c96a31408fee9890e77581798b1f6f76577 postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_all.deb cc0a3e1d7ad77fad4a218ddae1843be84be2d065 postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 2157c9380fd738a9ad61a59ca718feef535b010c postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 0aaa1d16936a4a3d2b4a436f4a2f011be97debd3 postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb e811a63ce146b010c7ec6e613db40b63c4954792 postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb 71c0ad6e6147ac44edc93930e7dfe781e50b60ee postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els5_amd64.deb ba0b3cac5353dfd02bf04fa4fd0632fcdf371e56 CLSA-2025:1742471910 TuxCare License Agreement 0 * SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els6_amd64.deb d1cf56e8a8ebfaa5efc962cbe30d756389637e16 openssh-server_7.6p1-4ubuntu0.7+tuxcare.els6_amd64.deb 53b0cf4cf2f84be66c09e183427822436033c7db openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els6_amd64.deb e084a4ab7309d985221b251369d5a0afa8b9ae34 ssh_7.6p1-4ubuntu0.7+tuxcare.els6_all.deb 05b5959d1ce073aef14fae265085b87a82246334 ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els6_amd64.deb c49a9100f51782f4badd1b4c2d6616fb772a4faa CLSA-2025:1742577759 TuxCare License Agreement 0 * SECURITY UPDATE: path Equivalence leading to Remote Code Execution and/or Information disclosure in Apache Tomcat - debian/patches/CVE-2025-24813.patch: Enhance lifecycle of temporary files used by partial PUT - CVE-2025-24813 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: path Equivalence leading to Remote Code Execution and/or Information disclosure in Apache Tomcat - debian/patches/CVE-2025-24813.patch: Enhance lifecycle of temporary files used by partial PUT - CVE-2025-24813

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb 9d79f550469c8aad8fda2a103d65d35a25c62713 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb 65ef05de842707095f94b18420a4fcc333b5c454 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb 54598b8c2a95294ab51d89a4e7807737a727613a tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb d3274b636c522bb98c2b2c63eb823728353bb568 tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb 9e040c03e4151b4e458cae65c82f2381fd8985fd tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb 19918cc282b6b68bfc5574bafdb5ac83631fa1db tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb 51817bf0191e5447f7e3974cde628263493fd683 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els12_all.deb fcf68d6a7a3c3947b58126afc3a80ee1d9e439f6 CLSA-2025:1744213128 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2025-21858 - geneve: Fix use-after-free in geneve_find_dev(). * CVE-url: https://ubuntu.com/security/CVE-2024-36921 - wifi: iwlwifi: mvm: guard against invalid STA ID on removal * CVE-url: https://ubuntu.com/security/CVE-2023-52621 - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers * CVE-url: https://ubuntu.com/security/CVE-2025-21855 - ibmvnic: Don't reference skb after sending to VIOS * CVE-url: https://ubuntu.com/security/CVE-2021-47110 - x86/kvm: Disable kvmclock on all CPUs on shutdown * CVE-url: https://ubuntu.com/security/CVE-2025-21791 - vrf: use RCU protection in l3mdev_l3_out() * CVE-url: https://ubuntu.com/security/CVE-2024-57980 - media: uvcvideo: Fix double free in error path * CVE-url: https://ubuntu.com/security/CVE-2025-21718 - net: rose: fix timer races against user threads * CVE-url: https://ubuntu.com/security/CVE-2025-21735 - NFC: nci: Add bounds checking in nci_hci_create_pipe() * CVE-url: https://ubuntu.com/security/CVE-2023-52805 - jfs: fix array-index-out-of-bounds in diAlloc * CVE-url: https://ubuntu.com/security/CVE-2023-52847 - media: bttv: fix use after free error due to btv->timeout timer * CVE-url: https://ubuntu.com/security/CVE-2024-41014 - xfs: add bounds checking to xlog_recover_process_data * CVE-url: https://ubuntu.com/security/CVE-2025-21782 - orangefs: fix a oob in orangefs_debug_write * CVE-url: https://ubuntu.com/security/CVE-2024-26872 - RDMA/srpt: Do not register event handler until srpt device is fully setup * CVE-url: https://ubuntu.com/security/CVE-2024-26982 - Squashfs: check the inode number is not the invalid value of zero * CVE-url: https://ubuntu.com/security/CVE-2024-56548 - hfsplus: don't query the device logical block size multiple times * CVE-url: https://ubuntu.com/security/CVE-2024-57850 - jffs2: Prevent rtime decompress memory corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49982 - aoe: fix the potential use-after-free problem in more places * CVE-url: https://ubuntu.com/security/CVE-2024-47696 - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency * CVE-url: https://ubuntu.com/security/CVE-2024-50074 - parport: Proper fix for array out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2025-21687 - vfio/platform: check the bounds of read/write syscalls * CVE-url: https://ubuntu.com/security/CVE-2024-57889 - regmap: allow to disable all locking mechanisms - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking * CVE-url: https://ubuntu.com/security/CVE-2024-56539 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() * CVE-url: https://ubuntu.com/security/CVE-2024-53680 - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() * CVE-url: https://ubuntu.com/security/CVE-2024-56630 - ocfs2: free inode when ocfs2_get_init_inode() fails * CVE-url: https://ubuntu.com/security/CVE-2024-53184 - um: ubd: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57884 - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() * CVE-url: https://ubuntu.com/security/CVE-2024-56597 - jfs: fix shift-out-of-bounds in dbSplit * CVE-url: https://ubuntu.com/security/CVE-2025-21664 - dm thin: make get_first_thin use rcu-safe list first function * CVE-url: https://ubuntu.com/security/CVE-2024-56594 - drm/amdgpu: set the right AMDGPU sg segment limitation * CVE-url: https://ubuntu.com/security/CVE-2024-56681 - crypto: bcm - add error check in the ahash_hmac_init function * CVE-url: https://ubuntu.com/security/CVE-2024-52332 - igb: Fix potential invalid memory access in igb_init_module() * CVE-url: https://ubuntu.com/security/CVE-2024-56570 - ovl: Filter invalid inodes with missing lookup function * CVE-url: https://ubuntu.com/security/CVE-2024-57912 - iio: pressure: zpa2326: fix information leak in triggered buffer * CVE-url: https://ubuntu.com/security/CVE-2024-53172 - ubi: fastmap: Fix duplicate slab cache names while attaching * CVE-url: https://ubuntu.com/security/CVE-2024-57929 - dm array: fix releasing a faulty array block twice in dm_array_cursor_end * CVE-url: https://ubuntu.com/security/CVE-2024-56532 - ALSA: us122l: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53183 - um: net: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-56644 - net/ipv6: release expired exception dst cached in socket * CVE-url: https://ubuntu.com/security/CVE-2024-57948 - mac802154: check local interfaces before deleting sdata list * CVE-url: https://ubuntu.com/security/CVE-2024-57904 - iio: adc: at91: call input_free_device() on allocated iio_dev * CVE-url: https://ubuntu.com/security/CVE-2024-56637 - netfilter: ipset: Hold module reference while requesting a module * CVE-url: https://ubuntu.com/security/CVE-2024-56576 - media: i2c: tc358743: Fix crash in the probe error path when using polling * CVE-url: https://ubuntu.com/security/CVE-2024-53214 - vfio/pci: Properly hide first-in-list PCIe extended capability * CVE-url: https://ubuntu.com/security/CVE-2024-56700 - media: wl128x: Fix atomicity violation in fmc_send_cmd() * CVE-url: https://ubuntu.com/security/CVE-2024-56531 - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53194 - PCI: Fix use-after-free of slot->bus on hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-58055 - usb: gadget: f_tcm: Don't free command immediately * CVE-url: https://ubuntu.com/security/CVE-2024-56619 - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2021-47636 - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() * CVE-url: https://ubuntu.com/security/CVE-2024-5317 - nfsd: make sure exp active before svc_export_show * CVE-url: https://ubuntu.com/security/CVE-2024-53174 - SUNRPC: make sure cache entry active before cache_show * CVE-url: https://ubuntu.com/security/CVE-2021-47219 - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() * CVE-url: https://ubuntu.com/security/CVE-2024-50269 - usb: musb: sunxi: Fix accessing an released usb phy * CVE-url: https://ubuntu.com/security/CVE-2024-57908 - iio: imu: kmx61: fix information leak in triggered buffer Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2025-21858 - geneve: Fix use-after-free in geneve_find_dev(). * CVE-url: https://ubuntu.com/security/CVE-2024-36921 - wifi: iwlwifi: mvm: guard against invalid STA ID on removal * CVE-url: https://ubuntu.com/security/CVE-2023-52621 - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers * CVE-url: https://ubuntu.com/security/CVE-2025-21855 - ibmvnic: Don't reference skb after sending to VIOS * CVE-url: https://ubuntu.com/security/CVE-2021-47110 - x86/kvm: Disable kvmclock on all CPUs on shutdown * CVE-url: https://ubuntu.com/security/CVE-2025-21791 - vrf: use RCU protection in l3mdev_l3_out() * CVE-url: https://ubuntu.com/security/CVE-2024-57980 - media: uvcvideo: Fix double free in error path * CVE-url: https://ubuntu.com/security/CVE-2025-21718 - net: rose: fix timer races against user threads * CVE-url: https://ubuntu.com/security/CVE-2025-21735 - NFC: nci: Add bounds checking in nci_hci_create_pipe() * CVE-url: https://ubuntu.com/security/CVE-2023-52805 - jfs: fix array-index-out-of-bounds in diAlloc * CVE-url: https://ubuntu.com/security/CVE-2023-52847 - media: bttv: fix use after free error due to btv->timeout timer * CVE-url: https://ubuntu.com/security/CVE-2024-41014 - xfs: add bounds checking to xlog_recover_process_data * CVE-url: https://ubuntu.com/security/CVE-2025-21782 - orangefs: fix a oob in orangefs_debug_write * CVE-url: https://ubuntu.com/security/CVE-2024-26872 - RDMA/srpt: Do not register event handler until srpt device is fully setup * CVE-url: https://ubuntu.com/security/CVE-2024-26982 - Squashfs: check the inode number is not the invalid value of zero * CVE-url: https://ubuntu.com/security/CVE-2024-56548 - hfsplus: don't query the device logical block size multiple times * CVE-url: https://ubuntu.com/security/CVE-2024-57850 - jffs2: Prevent rtime decompress memory corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49982 - aoe: fix the potential use-after-free problem in more places * CVE-url: https://ubuntu.com/security/CVE-2024-47696 - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency * CVE-url: https://ubuntu.com/security/CVE-2024-50074 - parport: Proper fix for array out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2025-21687 - vfio/platform: check the bounds of read/write syscalls * CVE-url: https://ubuntu.com/security/CVE-2024-57889 - regmap: allow to disable all locking mechanisms - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking * CVE-url: https://ubuntu.com/security/CVE-2024-56539 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() * CVE-url: https://ubuntu.com/security/CVE-2024-53680 - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() * CVE-url: https://ubuntu.com/security/CVE-2024-56630 - ocfs2: free inode when ocfs2_get_init_inode() fails * CVE-url: https://ubuntu.com/security/CVE-2024-53184 - um: ubd: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-57884 - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() * CVE-url: https://ubuntu.com/security/CVE-2024-56597 - jfs: fix shift-out-of-bounds in dbSplit * CVE-url: https://ubuntu.com/security/CVE-2025-21664 - dm thin: make get_first_thin use rcu-safe list first function * CVE-url: https://ubuntu.com/security/CVE-2024-56594 - drm/amdgpu: set the right AMDGPU sg segment limitation * CVE-url: https://ubuntu.com/security/CVE-2024-56681 - crypto: bcm - add error check in the ahash_hmac_init function * CVE-url: https://ubuntu.com/security/CVE-2024-52332 - igb: Fix potential invalid memory access in igb_init_module() * CVE-url: https://ubuntu.com/security/CVE-2024-56570 - ovl: Filter invalid inodes with missing lookup function * CVE-url: https://ubuntu.com/security/CVE-2024-57912 - iio: pressure: zpa2326: fix information leak in triggered buffer * CVE-url: https://ubuntu.com/security/CVE-2024-53172 - ubi: fastmap: Fix duplicate slab cache names while attaching * CVE-url: https://ubuntu.com/security/CVE-2024-57929 - dm array: fix releasing a faulty array block twice in dm_array_cursor_end * CVE-url: https://ubuntu.com/security/CVE-2024-56532 - ALSA: us122l: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53183 - um: net: Do not use drvdata in release * CVE-url: https://ubuntu.com/security/CVE-2024-56644 - net/ipv6: release expired exception dst cached in socket * CVE-url: https://ubuntu.com/security/CVE-2024-57948 - mac802154: check local interfaces before deleting sdata list * CVE-url: https://ubuntu.com/security/CVE-2024-57904 - iio: adc: at91: call input_free_device() on allocated iio_dev * CVE-url: https://ubuntu.com/security/CVE-2024-56637 - netfilter: ipset: Hold module reference while requesting a module * CVE-url: https://ubuntu.com/security/CVE-2024-56576 - media: i2c: tc358743: Fix crash in the probe error path when using polling * CVE-url: https://ubuntu.com/security/CVE-2024-53214 - vfio/pci: Properly hide first-in-list PCIe extended capability * CVE-url: https://ubuntu.com/security/CVE-2024-56700 - media: wl128x: Fix atomicity violation in fmc_send_cmd() * CVE-url: https://ubuntu.com/security/CVE-2024-56531 - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection * CVE-url: https://ubuntu.com/security/CVE-2024-53194 - PCI: Fix use-after-free of slot->bus on hot remove * CVE-url: https://ubuntu.com/security/CVE-2024-58055 - usb: gadget: f_tcm: Don't free command immediately * CVE-url: https://ubuntu.com/security/CVE-2024-56619 - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2021-47636 - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() * CVE-url: https://ubuntu.com/security/CVE-2024-5317 - nfsd: make sure exp active before svc_export_show * CVE-url: https://ubuntu.com/security/CVE-2024-53174 - SUNRPC: make sure cache entry active before cache_show * CVE-url: https://ubuntu.com/security/CVE-2021-47219 - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() * CVE-url: https://ubuntu.com/security/CVE-2024-50269 - usb: musb: sunxi: Fix accessing an released usb phy * CVE-url: https://ubuntu.com/security/CVE-2024-57908 - iio: imu: kmx61: fix information leak in triggered buffer

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb dd5e48f4f31ed61bbe4850a83ac0a6c1edc23c88 linux-buildinfo-4.15.0-246-tuxcare.els34-lowlatency_4.15.0-246.257_amd64.deb d782f94ef7efd3d270d5a5ab58de7c739bd756ee linux-cloud-tools-4.15.0-246-tuxcare.els34_4.15.0-246.257_amd64.deb 1090dd336f7f727ed676e4c347fe2fc3c44879a9 linux-cloud-tools-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb e925d9105f203b936e8f3eae49bc36482a243dad linux-cloud-tools-4.15.0-246-tuxcare.els34-lowlatency_4.15.0-246.257_amd64.deb 8e57915bd41e004b4d8d06591e3bae0b78891ac6 linux-cloud-tools-common_4.15.0-246.257_all.deb 42ee448159d01897b995b03dca0f6491742572af linux-cloud-tools-generic_4.15.0.246.257_amd64.deb 5d57c300c1610636d1f0031bc492a6b267577459 linux-cloud-tools-lowlatency_4.15.0.246.257_amd64.deb bc3b4df1b4adf36f97d610d0094bc1b5b7eade97 linux-crashdump_4.15.0.246.257_amd64.deb 43369e2f44a04a5fd7cecf0a9e09d20389ad69dc linux-doc_4.15.0-246.257_all.deb 3f2cea81c349bd336069e1daa075d2d93553c118 linux-generic_4.15.0.246.257_amd64.deb 74e1012fe6c5f4c5fe4b8dda5adc6b3df126220c linux-headers-4.15.0-246-tuxcare.els34_4.15.0-246.257_all.deb 097ca50994414f4e8ec7199093fac98ea19955a7 linux-headers-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb 25e75c8cfdc26c1589653bc79f95fac5088289e7 linux-headers-4.15.0-246-tuxcare.els34-lowlatency_4.15.0-246.257_amd64.deb 505d8b4abb1a481a5700395797c8db3c32c372bc linux-headers-generic_4.15.0.246.257_amd64.deb 7486912cda769a6641924eb28ed01cc44f789722 linux-headers-lowlatency_4.15.0.246.257_amd64.deb b312887df4d5a7d87e4a3aa58b9d78723b0e8709 linux-image-generic_4.15.0.246.257_amd64.deb 4b2696a65b3c9fcd6fa35e30c215a9a6b882c91c linux-image-lowlatency_4.15.0.246.257_amd64.deb a391747316c389546303f1f4749cbbc6e5080fc5 linux-image-unsigned-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb 8bfce17925923d24978fafdde185605ba0b57275 linux-image-unsigned-4.15.0-246-tuxcare.els34-lowlatency_4.15.0-246.257_amd64.deb cd90c96b3aeea1e319af5fec73d211ae958c8a94 linux-libc-dev_4.15.0-246.257_amd64.deb 4a77493410d15445b18f429f175a8cae0d401215 linux-lowlatency_4.15.0.246.257_amd64.deb 6c6c5b162ff6fb0e80e2cbfa413229b89598ef94 linux-modules-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb df95178f332b8b2f9560783087daa431b193b7ec linux-modules-4.15.0-246-tuxcare.els34-lowlatency_4.15.0-246.257_amd64.deb 12fe233e2b0b0c0de3974e47bca5c27819691df8 linux-modules-extra-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb 1cfaec5ff97ce10807148feb780eb8ce2992929e linux-source_4.15.0.246.257_all.deb e29049b6904ffbfe2803fc6a93cf334f6e7843e8 linux-source-4.15.0_4.15.0-246.257_all.deb 92b1ac30e25fe60adb8e2cbdbe70beb2dd074128 linux-tools-4.15.0-246-tuxcare.els34_4.15.0-246.257_amd64.deb e51ee79c15f15da007287f34e80727be5e7756c9 linux-tools-4.15.0-246-tuxcare.els34-generic_4.15.0-246.257_amd64.deb 7e4327b9988789ea702447ee0e095ba6e9c575cd linux-tools-4.15.0-246-tuxcare.els34-lowlatency_4.15.0-246.257_amd64.deb f1a96d349d993f1e77d64a0ffef5f7b3e8050d9f linux-tools-common_4.15.0-246.257_all.deb 01a43dae64e86a3eac65d99b308b75ffd2539e37 linux-tools-generic_4.15.0.246.257_amd64.deb c53a04218e1eb1d8d492024abe394f385c213acf linux-tools-host_4.15.0-246.257_all.deb 97f7e14b3c44c26cd1c13987de39439e478a60ec linux-tools-lowlatency_4.15.0.246.257_amd64.deb a71542a43152de3a4e4317a71317c2b605f6050e CLSA-2025:1744219291 TuxCare License Agreement 0 * Bump ABI 4.15.0-246 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-246

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.246.257_amd64.deb 5d57c300c1610636d1f0031bc492a6b267577459 linux-cloud-tools-lowlatency_4.15.0.246.257_amd64.deb bc3b4df1b4adf36f97d610d0094bc1b5b7eade97 linux-crashdump_4.15.0.246.257_amd64.deb 43369e2f44a04a5fd7cecf0a9e09d20389ad69dc linux-generic_4.15.0.246.257_amd64.deb 74e1012fe6c5f4c5fe4b8dda5adc6b3df126220c linux-headers-generic_4.15.0.246.257_amd64.deb 7486912cda769a6641924eb28ed01cc44f789722 linux-headers-lowlatency_4.15.0.246.257_amd64.deb b312887df4d5a7d87e4a3aa58b9d78723b0e8709 linux-image-generic_4.15.0.246.257_amd64.deb 4b2696a65b3c9fcd6fa35e30c215a9a6b882c91c linux-image-lowlatency_4.15.0.246.257_amd64.deb a391747316c389546303f1f4749cbbc6e5080fc5 linux-lowlatency_4.15.0.246.257_amd64.deb 6c6c5b162ff6fb0e80e2cbfa413229b89598ef94 linux-source_4.15.0.246.257_all.deb e29049b6904ffbfe2803fc6a93cf334f6e7843e8 linux-tools-generic_4.15.0.246.257_amd64.deb c53a04218e1eb1d8d492024abe394f385c213acf linux-tools-lowlatency_4.15.0.246.257_amd64.deb a71542a43152de3a4e4317a71317c2b605f6050e CLSA-2025:1744709445 TuxCare License Agreement 0 * SECURITY UPDATE: insufficiently Random Passwords Leakage - debian/patches/CVE-2020-10729.patch: Fix caching of Jinja2 expressions to prevent caching dynamic results - CVE-2020-10729 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insufficiently Random Passwords Leakage - debian/patches/CVE-2020-10729.patch: Fix caching of Jinja2 expressions to prevent caching dynamic results - CVE-2020-10729

0 tuxcare-ubuntu18.04-els ansible_2.5.1+dfsg-1ubuntu0.1+tuxcare.els6_all.deb 5b0b8f510d8798e0703ddb2b0422fe77a716ddfd CLSA-2025:1744710425 TuxCare License Agreement 0 * SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594 * UPDATE CERTIFICATES: Renew sample keys - debian/patches/sample-keys-renew.patch: Renew sample keys for 10 years Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594 * UPDATE CERTIFICATES: Renew sample keys - debian/patches/sample-keys-renew.patch: Renew sample keys for 10 years

0 tuxcare-ubuntu18.04-els openvpn_2.4.4-2ubuntu1.7+tuxcare.els1_amd64.deb 3d070fadde56d129af7241c34fd7a947dd51b5f9 CLSA-2025:1744874696 TuxCare License Agreement 0 * SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Quadratic complexity, resulting in excess CPU while parsing - debian/patches/CVE-2024-7592.patch: fix quadratic complexity in parsing "-quoted cookie values with backslashes - CVE-2024-7592

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_all.deb c64c23aa2ca27870806339230ec960d77ffbe2f3 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb 73f0c9247f80fd3d8321b6f6ed8e7a552ca238cd libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb 89346be200b482dbe1f520b5c4efe20243ef6bbe libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb da6094bee65da5504ff5022d73bf0b1ac8b694cd libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb 0a08d1dd22e7dd1fafe1eca7de9c216eb01aab0b libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_all.deb 186546557d99e806a3c99caa285c86fda3a6d19d python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb edbd6c6bd1d4570db6d9837715e84507dae08d97 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb cc262ee2932f363d33be60536ac8bbda46275537 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_all.deb 55bda1b16bc1a16ede349cbaa5a39764e8389f9f python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_all.deb 2b8c3e59e4bee800529fd6dba66657abbbda15cb python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb 15def16d9c26094cff3ddeca613b20c8837551de python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els12_amd64.deb 12f57594aa6b31cbaa1c7975b4b4a103dc868c8d CLSA-2025:1745052021 TuxCare License Agreement 0 * SECURITY UPDATE: password disclosure via svn module argument - debian/patches/CVE-2020-1739.patch: Fix security issue by providing password securely with --password-from-stdin option and warn if svn version is too old to support it - CVE-2020-1739 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: password disclosure via svn module argument - debian/patches/CVE-2020-1739.patch: Fix security issue by providing password securely with --password-from-stdin option and warn if svn version is too old to support it - CVE-2020-1739

0 tuxcare-ubuntu18.04-els ansible_2.5.1+dfsg-1ubuntu0.1+tuxcare.els7_all.deb 4289ffd5a9034d9de41a6366384f1b0874d06c9b CLSA-2025:1747430081 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length * CVE-url: https://ubuntu.com/security/CVE-2024-46745 - Input: uinput - reject requests with unreasonable number of slots * CVE-url: https://ubuntu.com/security/CVE-2024-44952 - driver core: Fix uevent_show() vs driver detach race * CVE-url: https://ubuntu.com/security/CVE-2024-42304 - ext4: make sure the first directory block is not a hole * CVE-url: https://ubuntu.com/security/CVE-2024-42305 - ext4: check dot and dotdot of dx_root before making dir indexed * CVE-url: https://ubuntu.com/security/CVE-2024-53168 - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket * CVE-url: https://ubuntu.com/security/CVE-2024-49925 - driver core: add dev_groups to all drivers - driver core: Fix error return code in really_probe() - fbdev: efifb: Register sysfs groups through driver core * CVE-url: https://ubuntu.com/security/CVE-2024-56661 - tipc: fix NULL deref in cleanup_bearer() * CVE-url: https://ubuntu.com/security/CVE-2024-56642 - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). * CVE-url: https://ubuntu.com/security/CVE-2021-47163 - tipc: wait and exit until all work queues are done * CVE-url: https://ubuntu.com/security/CVE-2024-26915 - drm/amdgpu: fix IH overflow on Vega10 v2 - drm/amdgpu: Add check to prevent IH overflow - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit * CVE-url: https://ubuntu.com/security/CVE-2024-56770 - net/sched: netem: account for backlog updates from child qdisc - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() * CVE-url: https://ubuntu.com/security/CVE-2024-50296 - net: hns3: fix kernel crash when uninstalling driver * CVE-url: https://ubuntu.com/security/CVE-2024-53066 - nfs: Fix KMSAN warning in decode_getfattr_attrs() * CVE-url: https://ubuntu.com/security/CVE-2024-49944 - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start * CVE-url: https://ubuntu.com/security/CVE-2024-50237 - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower * CVE-url: https://ubuntu.com/security/CVE-2024-46780 - nilfs2: protect references to superblock parameters exposed in sysfs * CVE-url: https://ubuntu.com/security/CVE-2024-53063 - media: dvbdev: prevent the risk of out of memory access - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set * CVE-url: https://ubuntu.com/security/CVE-2023-52927 - netfilter: allow exp not to be removed in nf_ct_find_expectation * CVE-url: https://ubuntu.com/security/CVE-2021-47150 - net: fec: fix the potential memory leak in fec_enet_init() * CVE-url: https://ubuntu.com/security/CVE-2024-53140 - netlink: terminate outstanding dump on socket close * CVE-url: https://ubuntu.com/security/CVE-2025-21971 - net_sched: Prevent creation of classes with TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2025-37785 - ext4: fix OOB read when checking dotdot dir * CVE-url: https://ubuntu.com/security/CVE-2023-52572 - cifs: Fix UAF in cifs_demultiplex_thread() * CVE-url: https://ubuntu.com/security/CVE-2022-49738 - f2fs: fix to do sanity check on summary info - f2fs: should put a page when checking the summary info - f2fs: fix to do sanity check on i_extra_isize in is_alive() * CVE-url: https://ubuntu.com/security/CVE-2022-49740 - wifi: brcmfmac: Check the count value of channel spec to prevent out-of- bounds reads * CVE-url: https://ubuntu.com/security/ - ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules * CVE-url: https://ubuntu.com/security/CVE-2023-53020 - l2tp: close all race conditions in l2tp_tunnel_register() * CVE-url: https://ubuntu.com/security/CVE-2025-21957 - scsi: qla1280: Fix kernel oops when debug level > 2 * CVE-url: https://ubuntu.com/security/CVE-2025-21948 - HID: appleir: Fix potential NULL dereference at raw event handle * CVE-url: https://ubuntu.com/security/CVE-2023-52936 - debugfs: add debugfs_lookup_and_remove() - kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() * CVE-url: https://ubuntu.com/security/CVE-2025-21912 - gpio: rcar: Use raw_spinlock to protect register access * CVE-url: https://ubuntu.com/security/CVE-2025-21922 - ppp: Fix KMSAN uninit-value warning with bpf * CVE-url: https://ubuntu.com/security/CVE-2025-21891 - ipvlan: ensure network headers are in skb linear part * CVE-url: https://ubuntu.com/security/CVE-2025-21959 - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() * CVE-url: https://ubuntu.com/security/CVE-2025-21996 - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() * CVE-url: https://ubuntu.com/security/CVE-2025-21928 - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() * CVE-url: https://ubuntu.com/security/CVE-2025-21917 - usb: renesas_usbhs: Flush the notify_hotplug_work * CVE-url: https://ubuntu.com/security/CVE-2023-53001 - drm/drm_vma_manager: Add drm_vma_node_allow_once() * CVE-url: https://ubuntu.com/security/CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd * CVE-url: https://ubuntu.com/security/CVE-2025-21920 - vlan: enforce underlying device type * CVE-url: https://ubuntu.com/security/CVE-2025-21904 - caif_virtio: fix wrong pointer check in cfv_probe() * CVE-url: https://ubuntu.com/security/CVE-2024-56658 - net: defer final 'struct net' free in netns dismantle * CVE-url: https://ubuntu.com/security/CVE-2022-23041 - xen/pvcalls: use alloc/free_pages_exact() * CVE-url: https://ubuntu.com/security/CVE-2024-50265 - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46826 - ELF: fix kernel.randomize_va_space double read * CVE-url: https://ubuntu.com/security/CVE-2025-21700 - net: sched: Disallow replacing of child qdisc from one parent to another * CVE-url: https://ubuntu.com/security/CVE-2025-21702 - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 * CVE-url: https://ubuntu.com/security/CVE-2024-50167 - be2net: fix potential memory leak in be_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-49952 - netfilter: nf_tables: prevent nf_skb_duplicated corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49948 - net: add more sanity checks to qdisc_pkt_len_init() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length * CVE-url: https://ubuntu.com/security/CVE-2024-46745 - Input: uinput - reject requests with unreasonable number of slots * CVE-url: https://ubuntu.com/security/CVE-2024-44952 - driver core: Fix uevent_show() vs driver detach race * CVE-url: https://ubuntu.com/security/CVE-2024-42304 - ext4: make sure the first directory block is not a hole * CVE-url: https://ubuntu.com/security/CVE-2024-42305 - ext4: check dot and dotdot of dx_root before making dir indexed * CVE-url: https://ubuntu.com/security/CVE-2024-53168 - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket * CVE-url: https://ubuntu.com/security/CVE-2024-49925 - driver core: add dev_groups to all drivers - driver core: Fix error return code in really_probe() - fbdev: efifb: Register sysfs groups through driver core * CVE-url: https://ubuntu.com/security/CVE-2024-56661 - tipc: fix NULL deref in cleanup_bearer() * CVE-url: https://ubuntu.com/security/CVE-2024-56642 - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). * CVE-url: https://ubuntu.com/security/CVE-2021-47163 - tipc: wait and exit until all work queues are done * CVE-url: https://ubuntu.com/security/CVE-2024-26915 - drm/amdgpu: fix IH overflow on Vega10 v2 - drm/amdgpu: Add check to prevent IH overflow - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit * CVE-url: https://ubuntu.com/security/CVE-2024-56770 - net/sched: netem: account for backlog updates from child qdisc - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() * CVE-url: https://ubuntu.com/security/CVE-2024-50296 - net: hns3: fix kernel crash when uninstalling driver * CVE-url: https://ubuntu.com/security/CVE-2024-53066 - nfs: Fix KMSAN warning in decode_getfattr_attrs() * CVE-url: https://ubuntu.com/security/CVE-2024-49944 - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start * CVE-url: https://ubuntu.com/security/CVE-2024-50237 - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower * CVE-url: https://ubuntu.com/security/CVE-2024-46780 - nilfs2: protect references to superblock parameters exposed in sysfs * CVE-url: https://ubuntu.com/security/CVE-2024-53063 - media: dvbdev: prevent the risk of out of memory access - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set * CVE-url: https://ubuntu.com/security/CVE-2023-52927 - netfilter: allow exp not to be removed in nf_ct_find_expectation * CVE-url: https://ubuntu.com/security/CVE-2021-47150 - net: fec: fix the potential memory leak in fec_enet_init() * CVE-url: https://ubuntu.com/security/CVE-2024-53140 - netlink: terminate outstanding dump on socket close * CVE-url: https://ubuntu.com/security/CVE-2025-21971 - net_sched: Prevent creation of classes with TC_H_ROOT * CVE-url: https://ubuntu.com/security/CVE-2025-37785 - ext4: fix OOB read when checking dotdot dir * CVE-url: https://ubuntu.com/security/CVE-2023-52572 - cifs: Fix UAF in cifs_demultiplex_thread() * CVE-url: https://ubuntu.com/security/CVE-2022-49738 - f2fs: fix to do sanity check on summary info - f2fs: should put a page when checking the summary info - f2fs: fix to do sanity check on i_extra_isize in is_alive() * CVE-url: https://ubuntu.com/security/CVE-2022-49740 - wifi: brcmfmac: Check the count value of channel spec to prevent out-of- bounds reads * CVE-url: https://ubuntu.com/security/ - ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules * CVE-url: https://ubuntu.com/security/CVE-2023-53020 - l2tp: close all race conditions in l2tp_tunnel_register() * CVE-url: https://ubuntu.com/security/CVE-2025-21957 - scsi: qla1280: Fix kernel oops when debug level > 2 * CVE-url: https://ubuntu.com/security/CVE-2025-21948 - HID: appleir: Fix potential NULL dereference at raw event handle * CVE-url: https://ubuntu.com/security/CVE-2023-52936 - debugfs: add debugfs_lookup_and_remove() - kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() * CVE-url: https://ubuntu.com/security/CVE-2025-21912 - gpio: rcar: Use raw_spinlock to protect register access * CVE-url: https://ubuntu.com/security/CVE-2025-21922 - ppp: Fix KMSAN uninit-value warning with bpf * CVE-url: https://ubuntu.com/security/CVE-2025-21891 - ipvlan: ensure network headers are in skb linear part * CVE-url: https://ubuntu.com/security/CVE-2025-21959 - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() * CVE-url: https://ubuntu.com/security/CVE-2025-21996 - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() * CVE-url: https://ubuntu.com/security/CVE-2025-21928 - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() * CVE-url: https://ubuntu.com/security/CVE-2025-21917 - usb: renesas_usbhs: Flush the notify_hotplug_work * CVE-url: https://ubuntu.com/security/CVE-2023-53001 - drm/drm_vma_manager: Add drm_vma_node_allow_once() * CVE-url: https://ubuntu.com/security/CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd * CVE-url: https://ubuntu.com/security/CVE-2025-21920 - vlan: enforce underlying device type * CVE-url: https://ubuntu.com/security/CVE-2025-21904 - caif_virtio: fix wrong pointer check in cfv_probe() * CVE-url: https://ubuntu.com/security/CVE-2024-56658 - net: defer final 'struct net' free in netns dismantle * CVE-url: https://ubuntu.com/security/CVE-2022-23041 - xen/pvcalls: use alloc/free_pages_exact() * CVE-url: https://ubuntu.com/security/CVE-2024-50265 - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() * CVE-url: https://ubuntu.com/security/CVE-2024-46826 - ELF: fix kernel.randomize_va_space double read * CVE-url: https://ubuntu.com/security/CVE-2025-21700 - net: sched: Disallow replacing of child qdisc from one parent to another * CVE-url: https://ubuntu.com/security/CVE-2025-21702 - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 * CVE-url: https://ubuntu.com/security/CVE-2024-50167 - be2net: fix potential memory leak in be_xmit() * CVE-url: https://ubuntu.com/security/CVE-2024-49952 - netfilter: nf_tables: prevent nf_skb_duplicated corruption * CVE-url: https://ubuntu.com/security/CVE-2024-49948 - net: add more sanity checks to qdisc_pkt_len_init()

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb 8b3f34a91b5c656e579831fbf6ab5e4be52fc48a linux-buildinfo-4.15.0-247-tuxcare.els35-lowlatency_4.15.0-247.258_amd64.deb e04ff1aaf92ebea769f0388b99625edea27a900d linux-cloud-tools-4.15.0-247-tuxcare.els35_4.15.0-247.258_amd64.deb 9804c0cabec0a9046ae471468fef06b319fc3374 linux-cloud-tools-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb cc06445e57c66e31ecda3b46aaea26228590978b linux-cloud-tools-4.15.0-247-tuxcare.els35-lowlatency_4.15.0-247.258_amd64.deb 60f707cde626de09afdee0be31ecd111bcf29bd6 linux-cloud-tools-common_4.15.0-247.258_all.deb 3bafdf3df81339f7228de6da62bddc550220cac1 linux-cloud-tools-generic_4.15.0.247.258_amd64.deb ff107886a8feb418731c3dd0769c562c0699382f linux-cloud-tools-lowlatency_4.15.0.247.258_amd64.deb 7439c7415000f27883a70bb74567494110f75bce linux-crashdump_4.15.0.247.258_amd64.deb eaef5deda59bb612f4271f92ba8673785bc42545 linux-doc_4.15.0-247.258_all.deb dea1dd89d41db1651f8db3eeeea9772f49491072 linux-generic_4.15.0.247.258_amd64.deb 147ab2281419d1769f6f2cef1fd2cad170ed98c6 linux-headers-4.15.0-247-tuxcare.els35_4.15.0-247.258_all.deb 11a55e7d90668310f794e9b55b7a3701ae1490d2 linux-headers-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb e7b668a194d019f67b797020be5bc588832f7a5d linux-headers-4.15.0-247-tuxcare.els35-lowlatency_4.15.0-247.258_amd64.deb d848be223c91bba0bff4c04a37cc298dc62d2141 linux-headers-generic_4.15.0.247.258_amd64.deb 4a564cd59f0eae774e5c02b0227dee5e2fdce871 linux-headers-lowlatency_4.15.0.247.258_amd64.deb 93eb41188383d5b33f30d94e5afb6126a9af967b linux-image-generic_4.15.0.247.258_amd64.deb 5b8f98e3fd8b6b26e2623239d008f6ec196cf425 linux-image-lowlatency_4.15.0.247.258_amd64.deb 8bb1b45caf43e2dee46cafd120e40ff69460fe1b linux-image-unsigned-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb 75ecee9e33936b40caeb46424b8a1bda60199740 linux-image-unsigned-4.15.0-247-tuxcare.els35-lowlatency_4.15.0-247.258_amd64.deb e6b15333e7cf0a3860a21023bb4fe61f92e3fffe linux-libc-dev_4.15.0-247.258_amd64.deb adc6111638ea3099a3df24f3e1a6ebe83f3b0920 linux-lowlatency_4.15.0.247.258_amd64.deb 39dda413347581f494157ba916c562f25de50904 linux-modules-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb 9b4304c9d13efe1f8ec7546a20af7563babe419c linux-modules-4.15.0-247-tuxcare.els35-lowlatency_4.15.0-247.258_amd64.deb 17d3b00bf1c750f35a5ef3b6cd03088ee9da6c40 linux-modules-extra-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb 8ffaa5868d246e33a5f9ce56c7a13463137ad8a2 linux-source_4.15.0.247.258_all.deb b7d1fa2dd6d9f525d74f7ef27a1419713b48c8bf linux-source-4.15.0_4.15.0-247.258_all.deb 0d63a207169f96bbea9a0deace004852884b6de6 linux-tools-4.15.0-247-tuxcare.els35_4.15.0-247.258_amd64.deb 218330488abd13e5cbdbcecc7caff92859759f31 linux-tools-4.15.0-247-tuxcare.els35-generic_4.15.0-247.258_amd64.deb 7977e6fa9c0da6204c0da2252fffa2f20a08b568 linux-tools-4.15.0-247-tuxcare.els35-lowlatency_4.15.0-247.258_amd64.deb c5bcaeaad8b8857bad35a504f816093828f72e98 linux-tools-common_4.15.0-247.258_all.deb 12535ff41cf17aefe5d569509b567d8b2e704f1c linux-tools-generic_4.15.0.247.258_amd64.deb fd4b0a63e0552f264ece4f8b23ce3d1feb9fd832 linux-tools-host_4.15.0-247.258_all.deb 929ec71649b3a1ba0995b5acc5984b2c9e1aaa2d linux-tools-lowlatency_4.15.0.247.258_amd64.deb 89d6302066aa7e3312faa06f11f08d235fc38d8f CLSA-2025:1747431031 TuxCare License Agreement 0 * Bump ABI 4.15.0-247 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-247

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.247.258_amd64.deb ff107886a8feb418731c3dd0769c562c0699382f linux-cloud-tools-lowlatency_4.15.0.247.258_amd64.deb 7439c7415000f27883a70bb74567494110f75bce linux-crashdump_4.15.0.247.258_amd64.deb eaef5deda59bb612f4271f92ba8673785bc42545 linux-generic_4.15.0.247.258_amd64.deb 147ab2281419d1769f6f2cef1fd2cad170ed98c6 linux-headers-generic_4.15.0.247.258_amd64.deb 4a564cd59f0eae774e5c02b0227dee5e2fdce871 linux-headers-lowlatency_4.15.0.247.258_amd64.deb 93eb41188383d5b33f30d94e5afb6126a9af967b linux-image-generic_4.15.0.247.258_amd64.deb 5b8f98e3fd8b6b26e2623239d008f6ec196cf425 linux-image-lowlatency_4.15.0.247.258_amd64.deb 8bb1b45caf43e2dee46cafd120e40ff69460fe1b linux-lowlatency_4.15.0.247.258_amd64.deb 39dda413347581f494157ba916c562f25de50904 linux-source_4.15.0.247.258_all.deb b7d1fa2dd6d9f525d74f7ef27a1419713b48c8bf linux-tools-generic_4.15.0.247.258_amd64.deb fd4b0a63e0552f264ece4f8b23ce3d1feb9fd832 linux-tools-lowlatency_4.15.0.247.258_amd64.deb 89d6302066aa7e3312faa06f11f08d235fc38d8f CLSA-2025:1747689263 TuxCare License Agreement 0 * SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 * SECURITY UPDATE: Heap buffer under-read in XML schema validation - debian/patches/CVE-2025-32415.patch: Fix heap buffer overflow in xmlSchemaIDCFillNodeTables - CVE-2025-32415 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 * SECURITY UPDATE: Heap buffer under-read in XML schema validation - debian/patches/CVE-2025-32415.patch: Fix heap buffer overflow in xmlSchemaIDCFillNodeTables - CVE-2025-32415

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els3_amd64.deb fefb720955d391f95c4dc0a6a72c0a0d2d5dd715 libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els3_amd64.deb b52b0e2b839e0a4abcce14aa258b1448912e33c3 libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els3_all.deb 370bbb662d79ea78043a42313bc10f08ac717025 libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els3_amd64.deb 14ec593717c7f3c2a1b43c81c2149b5f5f5d0416 python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els3_amd64.deb 0b6cc6f54a864bcbfd1da6690c0960124ba22ac6 python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els3_amd64.deb 9ade75e576c3dd5638c4a94d92d803bdb8224e49 CLSA-2025:1747854434 TuxCare License Agreement 0 * SECURITY UPDATE: Path names provided when creating a virtual environment were not quoted properly - debian/patches/CVE-2024-9287.patch: Quote template strings in `venv` activation - CVE-2024-9287 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Path names provided when creating a virtual environment were not quoted properly - debian/patches/CVE-2024-9287.patch: Quote template strings in `venv` activation - CVE-2024-9287

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_all.deb 500d2a1780a59aa16326f9535ffbc3ab282caa1a libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb cacf5919f58056337ca1cebe15cddaac41e12b4f libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb bf4b4c7d03ee06d98788abf23c5800a9c36fec9a libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb 5bb6abd7c7300ada4d89c996ae406ef9be48f4eb libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb 6d6f4a67d5c440d634784e5def3e3c944450c190 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_all.deb 1bf41cb20154d6403e399f94570b06ba65f2d0dd python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb 27650427027655c5b3b1f978e7d3edc34629b1c5 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb 6cbc0710c6199232344c8a46e018e2080082aebf python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_all.deb 68517123dbd466e509c1bbd9f4c8fee67fa264c4 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_all.deb f070ae8c2037f639fd9efc672254a8772a20f3ab python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb 3e3756ddba3dffa0e0cb5dddaa86f52bfe9b596f python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els13_amd64.deb de3b1411ed64f3df0da58d2e32502d03ae1b7ea8 CLSA-2025:1748014298 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-04-10: - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x00860F81(ver:0x08608108); - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206), cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107), cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D), cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209), cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011), cpuid:0x00A20F12(ver:0x0A201210); - Update AMD CPU microcode for processor family 0x17: cpuid:0x008A0F00(ver:0x08A0000A); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-04-10: - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x00860F81(ver:0x08608108); - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206), cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107), cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D), cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209), cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011), cpuid:0x00A20F12(ver:0x0A201210); - Update AMD CPU microcode for processor family 0x17: cpuid:0x008A0F00(ver:0x08A0000A);

0 tuxcare-ubuntu18.04-els amd64-microcode_3.20250410.1ubuntu0.18.04.1+tuxcare.els1_amd64.deb b8d59f18c7f5ad33de26d74d74d0596dfc796e06 CLSA-2025:1748282295 TuxCare License Agreement 0 * SECURITY UPDATE: Misc vulnerability fixes - CVE-2019-12418, CVE-2019-17563, CVE-2020-1935, CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-13943, CVE-2020-17527, CVE-2021-24122, CVE-2021-30639, CVE-2021-30640, CVE-2021-33037, CVE-2021-42340, CVE-2021-43980, CVE-2022-25762, CVE-2022-34305, CVE-2022-45143, CVE-2023-24998, CVE-2023-28709, CVE-2023-34981, CVE-2023-42794, CVE-2024-21733 * Update to 8.5.100 - debian/rules, debian/libtomcat8-java.poms, debian/maven.rules, debian/tomcat8-common.links, debian/patches/0018-fix-manager-webapp.patch, debian/patches/0019-add-distribution-to-error-page.patch, debian/patches/0021-dont-test-unsupported-ciphers.patch, debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: updated - debian/patches/0002-do-not-load-AJP13-connector-by-default.patch, debian/patches/0026-easymock4-compatibility.patch: removed as they were applied in upstream - CVE-2019-0221.patch, CVE-2019-10072-1.patch, CVE-2019-10072-2.patch, CVE-2022-42252.patch, CVE-2020-1938.patch, CVE-2021-25122.patch, CVE-2021-41079.patch, CVE-2022-29885.patch, CVE-2020-9484.patch, CVE-2021-25329-pre1.patch, CVE-2021-25329.patch, CVE-2022-23181.patch, CVE-2023-44487.patch, CVE-2023-46589-pre1.patch, CVE-2023-46589-pre2.patch, CVE-2023-46589-pre3.patch, CVE-2023-46589-pre4.patch, CVE-2023-46589.patch: removed because these CVEs were fixed in upstream * Internal tests - debian/test_certs/*: updated from upstream branch 9.0.x, as the 8.0.x certs were expired Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Misc vulnerability fixes - CVE-2019-12418, CVE-2019-17563, CVE-2020-1935, CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-13943, CVE-2020-17527, CVE-2021-24122, CVE-2021-30639, CVE-2021-30640, CVE-2021-33037, CVE-2021-42340, CVE-2021-43980, CVE-2022-25762, CVE-2022-34305, CVE-2022-45143, CVE-2023-24998, CVE-2023-28709, CVE-2023-34981, CVE-2023-42794, CVE-2024-21733 * Update to 8.5.100 - debian/rules, debian/libtomcat8-java.poms, debian/maven.rules, debian/tomcat8-common.links, debian/patches/0018-fix-manager-webapp.patch, debian/patches/0019-add-distribution-to-error-page.patch, debian/patches/0021-dont-test-unsupported-ciphers.patch, debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: updated - debian/patches/0002-do-not-load-AJP13-connector-by-default.patch, debian/patches/0026-easymock4-compatibility.patch: removed as they were applied in upstream - CVE-2019-0221.patch, CVE-2019-10072-1.patch, CVE-2019-10072-2.patch, CVE-2022-42252.patch, CVE-2020-1938.patch, CVE-2021-25122.patch, CVE-2021-41079.patch, CVE-2022-29885.patch, CVE-2020-9484.patch, CVE-2021-25329-pre1.patch, CVE-2021-25329.patch, CVE-2022-23181.patch, CVE-2023-44487.patch, CVE-2023-46589-pre1.patch, CVE-2023-46589-pre2.patch, CVE-2023-46589-pre3.patch, CVE-2023-46589-pre4.patch, CVE-2023-46589.patch: removed because these CVEs were fixed in upstream * Internal tests - debian/test_certs/*: updated from upstream branch 9.0.x, as the 8.0.x certs were expired

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb ef1962176b52df47b9274329bb15fa3dbbd3f79c libtomcat8-java_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb 4720a9bb2a806b33907e05be4a21bf9af93bc3fe tomcat8_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb 08597c3601d824d84e679a7c710227b76d9558ef tomcat8-admin_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb ddba3452fe6544745746a4ab136c32f5a568b7cc tomcat8-common_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb b4c705fc181992bca842336027c3caa08222f75e tomcat8-docs_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb 0c13d60236f1a1aa934b41bd9e7af2c59bd3a36e tomcat8-examples_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb d781581cc6290735cd5c6cd4e5bb1cd6c69e276b tomcat8-user_8.5.100-1ubuntu1~18.04.1+tuxcare.els1_all.deb 15c5750daf03dcdb88e569c60480c639d901ff1e CLSA-2025:1749548422 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2025-21811 - nilfs2: protect access to buffers with no active references * CVE-url: https://ubuntu.com/security/CVE-2025-21715 - net: davicom: fix UAF in dm9000_drv_remove * CVE-url: https://ubuntu.com/security/CVE-2024-58083 - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() * CVE-url: https://ubuntu.com/security/CVE-2024-57979 - pps: Fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2025-21898 - ftrace: Avoid potential division by zero in function_stat_show() * CVE-url: https://ubuntu.com/security/CVE-2025-21993 - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() * CVE-url: https://ubuntu.com/security/CVE-2025-21653 - netlink: add attribute range validation to policy - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute * CVE-url: https://ubuntu.com/security/CVE-2024-53148 - comedi: Flush partial mappings in error case * CVE-url: https://ubuntu.com/security/CVE-2022-49541 - cifs: fix potential double free during failed mount * CVE-url: https://ubuntu.com/security/CVE-2024-35937 - wifi: cfg80211: check A-MSDU format more carefully * CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc * CVE-url: https://ubuntu.com/security/CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-21753 - btrfs: fix use-after-free when attempting to join an aborted transaction * CVE-url: https://ubuntu.com/security/CVE-2025-21934 - rapidio: fix an API misues when rio_add_net() fails Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2025-21811 - nilfs2: protect access to buffers with no active references * CVE-url: https://ubuntu.com/security/CVE-2025-21715 - net: davicom: fix UAF in dm9000_drv_remove * CVE-url: https://ubuntu.com/security/CVE-2024-58083 - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() * CVE-url: https://ubuntu.com/security/CVE-2024-57979 - pps: Fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2025-21898 - ftrace: Avoid potential division by zero in function_stat_show() * CVE-url: https://ubuntu.com/security/CVE-2025-21993 - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() * CVE-url: https://ubuntu.com/security/CVE-2025-21653 - netlink: add attribute range validation to policy - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute * CVE-url: https://ubuntu.com/security/CVE-2024-53148 - comedi: Flush partial mappings in error case * CVE-url: https://ubuntu.com/security/CVE-2022-49541 - cifs: fix potential double free during failed mount * CVE-url: https://ubuntu.com/security/CVE-2024-35937 - wifi: cfg80211: check A-MSDU format more carefully * CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc * CVE-url: https://ubuntu.com/security/CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-21753 - btrfs: fix use-after-free when attempting to join an aborted transaction * CVE-url: https://ubuntu.com/security/CVE-2025-21934 - rapidio: fix an API misues when rio_add_net() fails

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb d0826341ebb7369d9bf588c6f6d9068972409b55 linux-buildinfo-4.15.0-248-tuxcare.els36-lowlatency_4.15.0-248.259_amd64.deb 3280c1537e46eca05ede38696de1aa6bd3efdd2a linux-cloud-tools-4.15.0-248-tuxcare.els36_4.15.0-248.259_amd64.deb 789912ed7fb77dd386ee205be098d5dcc64cefb1 linux-cloud-tools-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb b02859bce3c64a8e7841f09f708645dd997d339f linux-cloud-tools-4.15.0-248-tuxcare.els36-lowlatency_4.15.0-248.259_amd64.deb ed1decc5c12f59153379d42ca2c355e6f5eebe5c linux-cloud-tools-common_4.15.0-248.259_all.deb fe2ce3d55156a487a36231cde46f92ff4ca2c74e linux-doc_4.15.0-248.259_all.deb f5d454fb804eab2e43ca4b3732954b5c063a61a8 linux-headers-4.15.0-248-tuxcare.els36_4.15.0-248.259_all.deb 5fe3bd38cb1f30ad267a2659132d3de3037cabec linux-headers-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb ee7067a786dab122fd53a10239aa99a8b4553ee9 linux-headers-4.15.0-248-tuxcare.els36-lowlatency_4.15.0-248.259_amd64.deb 32e1664a13a8db614c75ac83c81a9749be07db8c linux-image-unsigned-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb 1302c6d079f94e6bb3f6210004ed46e37eb0592f linux-image-unsigned-4.15.0-248-tuxcare.els36-lowlatency_4.15.0-248.259_amd64.deb 58c1eeb8ab6a22bad44603d775a3601b05a4cef0 linux-libc-dev_4.15.0-248.259_amd64.deb d7cc5022962e7d7421242e76552db8288b89a546 linux-modules-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb 78af55b180ad74a99f2f6731a65db2e8243c18ac linux-modules-4.15.0-248-tuxcare.els36-lowlatency_4.15.0-248.259_amd64.deb 87de250cae6e4a40bfd7c337595133b2b2202c3f linux-modules-extra-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb 165b22394f5b9c9e822709a894729ed455526d5e linux-source-4.15.0_4.15.0-248.259_all.deb b893651ca095ea96ee0bb67cec0be8867ad2f22d linux-tools-4.15.0-248-tuxcare.els36_4.15.0-248.259_amd64.deb 1de6b48cf442824f1f55ac066ed455cb4aca0b7c linux-tools-4.15.0-248-tuxcare.els36-generic_4.15.0-248.259_amd64.deb 0ab979cc99fe1436d3c8476f45f6d4fb2b901830 linux-tools-4.15.0-248-tuxcare.els36-lowlatency_4.15.0-248.259_amd64.deb c65920d9675365c91666e35d041189c288391527 linux-tools-common_4.15.0-248.259_all.deb 9004d410b5b27f2c71853410cc71c637e6842b7d linux-tools-host_4.15.0-248.259_all.deb f1af7079be358bd84fa8c10314ab2ad37a5e3d6f CLSA-2025:1749548768 TuxCare License Agreement 0 * Bump ABI 4.15.0-248 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-248

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.248.259_amd64.deb c1f67fb09a74bf4955adc61848102acd100a394f linux-cloud-tools-lowlatency_4.15.0.248.259_amd64.deb 62c759778c6ee3a270b1c228ff0237fff18df96c linux-crashdump_4.15.0.248.259_amd64.deb d024ffb1402ea046a32ad88dd9087b9b1bdc63df linux-generic_4.15.0.248.259_amd64.deb 2e3c591896643613c40b8d8a84dd9c501ebf72c1 linux-headers-generic_4.15.0.248.259_amd64.deb 684c3259f37830bd92befe61b7c6b367656f0fc1 linux-headers-lowlatency_4.15.0.248.259_amd64.deb 02364ec3aac20ab2320d9d13ee0f4321e0c633df linux-image-generic_4.15.0.248.259_amd64.deb fa7fe76c56fed14bdfb4614c332c8a7a13fb38db linux-image-lowlatency_4.15.0.248.259_amd64.deb 730b8110d629fcbbe437e8833a18b127561ff399 linux-lowlatency_4.15.0.248.259_amd64.deb aedeeaf4f975b914eb59cc8ef01e7c5cad5d4d2b linux-source_4.15.0.248.259_all.deb 76f0ff2c68b5d26ff2717451f6bfde07395a3b48 linux-tools-generic_4.15.0.248.259_amd64.deb 94ce3bafddaee525fe4b1e906da652defa9b3855 linux-tools-lowlatency_4.15.0.248.259_amd64.deb 8566eafb502a6b29506910e803380f4c671d1a9f CLSA-2025:1750752721 TuxCare License Agreement 0 * SECURITY UPDATE: Remote code execution - debian/patches/CVE-2025-24813.patch: Delete temporary file right after finishing request processing - CVE-2025-24813 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Remote code execution - debian/patches/CVE-2025-24813.patch: Delete temporary file right after finishing request processing - CVE-2025-24813

0 tuxcare-ubuntu18.04-els libtomcat8-embed-java_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb 138cc40f02e23c38309583c837c3d5a59c8d509e libtomcat8-java_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb 324c82388b70c508899364b55fe5ab478dc8183c tomcat8_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb f0a974ea3ffe523fae40864ca66163b1c00659e5 tomcat8-admin_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb 944914e4f7fe616928f00346d6eae357fecaa9cd tomcat8-common_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb 69c6d24dea4f9277bd0ec7a344ea38767d4b5323 tomcat8-docs_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb 34a180ab994fd83e3db5bba414a7144321a09d7a tomcat8-examples_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb e7ce853f4fb9482b45a81f7a2944030130836292 tomcat8-user_8.5.100-1ubuntu1~18.04.1+tuxcare.els2_all.deb c802740978f7dbd1768d4db94a200b2d88057ae1 CLSA-2025:1750780647 TuxCare License Agreement 0 * SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE:Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE:Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_all.deb d2cce4c8fcf245d72c816d1fa7a75f51e0c15cc4 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb d12726a54af41e800ece772fcfdf4161cb99aad4 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb 82cb9c87d1be48853efe19047e94f1ca2c55b89e libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb 8f194404260b23409a2ee0ef7a1d42f412e64e90 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb a4f87fcba375f7abca39a40d48d818eba91d7bf5 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_all.deb f34a8584444242238ab8bf80dd3c2f16a79a7fd1 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb 0d9209316b618f9b71266cf8ca96821bf6ddf687 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb 960ee30157c160dd61a53ba1619f92977aae81c7 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_all.deb 755e306ece7ba587095c75eb8f0c8e92d0eafcd7 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_all.deb 1f4e74378ea4d1c36f13a948cbd2ac47e6017b75 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb d1a37281e4543c1de46f92e5dbd48e318ea17227 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els14_amd64.deb 7cd5eb3c8bd6262824abcfe9773f06815019d6d5 CLSA-2025:1750780819 TuxCare License Agreement 0 * SECURITY UPDATE: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability - debian/patches/CVE-2025-31651.patch: Enforces rewrite rules to preventing bypass of security constraints in specific configurations - CVE-2025-31651 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability - debian/patches/CVE-2025-31651.patch: Enforces rewrite rules to preventing bypass of security constraints in specific configurations - CVE-2025-31651

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb 80ac4ed8c328b25626918954cc4e21e20439b93e libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb ff2ed9dcfe991993c21e541c309b0ba50e03f148 tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb d7e04a4089b9aef8dd9383c0054cc68901f01dfd tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb a3b1fd7d8e3a0066be7184b6cdd9014fa1e3b747 tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb e6e3cdef9f11c899594ed902ecca33df190216d1 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb e3023a2ecbbefbf2dfd80574c098a63181bbbfe4 tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb c3912f0adb8a827d422a5ecc1a515206f6edc047 tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els13_all.deb 937b7026c2403f4b45dbfc256be8ceec4f853129 CLSA-2025:1750784684 TuxCare License Agreement 0 * SECURITY UPDATE: Untrusted LD_LIBRARY_PATH environment variable vulnerability - debian/patches/any/CVE-2025-4802.patch: Ignore LD_LIBRARY_PATH and debug env var for setuid for static - CVE-2025-4802 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Untrusted LD_LIBRARY_PATH environment variable vulnerability - debian/patches/any/CVE-2025-4802.patch: Ignore LD_LIBRARY_PATH and debug env var for setuid for static - CVE-2025-4802

0 tuxcare-ubuntu18.04-els glibc-doc_2.27-3ubuntu1.6+tuxcare.els6_all.deb 0ea815df918386f5ac2fd9cb956e5adcb8126508 glibc-source_2.27-3ubuntu1.6+tuxcare.els6_all.deb cff08c1f3d3ec62a620da588452c82dbeea0db81 libc-bin_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb 8e005edfa29eff2a1e3811e2a1bc4006bddcb5f7 libc-dev-bin_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb ebd8c2cecea02702b654c54f2bfabb51a2d1aa03 libc6_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb 694b05f56e70cfb43563e86dd5077e44a860e2a3 libc6-dev_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb b6f3aaa633342b75fede4d5e8dac0944a1c88034 libc6-dev-i386_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb d4cc5d84009e6c955fdbb31f4f513222f234319b libc6-dev-x32_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb c41ddecebb347bbbe034c8a82361557564e4e068 libc6-i386_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb abdf561769d550301c857e36237f54b001726454 libc6-pic_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb a8a3fb5ba479987668c6f13204d968768c0a5394 libc6-x32_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb 748cdcc2c3ad18d6e8b5864bc1cb69de296fef53 locales_2.27-3ubuntu1.6+tuxcare.els6_all.deb 12637a6739fa80bb8c44ecdfb491e8e4a190104a locales-all_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb d84011c3c3e87b68250e1e86aa6f9286d261197c multiarch-support_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb 250e845f382e28950751e30ce1a9d5f4e01e3f04 nscd_2.27-3ubuntu1.6+tuxcare.els6_amd64.deb 5b5cf36ebf56ce8f3eeb6d753dfa35776f6b1448 CLSA-2025:1750785613 TuxCare License Agreement 0 * SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728

0 tuxcare-ubuntu18.04-els openssh-client_7.6p1-4ubuntu0.7+tuxcare.els7_amd64.deb 59286facc7e904f86ec654579cb3a7417c6c94be openssh-server_7.6p1-4ubuntu0.7+tuxcare.els7_amd64.deb 800903a061aabef37581eb5c21d04c1e4ce1bb96 openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els7_amd64.deb b62d91a926712b15153e7b8ae51929f9ddd28ad1 ssh_7.6p1-4ubuntu0.7+tuxcare.els7_all.deb d353f4de9c5cb6c3bb052f4299c49bad4aefbebd ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els7_amd64.deb 1ffefba0ce2137516bd8adcf8a48f1873f69a681 CLSA-2025:1751039108 TuxCare License Agreement 0 * New upstream 2025b version: - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V names are now obsolescent. - The main data form now uses %z. - The code now conforms to RFC 8536 for early timestamps. - Support POSIX.1-2024, which removes asctime_r and ctime_r. - Assume POSIX.2-1992 or later for shell scripts. - SUPPORT_C89 now defaults to 1. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New upstream 2025b version: - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V names are now obsolescent. - The main data form now uses %z. - The code now conforms to RFC 8536 for early timestamps. - Support POSIX.1-2024, which removes asctime_r and ctime_r. - Assume POSIX.2-1992 or later for shell scripts. - SUPPORT_C89 now defaults to 1.

0 tuxcare-ubuntu18.04-els tzdata_2025b-0ubuntu0.18.04+tuxcare.els1_all.deb 7e21b628cca2c12ff3b7d08691b0d990da29c7b7 CLSA-2025:1751133506 TuxCare License Agreement 0 * OpenJDK 8u452 release - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-April/019989.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u452 release - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-April/019989.html

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u452-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 9c4db108204baf3933b0a72700e092b0e01a8cc1 openjdk-8-doc_8u452-ga-0ubuntu1~18.04+tuxcare.els1_all.deb a10115bc5860b1938b73e56fc7e3463505eef1b6 openjdk-8-jdk_8u452-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 35b5a9035dff25de592a447218ef490669c54167 openjdk-8-jdk-headless_8u452-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 64bd0ff6be2216ea1d04360ed932364cb0877747 openjdk-8-jre_8u452-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb f911496bbc31ffb06c544459f98a3d4cc25509a1 openjdk-8-jre-headless_8u452-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 138d0194a5f9ed31c133c84bdac208657dfdf58a openjdk-8-jre-zero_8u452-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 9962d63a235a6832eff9bc28c65d1f585954b36e openjdk-8-source_8u452-ga-0ubuntu1~18.04+tuxcare.els1_all.deb e96217239208aae39733ab65a66b826eb2f0c296 CLSA-2025:1751913683 TuxCare License Agreement 0 * OpenJDK 11.0.27 release, build 6. - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-April/043306.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 11.0.27 release, build 6. - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-April/043306.html

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb e81d68bcb1a07783618176d692d722555c6d70db openjdk-11-doc_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_all.deb 577f29785610a38b82a7887009a5dc43699872ae openjdk-11-jdk_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb ec5fa08eb15526a9bd409cc205ec90eff2bfcb34 openjdk-11-jdk-headless_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 679d25d090eba94d90be46cd8b53ea53aad92525 openjdk-11-jre_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 3572940b3f5721c998ef0140b3ddb61ac455500d openjdk-11-jre-headless_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb c1ae0baf0b31984e2b7c8d0ff5864885e7429e0c openjdk-11-jre-zero_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 0b9d94dd53ac8ffd1d07e10584cef1570496871a openjdk-11-source_11.0.27+6-0ubuntu1~18.04.1+tuxcare.els1_all.deb 70a93f8f30ff47587e044cac8c1157167f46e827 CLSA-2025:1752082142 TuxCare License Agreement 0 * Update ca-certificates database to 20250416: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "TWCA CYBER Root CA" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20250416: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "TWCA CYBER Root CA" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023"

0 tuxcare-ubuntu18.04-els ca-certificates_20250416ubuntu0.18.04.1+tuxcare.els1_all.deb 1a8a5c54d8642a82b859b179cdba0273643a9c52 CLSA-2025:1753083608 TuxCare License Agreement 0 * Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53197 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices * CVE-url: https://ubuntu.com/security/CVE-2024-46787 - userfaultfd: fix checks for huge PMDs * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_drr: make drr_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_qfq: make qfq_qlen_notify() idempotent - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50116 // CVE-url: https://ubuntu.com/security/CVE-2024-50116 - nilfs2: fix kernel bug due to missing clearing of buffer delay flag * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49958 // CVE-url: https://ubuntu.com/security/CVE-2024-49958 - ocfs2: reserve space for inline xattr before attaching reflink tree * Focal update: v5.4.286 upstream stable release (LP: #2089558) // CVE-url: https://ubuntu.com/security/CVE-2021-47195 - spi: fix use-after-free of the add_lock mutex * CVE-url: https://ubuntu.com/security/CVE-2021-47469 - spi: Fix deadlock when adding SPI controllers on SPI buses * CVE-url: https://ubuntu.com/security/CVE-2025-39735 - jfs: fix slab-out-of-bounds read in ea_get() * CVE-url: https://ubuntu.com/security/CVE-2025-22020 - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove * CVE-url: https://ubuntu.com/security/CVE-2025-22004 - net: atm: fix use after free in lec_send() * CVE-url: https://ubuntu.com/security/CVE-2025-39688 - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() * CVE-url: https://ubuntu.com/security/CVE-2022-49892 - ftrace: Fix use-after-free for dynamic ftrace_ops * CVE-url: https://ubuntu.com/security/CVE-2021-47293 - net/sched: act_skbmod: Skip non-Ethernet packets * CVE-url: https://ubuntu.com/security/CVE-2024-50106 - nfsd: simplify nfs4_put_deleg_lease calls - nfsd: factor out common delegation-destruction code - nfsd: Fix race to FREE_STATEID and cl_revoked - nfsd: don't call functions with side-effecting inside WARN_ON() - nfsd: remove fault injection code - nfsd: avoid race after unhash_delegation_locked() - nfsd4: don't set lock stateid's sc_type to CLOSED - nfsd: split sc_status out of sc_type - nfsd: fix race between laundromat and free_stateid * CVE-url: https://ubuntu.com/security/CVE-2024-57982 - xfrm: state: fix out-of-bounds read during lookup * CVE-url: https://ubuntu.com/security/CVE-2023-52588 - f2fs: fix to tag gcing flag on page during block migration * Miscellaneous Ubuntu changes - [Config] updateconfigs for NFSD_FAULT_INJECTION Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53197 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices * CVE-url: https://ubuntu.com/security/CVE-2024-46787 - userfaultfd: fix checks for huge PMDs * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_drr: make drr_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_qfq: make qfq_qlen_notify() idempotent - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50116 // CVE-url: https://ubuntu.com/security/CVE-2024-50116 - nilfs2: fix kernel bug due to missing clearing of buffer delay flag * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49958 // CVE-url: https://ubuntu.com/security/CVE-2024-49958 - ocfs2: reserve space for inline xattr before attaching reflink tree * Focal update: v5.4.286 upstream stable release (LP: #2089558) // CVE-url: https://ubuntu.com/security/CVE-2021-47195 - spi: fix use-after-free of the add_lock mutex * CVE-url: https://ubuntu.com/security/CVE-2021-47469 - spi: Fix deadlock when adding SPI controllers on SPI buses * CVE-url: https://ubuntu.com/security/CVE-2025-39735 - jfs: fix slab-out-of-bounds read in ea_get() * CVE-url: https://ubuntu.com/security/CVE-2025-22020 - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove * CVE-url: https://ubuntu.com/security/CVE-2025-22004 - net: atm: fix use after free in lec_send() * CVE-url: https://ubuntu.com/security/CVE-2025-39688 - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() * CVE-url: https://ubuntu.com/security/CVE-2022-49892 - ftrace: Fix use-after-free for dynamic ftrace_ops * CVE-url: https://ubuntu.com/security/CVE-2021-47293 - net/sched: act_skbmod: Skip non-Ethernet packets * CVE-url: https://ubuntu.com/security/CVE-2024-50106 - nfsd: simplify nfs4_put_deleg_lease calls - nfsd: factor out common delegation-destruction code - nfsd: Fix race to FREE_STATEID and cl_revoked - nfsd: don't call functions with side-effecting inside WARN_ON() - nfsd: remove fault injection code - nfsd: avoid race after unhash_delegation_locked() - nfsd4: don't set lock stateid's sc_type to CLOSED - nfsd: split sc_status out of sc_type - nfsd: fix race between laundromat and free_stateid * CVE-url: https://ubuntu.com/security/CVE-2024-57982 - xfrm: state: fix out-of-bounds read during lookup * CVE-url: https://ubuntu.com/security/CVE-2023-52588 - f2fs: fix to tag gcing flag on page during block migration * Miscellaneous Ubuntu changes - [Config] updateconfigs for NFSD_FAULT_INJECTION

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb a3362c31fed8314d99c15ed99c7177e40c6be01a linux-buildinfo-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb 7eaa18ac5aa6d8796e47ec2a9dbf9f0301b04b72 linux-cloud-tools-4.15.0-249-tuxcare.els37_4.15.0-249.260_amd64.deb 88659c4108886faadd8c3e81f247450ebe684a9c linux-cloud-tools-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb badf58fcaff887d45b026502c4016442bece102f linux-cloud-tools-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb c20ff499265ec40fe1eaf68eb0ca3b934cb64826 linux-cloud-tools-common_4.15.0-249.260_all.deb 08cfecd22179f9511655d466b4627867239e920c linux-doc_4.15.0-249.260_all.deb c92a92eb9346436b0746b9ed4d39310d23566e26 linux-headers-4.15.0-249-tuxcare.els37_4.15.0-249.260_all.deb 0fb81205726f01813781fb30dbcee792c0c9c519 linux-headers-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb 87e93e7a2f4df0b0cf7bb0d68ecd1ab66990d34d linux-headers-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb 66e6015e927239d07e976cc853490fbe7e03240f linux-image-unsigned-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb 4a23574ecc416622a8fb7134697bd7fd30d44d4f linux-image-unsigned-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb f69d3bb9974ba07eb8532f47c592934bdfeaf0ca linux-libc-dev_4.15.0-249.260_amd64.deb 85177df1976e8e40c6c51d62b6f1a64ebe219d53 linux-modules-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb 3de4b0d8221418eed36058c5712c9a04528c8d53 linux-modules-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb 868fefb658f5076291e3cdb784bcfdd9df521641 linux-modules-extra-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb b97ba5a303d6e1ae5767a015b392ccb09f112473 linux-source-4.15.0_4.15.0-249.260_all.deb e150859204c64d33bb4329e40a4182f40f2bce81 linux-tools-4.15.0-249-tuxcare.els37_4.15.0-249.260_amd64.deb 0b92621308df84265bf527e482c034a89f490ed5 linux-tools-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb bafb873d0d0c88ab1c65b4b29f1c3d43aed56abe linux-tools-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb 3539c3cd508536a04c2674d756d2335edb2950ec linux-tools-common_4.15.0-249.260_all.deb b1b6538d32c3f7c6dfdadafc76493edff54bad12 linux-tools-host_4.15.0-249.260_all.deb 95ea88ecd4b652b5b419bdbdacc4c63dd70d8169 CLSA-2025:1753083772 TuxCare License Agreement 0 * Bump ABI 4.15.0-249 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-249

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.249.260_amd64.deb a57858ccef05cf9a50e5b066ac086f016c372476 linux-cloud-tools-lowlatency_4.15.0.249.260_amd64.deb 3d6c57d16e0828770374e2a824b02e74ef309fff linux-crashdump_4.15.0.249.260_amd64.deb c39f061a5a56d3e0583a3dfb944fe392e8d0c22c linux-generic_4.15.0.249.260_amd64.deb 58f86da60ad7adccc3503fd95320639b32b01477 linux-headers-generic_4.15.0.249.260_amd64.deb c40c6edf5384e5a2ae58707d7f29459bb96b1541 linux-headers-lowlatency_4.15.0.249.260_amd64.deb 5dca23f3d9922d74131ab5c42770a418aa6004ef linux-image-generic_4.15.0.249.260_amd64.deb 13cc238a56c3dad37a9b788b1224897c68e9f73d linux-image-lowlatency_4.15.0.249.260_amd64.deb f52f7c0335d4c2c89b63beeaa706c126e1af611c linux-lowlatency_4.15.0.249.260_amd64.deb e2128f275cc74626fca92122c69f5af97ec4146e linux-source_4.15.0.249.260_all.deb 64794396085fc5b3bc5cc6e08ef789c46b22c8e1 linux-tools-generic_4.15.0.249.260_amd64.deb 1a31f4845efe17f2e328528c0482742837d87d55 linux-tools-lowlatency_4.15.0.249.260_amd64.deb 8f594c20b55ad149ce203bf28778b73e31126f93 CLSA-2025:1753207140 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability discovered - debian/patches/CVE-2025-48384.patch: quote values containing CR character in config to prevent unintentional stripping when reading - CVE-2025-48384 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability discovered - debian/patches/CVE-2025-48384.patch: quote values containing CR character in config to prevent unintentional stripping when reading - CVE-2025-48384

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els6_amd64.deb bdd8c9e2f2b89a1bf0a7166fd9b6f4026093b167 git-all_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 6ef6142b9fc79d60dd97d7ea19ebba422a56ca37 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb b3970e751a128407d3c7415671adb7d3121e21fb git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb e0894f880b53d6cd03bd30efff184d21552a8870 git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 2432e8db79c7009a1074fbd1adf1f8c5a55c10d3 git-doc_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 86679e2fa55c6dd88629842bc96fc5b58b3c2cdf git-el_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 9c1b4442e0f5ed2b8d6d3c8e644dc12571c89882 git-email_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 9aefcb5699aab38519993d1675d97ae7246bda33 git-gui_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb bea9b1e61e18d95af33f431a477f643e320b67de git-man_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 1f468bc048a642eafc812fc51b83b096d19374eb git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 6c66ef2aa4042c6dcd72b559fd78fca82a31cbb7 git-svn_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb f612ac5985f6c2f4b3379f566e9dd87a3087135b gitk_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 6da75fb428d35f992d8c7d93e74909f6afcf17a6 gitweb_2.17.1-1ubuntu0.18+tuxcare.els6_all.deb 514e7b0140c941e3cc07f02780e9a5dd6695b9c1 CLSA-2025:1753209049 TuxCare License Agreement 0 * SECURITY UPDATE: improper handling of 'decode' function with 'unicode_escape' encoding in bytes - debian/patches/CVE-2025-4516.patch: Fix use-after-free in the 'unicode- escape' decoder with a non-'strict' error handler - CVE-2025-4516 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper handling of 'decode' function with 'unicode_escape' encoding in bytes - debian/patches/CVE-2025-4516.patch: Fix use-after-free in the 'unicode- escape' decoder with a non-'strict' error handler - CVE-2025-4516

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_all.deb e85620aa66718b87fbf01028305cea0fc1186d8d libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb d10ee16ef3f03d4d9f3e171080edab144ef620a0 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb de1f396666c4eec83e9b7591222a625b66493d60 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb 6fa54179636b00cc72abbbb2acc1f8899f2c395d libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb 09561e6a15d7d8237997f0a43411476dfa43dfd3 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_all.deb 18ccee62c34ed7fbadfc0caab84386d038f731cd python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb c19b28a2d9e149eb96c976c5f63376bef9112716 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb a56c0903a03bdb31f925091e6efa4ba0321aacf9 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_all.deb 925ab3c82ae1a3517acf2b2ce6b9b6967d2c69f4 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_all.deb cdea001dad93f61331766a262f5554caef4cffda python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb 6eb44f2f83d3435058749dff60926a5900ed5824 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els15_amd64.deb ca28b19d67a6f86391883d5fc3fc0f425833eaac CLSA-2025:1753374216 TuxCare License Agreement 0 * SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794_CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 - CVE-2025-49796 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794_CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 - CVE-2025-49796

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els4_amd64.deb 360b793c9defb98a6bd833b2b43d76bc9606eecb libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els4_amd64.deb 310a7ca2f79236891394abfc9028463f4b2f3868 libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els4_all.deb 115a9f04d955ff4d926db88e79154d474812dd03 libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els4_amd64.deb afcf903dd632c87e88f8974c5e718db54671f7f2 python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els4_amd64.deb cd5e98c43c61bb6b8153082390549b6fd38b7069 python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els4_amd64.deb a7c3216a052684d1eeba8c9ba9ec1596d74a7818 CLSA-2025:1753799668 TuxCare License Agreement 0 * SECURITY UPDATE: unauthorized commands execution on unintended hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: unauthorized commands execution on unintended hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462

0 tuxcare-ubuntu18.04-els sudo_1.8.21p2-3ubuntu1.6+tuxcare.els2_amd64.deb 8c25325c84925bdcec8cc53b0ad60a1388e28b3d sudo-ldap_1.8.21p2-3ubuntu1.6+tuxcare.els2_amd64.deb 862ce1bcb9c9d980c01764339a891b5420a6f034 CLSA-2025:1754037789 TuxCare License Agreement 0 * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21760 // CVE-url: https://ubuntu.com/security/CVE-2025-21760 - ndisc: extend RCU protection in ndisc_send_skb() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21761 // CVE-url: https://ubuntu.com/security/CVE-2025-21761 - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21764 // CVE-url: https://ubuntu.com/security/CVE-2025-21764 - ndisc: use RCU protection in ndisc_alloc_skb() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21765 // CVE-url: https://ubuntu.com/security/CVE-2025-21764 - ipv6: use RCU protection in ip6_default_advmss() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-url: https://ubuntu.com/security/CVE-2025-21764 - ipv4: use RCU protection in rt_is_expired() - ipv4: use RCU protection in inet_select_addr() * CVE-url: https://ubuntu.com/security/CVE-2025-21762 - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() - net: add dev_net_rcu() helper - arp: use RCU protection in arp_xmit() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21760 // CVE-url: https://ubuntu.com/security/CVE-2025-21760 - ndisc: extend RCU protection in ndisc_send_skb() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21761 // CVE-url: https://ubuntu.com/security/CVE-2025-21761 - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21764 // CVE-url: https://ubuntu.com/security/CVE-2025-21764 - ndisc: use RCU protection in ndisc_alloc_skb() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21765 // CVE-url: https://ubuntu.com/security/CVE-2025-21764 - ipv6: use RCU protection in ip6_default_advmss() * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-url: https://ubuntu.com/security/CVE-2025-21764 - ipv4: use RCU protection in rt_is_expired() - ipv4: use RCU protection in inet_select_addr() * CVE-url: https://ubuntu.com/security/CVE-2025-21762 - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() - net: add dev_net_rcu() helper - arp: use RCU protection in arp_xmit()

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb 89b3e4243c6aebcbfc1a3151639cc02491e84293 linux-buildinfo-4.15.0-250-tuxcare.els38-lowlatency_4.15.0-250.261_amd64.deb 3ead94dc246b865cdac84c1dcc790b2406855f5f linux-cloud-tools-4.15.0-250-tuxcare.els38_4.15.0-250.261_amd64.deb e259a885adcd3e419318ebb37ddfc295f95bfbdb linux-cloud-tools-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb 915a38977f75dc1a4ae0dc31c5156c8f97ff315a linux-cloud-tools-4.15.0-250-tuxcare.els38-lowlatency_4.15.0-250.261_amd64.deb d3db4c437a8a9e392e9a3efee14c6ab781c059bb linux-cloud-tools-common_4.15.0-250.261_all.deb 2e4ff155152ba5142b55c107c70cb7cde728b80e linux-doc_4.15.0-250.261_all.deb 3eab69a0ccffc1735a1cbe91c01257fa5e01e4ad linux-headers-4.15.0-250-tuxcare.els38_4.15.0-250.261_all.deb e6c86e5796e2c2d783e5a72bcfde3570413191f2 linux-headers-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb ef7910d4ba7a5c8ac97383c7f33f858ba28d7122 linux-headers-4.15.0-250-tuxcare.els38-lowlatency_4.15.0-250.261_amd64.deb 29e20215a438c64f192e07dcf0ad8ef1c31e64bb linux-image-unsigned-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb 46dfc7e57653fe200b67d9b621b323a179c278f4 linux-image-unsigned-4.15.0-250-tuxcare.els38-lowlatency_4.15.0-250.261_amd64.deb d961b7bcb1d0eb2e2942beffc701ef749320e1b0 linux-libc-dev_4.15.0-250.261_amd64.deb eeb22a5be8edb1fc8743ab5284c26c103e243b7b linux-modules-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb dcbe1b1ad0527dcb905f16e0c552f7a082cdc367 linux-modules-4.15.0-250-tuxcare.els38-lowlatency_4.15.0-250.261_amd64.deb a5081f5940930537dbd8cd3161523b94ffef21ba linux-modules-extra-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb bb02c3a041e291adec98be118e6972be5cc76774 linux-source-4.15.0_4.15.0-250.261_all.deb 3599ed70ea5f156beaf1d12f5e961338f9a9a993 linux-tools-4.15.0-250-tuxcare.els38_4.15.0-250.261_amd64.deb 742a0d9084dd517f002b9631a904c98caee231bb linux-tools-4.15.0-250-tuxcare.els38-generic_4.15.0-250.261_amd64.deb 7e8ac154c30ad34cd95d6abf74d5d0da99020706 linux-tools-4.15.0-250-tuxcare.els38-lowlatency_4.15.0-250.261_amd64.deb 95f04882130279ff701357998df19773aff15f25 linux-tools-common_4.15.0-250.261_all.deb 5de5158d6341d0ffa3998aa1260ad45eb1604955 linux-tools-host_4.15.0-250.261_all.deb 5f0b6db5e99777706b885d0cae3722501e4640a7 CLSA-2025:1754037921 TuxCare License Agreement 0 * Bump ABI 4.15.0-250 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-250

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.250.261_amd64.deb c3e3ef98d55e774facbeadce0c5932eb3ed86b2b linux-cloud-tools-lowlatency_4.15.0.250.261_amd64.deb ddbda75c5343a6e37edfa1076f692d68f88ea72c linux-crashdump_4.15.0.250.261_amd64.deb 4df9302af532debd94b038236395e600b77ad4b0 linux-generic_4.15.0.250.261_amd64.deb 45666f34c372c874c7aa5014a69c16747b44a320 linux-headers-generic_4.15.0.250.261_amd64.deb 7dd2b9fdbbea8afbecc3aa56ad2696b9a093cc02 linux-headers-lowlatency_4.15.0.250.261_amd64.deb 45e09d658de01757866c60967f921ff78415211f linux-image-generic_4.15.0.250.261_amd64.deb d6e587e07555473959949c3bff867fa205378687 linux-image-lowlatency_4.15.0.250.261_amd64.deb 83d28049681a974a443e44eef76d2470293fe54b linux-lowlatency_4.15.0.250.261_amd64.deb 7df40c23a124e5d3e998823f218e490025273604 linux-source_4.15.0.250.261_all.deb af44a5591825ab48a9aed3fe31dbae1310a29977 linux-tools-generic_4.15.0.250.261_amd64.deb 275d312b67790b169ee46bbcbc31764123a25f33 linux-tools-lowlatency_4.15.0.250.261_amd64.deb da3eedd78ff84e714e0ccf1e4765c7aa04fa1028 CLSA-2025:1754338597 TuxCare License Agreement 0 * SECURITY UPDATE: excessive aggregate terms potentially leading to memory corruption - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: excessive aggregate terms potentially leading to memory corruption - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965

0 tuxcare-ubuntu18.04-els lemon_3.22.0-1ubuntu0.7+tuxcare.els2_amd64.deb fc46ec95d19236ace8d95bfa1819669daf1c6484 libsqlite3-0_3.22.0-1ubuntu0.7+tuxcare.els2_amd64.deb 9431082b095086a5a5b610e05029d0627d53d01a libsqlite3-dev_3.22.0-1ubuntu0.7+tuxcare.els2_amd64.deb 0e94f8e2bd9ffdf5e682e8aa420fb4ee4c108b8b libsqlite3-tcl_3.22.0-1ubuntu0.7+tuxcare.els2_amd64.deb e5d2902f786cd3e9f37252c852ec191211fad2a6 sqlite3_3.22.0-1ubuntu0.7+tuxcare.els2_amd64.deb b629dd28b83c413dbc617e01cb4dd10435fbe643 sqlite3-doc_3.22.0-1ubuntu0.7+tuxcare.els2_all.deb d71bef30c755af84e1d7f334cb09fd298be0606a CLSA-2025:1754381806 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-05-12: - New microcodes: sig 0x000a06d1, pf_mask 0x20, 2025-02-07, rev 0xa0000d1, size 1635328 sig 0x000a06d1, pf_mask 0x95, 2025-02-07, rev 0x10003a2, size 1664000 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b06d1, pf_mask 0x80, 2025-03-18, rev 0x011f, size 79872 sig 0x000c0652, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x000606a6, pf_mask 0x87, 2025-01-07, rev 0xd000404, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-01-07, rev 0x10002d0, size 300032 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x000806f4, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f4, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f5, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f5, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f6, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f6, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f7, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f8, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f8, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x00090672, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x00090675, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000906a3, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906a4, pf_mask 0x40, 2024-12-06, rev 0x000a, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2025-02-13, rev 0x0024, size 140288 sig 0x000a06f3, pf_mask 0x01, 2025-02-10, rev 0x3000341, size 1542144 sig 0x000b0671, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06e0, pf_mask 0x19, 2024-12-06, rev 0x001d, size 139264 sig 0x000b06f2, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f5, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f6, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f7, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 sig 0x000c06f2, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 * SECURITY UPDATE: - CVE-2024-28956, INTEL-SA-01153 - CVE-2025-20054, INTEL-SA-01244 - CVE-2025-20103, INTEL-SA-01244 - CVE-2024-43420, INTEL-SA-01247 - CVE-2024-45332, INTEL-SA-01247 - CVE-2025-20623, INTEL-SA-01247 - CVE-2025-20012, INTEL-SA-01322 - CVE-2025-24495, INTEL-SA-01322 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-05-12: - New microcodes: sig 0x000a06d1, pf_mask 0x20, 2025-02-07, rev 0xa0000d1, size 1635328 sig 0x000a06d1, pf_mask 0x95, 2025-02-07, rev 0x10003a2, size 1664000 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b06d1, pf_mask 0x80, 2025-03-18, rev 0x011f, size 79872 sig 0x000c0652, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112 - Updated microcodes: sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x000606a6, pf_mask 0x87, 2025-01-07, rev 0xd000404, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-01-07, rev 0x10002d0, size 300032 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x000806f4, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f4, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f5, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f5, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f6, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f6, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f7, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x000806f8, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640 sig 0x000806f8, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872 sig 0x00090672, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x00090675, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000906a3, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906a4, pf_mask 0x40, 2024-12-06, rev 0x000a, size 119808 sig 0x000906a4, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000a06a4, pf_mask 0xe6, 2025-02-13, rev 0x0024, size 140288 sig 0x000a06f3, pf_mask 0x01, 2025-02-10, rev 0x3000341, size 1542144 sig 0x000b0671, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256 sig 0x000b06e0, pf_mask 0x19, 2024-12-06, rev 0x001d, size 139264 sig 0x000b06f2, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f5, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f6, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000b06f7, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304 sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 sig 0x000c06f2, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 * SECURITY UPDATE: - CVE-2024-28956, INTEL-SA-01153 - CVE-2025-20054, INTEL-SA-01244 - CVE-2025-20103, INTEL-SA-01244 - CVE-2024-43420, INTEL-SA-01247 - CVE-2024-45332, INTEL-SA-01247 - CVE-2025-20623, INTEL-SA-01247 - CVE-2025-20012, INTEL-SA-01322 - CVE-2025-24495, INTEL-SA-01322

0 tuxcare-ubuntu18.04-els intel-microcode_3.20250512.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb f885d027d55b587a1011d25ef95d90dcf1b7507c CLSA-2025:1754382501 TuxCare License Agreement 0 * Update ca-certificates database to 20250418: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20250418: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.74. - The following certificates were updated: # Certificate "Entrust Root Certification Authority - G4" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" - The following certificates were added: # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "D-TRUST EV Root CA 2 2023"

0 tuxcare-ubuntu18.04-els libnss3_3.35-2ubuntu2.16+tuxcare.els4_amd64.deb 2a25aff096a30c0ae55853be36be6688b004a1d5 libnss3-dev_3.35-2ubuntu2.16+tuxcare.els4_amd64.deb e85738f0603aa6f945074a9568717debd6d46359 libnss3-tools_3.35-2ubuntu2.16+tuxcare.els4_amd64.deb 35d06b1d03cee80324b9e678fc224db4aa75cc57 CLSA-2025:1754649017 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based Buffer Overflow in ELF ld Component - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the sym_hashes array of the elf bfd cookie structure - CVE-2025-1176 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based Buffer Overflow in ELF ld Component - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the sym_hashes array of the elf bfd cookie structure - CVE-2025-1176

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb b7c73f0a6a13e69f31bd8c5056a3f130509f6ac4 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb c076ebc3683533ff4763009481610a1991d1b9ef binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 03f9904d6aae5bf7f6336599c6ed9843fd240278 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 45f0968d5c49bb107e18d8855382a91cc6f01638 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 0049544f85eb99556eb320ac419244ad57e097a6 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 56fae95bbc89e6b04bab46319e7e49e4bab81d89 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 82c2b3e5d6750a11bcb76b1e97e057c8502777cf binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els9_all.deb 5737e9c3f5b2982652a51e1391642ac076744978 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els9_all.deb 6e8b3cc1c241a1948ac401e47afbf3a95b729101 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 691f45f644aff95b6daf600d121c016069e0743c binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb b069bfcf8783e913cc8ae90e1afcdecc2751cf36 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb d1c4c50d6de23fe07340b7b1b90e839fcec83980 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb b2da9c691a1cbe971e0ec9d80f602ef37c9f1960 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb bf3eb113b10115a5fc94a8d93c727895a6955e58 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 4894fbd672a673baa92416a079e74fc35f67679e binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 5c88a8dfe3208ce629f8e4dcebee95f8d13c46e6 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb b35f6bdfeecb62d1de87f0c6f491284f6249369f binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 7d7af30de56d9c9c050a59357e8c2e160a8b602b binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 545400026c3426f9ed41a1e02df0542b01147e16 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb b5f1b3ace49b45d1bdf59cfe53abb7e08d78ac53 binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 6daa518026dbba07c8655f123b62d4063ce6ec52 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb eef28a5e6b6b0e850f3bf8c1b681b9d4ab50718e binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 9df8245c770e41139c7984a0ec8d21cdb9be1080 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 190166452420679a4f2f60481e413fc3590e7ba1 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 454ea079456faaac4a513f8e2c2d8d65efb8c6ba binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb d048e4af8af5dc66ff923493eaa0cb4afd7e4c24 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 2af08e5175c91213470415623d515d0fa6825c8c binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 28be44c25ca76bdc3597a478f878ba447f6190f6 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 27d887fee4cfa7cac5b04158dc346a5d82d75cdf binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 88967c240f30b7539243d350c45bc396ce0fbc92 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 999c221b68eb92ff4837873ca624ef3114ebdc1a binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb e0258b956eb8b549bf314703bef5a84eede90d05 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb c94dd00e695e4bc4d5f04e1e034c6d104d36f536 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 36c05ae0ae7a9da03760d32f56895e231666dc75 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 1d683a5d63d571ad35e228d29312c6d65b6098cc binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb dfd62b5331f016e7c516d098c1a022e92f88415a binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 7087e97d24f4803a274c7aec41676f658c0d3675 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb fbe0487cc76eeed0d29bd70024329f7efd774321 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els9_all.deb d9a7d23696a1d14325672aa9c7b331d302467937 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 70fe6410f529fe5b4c92e96d70ef4e2e11fd0ff8 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 88efd50bf95bde9a2a035a016b61e7a085955120 binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb 7d03a69ffb3d9c38cb124a7075d002f89dff4ad8 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb db5f02f694bed07f7ad119395f695ac1364ff3f0 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els9_amd64.deb fbf1be24f82bcb4eff51ff71703311b82778c0b5 CLSA-2025:1754649468 TuxCare License Agreement 0 * OpenJDK 11.0.28 release, build 6. - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-July/045612.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 11.0.28 release, build 6. - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2025-July/045612.html

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 877e731234e54a49ef52c2e990ef615c8965bb13 openjdk-11-doc_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_all.deb 36a85fa7c728820887fc733f23e0f0101dd2041a openjdk-11-jdk_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 40eb5f399568b0657827cd29de445aa5b76baed4 openjdk-11-jdk-headless_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 55f1454600b217c41c3f63581f67623e6a2e0a72 openjdk-11-jre_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 167e79df1cb2526284ef728fe08177b4f61086c0 openjdk-11-jre-headless_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 7f2915ff7f8caec8d40f345a2493ea4c826fda2b openjdk-11-jre-zero_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 0fc0490f19d6d2e3e61da756c534b684baddc5b8 openjdk-11-source_11.0.28+6-0ubuntu1~18.04.1+tuxcare.els1_all.deb 64cee9e2a2888f7b0f3667092cf950ca1d0a23af CLSA-2025:1754940060 TuxCare License Agreement 0 * SECURITY UPDATE: multiple vulnerabilities in Gitk and Git GUI - debian/patches/CVE-2025-27614_CVE-2025-27613_CVE-2025-46835.patch: Prevent script execution via specially crafted filenames in Gitk. Sanitize filename handling to avoid unintended file creation/truncation. Validate directory names in Git GUI to prevent unsafe file overwrites when editing files - CVE-2025-27614, CVE-2025-27613, CVE-2025-46835 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: multiple vulnerabilities in Gitk and Git GUI - debian/patches/CVE-2025-27614_CVE-2025-27613_CVE-2025-46835.patch: Prevent script execution via specially crafted filenames in Gitk. Sanitize filename handling to avoid unintended file creation/truncation. Validate directory names in Git GUI to prevent unsafe file overwrites when editing files - CVE-2025-27614, CVE-2025-27613, CVE-2025-46835

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els7_amd64.deb 3eccd6f64f15bdaab3137bcbaa048e96d708db02 git-all_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb a36f42b9d2b830fff40aea0fa1178d3487e9af08 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb 1497e463259366d86fc5aa66b3332db893582353 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb 3013713f2b425cefaff83e2002e2e03028ba88ca git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb 2052f74803dc074490c8367df72c08d1e4700df4 git-doc_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb ec29f9e1034482caf0443725e6ba7f00752014f6 git-el_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb c36a7b4046122d5e1a4256172cc1eedeb0104f9c git-email_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb 5e92066d91f5321c5b7a791c7dcf3577cb5a76b9 git-gui_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb ca168e23161c964ced2e702ed46fc68f8dd30e3c git-man_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb 6ebcfe2eecc83105a183bf1f39431ad373a0e296 git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb 23a24bb6de01d15193a7649a1c53942b2aaf288d git-svn_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb b2e99c898fc69c74d1ca859d84017085dea1d1b9 gitk_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb c777e746c3f8a9bdd9785e512cd06eb3434d5cf0 gitweb_2.17.1-1ubuntu0.18+tuxcare.els7_all.deb ca3eb60fb140a8980f21de753fdf0d8a9966a5f4 CLSA-2025:1754940449 TuxCare License Agreement 0 * SECURITY UPDATE: Insufficient validation of filenames against control characters in repositories served via mod_dav_svn - debian/patches/CVE-2024-46901.patch: fix mod_dav_svn denial-of-service via control characters in paths Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Insufficient validation of filenames against control characters in repositories served via mod_dav_svn - debian/patches/CVE-2024-46901.patch: fix mod_dav_svn denial-of-service via control characters in paths

0 tuxcare-ubuntu18.04-els libapache2-mod-svn_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb 9b604b980f788dded134d9109ef86e04735b986e libsvn-dev_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb 474ca378abd7f6c26f030f5f23d2fac446ccc69c libsvn-doc_1.9.7-4ubuntu1.1+tuxcare.els1_all.deb 84834c6c498ec24f0ab4e8ae38d5b128770ab215 libsvn-java_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb 62bdce54b3eb44cd666d99fbf805f520d643f1b8 libsvn-perl_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb ab1bcb0230b6ed3c398c8b226eb092d97b46526b libsvn1_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb 6cd2c174ac9a1a5837fcc98a5161fb6809234ed6 python-subversion_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb d2219fdd0af80260ff051ee7b73f7740964556f7 ruby-svn_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb 2188aac8796259c99f7374e8f9648bedfa678fae subversion_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb 7b826b354cbf6d6936d5aafe3a3d3acb66049a72 subversion-tools_1.9.7-4ubuntu1.1+tuxcare.els1_amd64.deb d5b470bbc79fab44efedfe65508306cd2b4fcf8e CLSA-2025:1755112965 TuxCare License Agreement 0 * OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-July/020263.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory bug, crash/code exec - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-July/020263.html

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u462-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 0999c055f07e1f7cc5497cae3757485a30b509e3 openjdk-8-doc_8u462-ga-0ubuntu1~18.04+tuxcare.els1_all.deb 82e6e8999869b925961a6a34f4142485a95d027c openjdk-8-jdk_8u462-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb ed977a2b9d6f9e85ec956f981c992c0b57356c87 openjdk-8-jdk-headless_8u462-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb edd3faeb4f249fa4152d02a440d4c80f7ad683fd openjdk-8-jre_8u462-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb d8c61a4f83f1af375f6420b836793d1c7bf6837f openjdk-8-jre-headless_8u462-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb a729d2e4040cc535d1b23f76a1646747a1b2ae57 openjdk-8-jre-zero_8u462-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 906a113d897a425f056411d0ce36541de448ba7b openjdk-8-source_8u462-ga-0ubuntu1~18.04+tuxcare.els1_all.deb d0c5aa6c0a0924c892ffba2bcb9d22d576b73327 CLSA-2025:1755113204 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service issue due to incorrect memory allocations - debian/patches/CVE-2025-29088.patch: harden the SQLITE_DBCONFIG_LOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation - CVE-2025-29088 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service issue due to incorrect memory allocations - debian/patches/CVE-2025-29088.patch: harden the SQLITE_DBCONFIG_LOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation - CVE-2025-29088

0 tuxcare-ubuntu18.04-els lemon_3.22.0-1ubuntu0.7+tuxcare.els3_amd64.deb 43616f0f6e806456e526e3298a01df0aa58c2c68 libsqlite3-0_3.22.0-1ubuntu0.7+tuxcare.els3_amd64.deb 7247f429b28f860275bfb8b1f29c0320eb9e494e libsqlite3-dev_3.22.0-1ubuntu0.7+tuxcare.els3_amd64.deb b68a4f6664a912fb8263cd861e989512d87d87dc libsqlite3-tcl_3.22.0-1ubuntu0.7+tuxcare.els3_amd64.deb 61c0a3397a568e019eb7aeea3caf6a82b90c7b40 sqlite3_3.22.0-1ubuntu0.7+tuxcare.els3_amd64.deb 431ff8b7ec7cc6cc52cd037326ea20b8c3dd6208 sqlite3-doc_3.22.0-1ubuntu0.7+tuxcare.els3_all.deb a38813038bce34ef46127329e3a0a11c063b49c3 CLSA-2025:1755113387 TuxCare License Agreement 0 * SECURITY UPDATE: security vulnerability patched - debian/patches/CVE-2025-48386.patch: fix buffer overflow in wcsncat() to avoid segmentation fault caused by off-by-one error in the wincred credential helper - CVE-2025-48386 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: security vulnerability patched - debian/patches/CVE-2025-48386.patch: fix buffer overflow in wcsncat() to avoid segmentation fault caused by off-by-one error in the wincred credential helper - CVE-2025-48386

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els8_amd64.deb 10cc42a0969e263e1b1a8384bf537336c127288c git-all_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb f810912229ee8fe7dd6bdab60dbdb2f1ebd53230 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 2f1063b595e6050a6e57e38cfdfdc2efb4893a45 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 7bf2dc295f7b7949aaa047d853b848e31b9da650 git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb aa2c6319fc7f557f774e8d81ab8a18f5c123a264 git-doc_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 88ee19b71fbdf5ef103815157e3fa3fb4c52e33d git-el_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 9a97fded135ed8d8a30d99863e3ae682f425c086 git-email_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 6a49bf3507efffa7e56e9119afa83235bf8fbbbe git-gui_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 446b5402df5cd2b8864fbf8428c1f54b842bb3b7 git-man_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 760410bf9a35358390488e873ea4833e81887c0f git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 21b83e1bfc44cb3db95a377c45b544fa3020209e git-svn_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb c495e2f8c8430de5f2d35e8ad28e566433b02a13 gitk_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb b09fec38963a173e26168cb6cfc6acfef1e347dd gitweb_2.17.1-1ubuntu0.18+tuxcare.els8_all.deb 82dbe052160c4a627256ad855742d2b9d7f5b9a0 CLSA-2025:1755113592 TuxCare License Agreement 0 * SECURITY UPDATE: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - debian/patches/CVE-2025-3576: don't issue session keys with deprecated enctypes. Updates tests. - CVE-2025-3576 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - debian/patches/CVE-2025-3576: don't issue session keys with deprecated enctypes. Updates tests. - CVE-2025-3576

0 tuxcare-ubuntu18.04-els krb5-admin-server_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb eed10e31a01f945f19fe4c5e472d964d637bb610 krb5-doc_1.16-2ubuntu0.4+tuxcare.els5_all.deb 9fc673fb2a27dc6ed054ac8aeacfc28aef0dab07 krb5-gss-samples_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 81170513421d3243ca52d15c14e2ed7970cde9c8 krb5-k5tls_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb d981fbf27c292dd0eb302bb4cf89235eb23011f9 krb5-kdc_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb e1bad0c3dd342e1633bfeac810b188316b6c54c6 krb5-kdc-ldap_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 992259f1523e81ff77f8d6bc79d025a24b7ebe6a krb5-kpropd_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb f5e1d6db39d4d2dc717c085dd038f97c07c072ec krb5-locales_1.16-2ubuntu0.4+tuxcare.els5_all.deb 61625fb283d2658738893b3000ebf88429d6be1b krb5-multidev_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 461fbc0698936d118cd3a9baeff0d3c7ef2720d2 krb5-otp_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 70bba7912caa1f1fe69d3017084c535179a94f22 krb5-pkinit_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb d45badb3c2770449b377b570f2d54b2ad09d0d3c krb5-user_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 78623286515aab4cb5d49f1f85be4d177dd8d8af libgssapi-krb5-2_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb b49b1b9672de1bede0e4424dc2f69c5eedbc0908 libgssrpc4_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 62430ef0a86e5760dd6c9ea7adb833297faa8e86 libk5crypto3_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb b5f5d38f376d903f2ffa5210de1a30e38deda157 libkadm5clnt-mit11_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 82a0ba0fd6e9346ffcef4b77cc4e445d8ffa2d47 libkadm5srv-mit11_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 7dd7b7b938b2b70273b3ce8e86cec4493604172f libkdb5-9_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb d8bcfd9a6affce805a0245762350e5e11473f395 libkrad-dev_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 5d64ddf71ef283529f68f02b32761ada851b72eb libkrad0_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb e25cde1effb4c90f83c4ddcf84fece97fd275f90 libkrb5-3_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 2c9eb748db5b62f5f127106af6e06c02319c647f libkrb5-dev_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb 7e9310b4e97a3c5bfa44c28b206d2b9e5a49b362 libkrb5support0_1.16-2ubuntu0.4+tuxcare.els5_amd64.deb ea97b1082ae5eacbd3bfafd1d3eddae287b2f054 CLSA-2025:1755270833 TuxCare License Agreement 0 * SECURITY UPDATE: incorrect unicode encoding of separating comma in folded address list - debian/patches/CVE-2025-1795.patch: Fix misfolding of comma in address- lists over multiple lines in combination with unicode encoding - CVE-2025-1795 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: incorrect unicode encoding of separating comma in folded address list - debian/patches/CVE-2025-1795.patch: Fix misfolding of comma in address- lists over multiple lines in combination with unicode encoding - CVE-2025-1795

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_all.deb b7ea09a33a9a97d98010cf38ca10bf1004c86503 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb 67f11a74d6044c834a14a09285c0d8bedf7d9b75 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb b9599143f0849ab20858d23d547b1a50ff2dd7cd libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb 7031c14ef85cd20c4ebfc54652c4a11c4c961681 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb c74f92b78313b2a6fc4707491ea7e061869a9fe1 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_all.deb 2e0472cde716f5ea83ed6632fb389aadc3ffdde4 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb cd021cb59e1c906ff209d54bdc2a52b42ac5e0aa python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb 223ee5e7681ecc7edcb71e5b81516620ef987daa python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_all.deb 97a1e4376ffa909999688bdda3f0cf420a658fcd python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_all.deb 05c199a578f121cc51e6947071f14f0358983038 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb eedf9d0b756cebbcea6ba66fd170c3e4174208eb python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els16_amd64.deb 1c17450a0bc49bf78da273c5eb7b954d6edb57e8 CLSA-2025:1756202550 TuxCare License Agreement 0 * Update up to 1.4.3 LTS - CVE-2025-20260 - CVE-2025-20234 - CVE-2025-20128 - CVE-2024-20505, CVE-2024-20506 - CVE-2023-20197 - CVE-2023-20212 - CVE-2023-20032 - CVE-2023-20052 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update up to 1.4.3 LTS - CVE-2025-20260 - CVE-2025-20234 - CVE-2025-20128 - CVE-2024-20505, CVE-2024-20506 - CVE-2023-20197 - CVE-2023-20212 - CVE-2023-20032 - CVE-2023-20052

0 tuxcare-ubuntu18.04-els clamav_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 6855ddbc732b752a91165a8788e85c0165b2f050 clamav-base_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_all.deb a7acf728db8ab7a38450deb78f1c43d696f80353 clamav-daemon_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb e839dc320c3b3ec40fc65efb3af6816e70ce1e2a clamav-doc_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_all.deb 7085a4be6af10e80b5f7a301f9a50d0a676ca951 clamav-docs_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_all.deb eb6e778c8f85fc4c8310436f9e4f25c4ec75e692 clamav-freshclam_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 7e151661e0c0153139b129baabd9a89640f9fc47 clamav-milter_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb ba850041a12b877ef680a8f034b1d20fcc40f1a4 clamav-testfiles_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_all.deb db544c1e71fd08705ed96712fac168e05cb2db1c clamdscan_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb cec4a7ffafff439fd7f5d4d0b2b67d29c2cfbd6a libclamav-dev_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 5a8295a64861408bffb853bcc88e2db9927b8eb4 libclamav12_1.4.3+dfsg-0ubuntu0.18.04.1+tuxcare.els1_amd64.deb dd0197e512418393b906e7cd682409c47ec4b6fa CLSA-2025:1756324356 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service attack caused by untrusted clients triggering assertion in mod_proxy_http2 - debian/patches/CVE-2025-49630.patch: tolerate missing host header in h2 proxy to fix issue with HTTP/0.9 request without Host header - CVE-2025-49630 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service attack caused by untrusted clients triggering assertion in mod_proxy_http2 - debian/patches/CVE-2025-49630.patch: tolerate missing host header in h2 proxy to fix issue with HTTP/0.9 request without Host header - CVE-2025-49630

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb 75944cc191ebd470d7206600c347db5034f8693e apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb ec1ecc1bc1d9ae1438b07d6bf998c87f2a119e5f apache2-data_2.4.29-1ubuntu4.27+tuxcare.els5_all.deb 2eb0fddf12b7c1df62816077afba7199ffee1128 apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb 234fa673b90d335c49b76f39a54fbdf87b17a678 apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els5_all.deb 1910f37c41171e9fe10b67057602f13351520ffb apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb d787e02cd4ed427e9064ff7873ec2ccda192515f apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb cffc82aec0af839acd8fc474ccf97702c97289b0 apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb 6448d8bac9b5c0e9ae3ef5cfd5b070f63b5d3a9e apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els5_amd64.deb 697a175a31a7e369fb26c65c9b555c6c9ddd7654 CLSA-2025:1756830276 TuxCare License Agreement 0 * SECURITY UPDATE: insufficient escaping of user-supplied data in logging configurations - debian/patches/CVE-2024-47252.patch: Escape ssl vars to prevent potential security vulnerabilities - CVE-2024-47252 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insufficient escaping of user-supplied data in logging configurations - debian/patches/CVE-2024-47252.patch: Escape ssl vars to prevent potential security vulnerabilities - CVE-2024-47252

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb e7cd5d6221eea592cf7c122e0993377831982d91 apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb 8b27fa7104bb42dc7ec49cad0b6debf99aae2aa1 apache2-data_2.4.29-1ubuntu4.27+tuxcare.els7_all.deb a2993f1b5539d2aa2dd627c775d18c842fac90f4 apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb 475b63981b0782cb350c119f62250d5b03ac8baa apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els7_all.deb c6d8f0a3dc799630c91efcdd9aa95ec9d9120c2b apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb 272d7129b84c63335c4ceb9c6d9b44dec6ac4636 apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb b1a5a44fb3efe062c1dfbd4e8d9e194515b03e83 apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb 90190fc78caf3e40f92318b2d1be5ca9082b9b6b apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els7_amd64.deb c29f3e455483e8ad831fed3f87190fd1543df739 CLSA-2025:1757014652 TuxCare License Agreement 0 * SECURITY UPDATE: misinterpretation of HTTP response headers - debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1217 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1734.patch: adds logic to fail invalid HTTP headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1734 * SECURITY UPDATE: http redirect location truncation - debian/patches/CVE-2025-1861.patch: converts the allocation of location to be on heap instead of stack and errors if the location length is greater than 8086 bytes in ext/standard/http_fopen_wrapper.c - CVE-2025-1861 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1736.patch: updates the http user header check for crlf in ext/standard/http_fopen_wrapper.c - CVE-2025-1736 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: misinterpretation of HTTP response headers - debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1217 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1734.patch: adds logic to fail invalid HTTP headers in ext/standard/http_fopen_wrapper.c - CVE-2025-1734 * SECURITY UPDATE: http redirect location truncation - debian/patches/CVE-2025-1861.patch: converts the allocation of location to be on heap instead of stack and errors if the location length is greater than 8086 bytes in ext/standard/http_fopen_wrapper.c - CVE-2025-1861 * SECURITY UPDATE: insufficient HTTP header validation - debian/patches/CVE-2025-1736.patch: updates the http user header check for crlf in ext/standard/http_fopen_wrapper.c - CVE-2025-1736

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 54360ccd2c01493945164e48cc350baa5efb0785 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 51198ea24ad8a2bc45a4d6fcf390510a1c6a7eac php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_all.deb e276b71701a517fb559a2fa14ebb10da7237929d php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb dc788fc60942e4157adb14aeeb6b30c23de03260 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 72d58c152cc999170f8c01d219a04f44e9bea291 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 599c38d6c4ba1aa22d67d32f885f6ae98c81c98e php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb faa328cd1920d882666d2f85fa52812012e9cc76 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 6b9423b38f2ffbff75d213fbf8aa955859a2d780 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 157a64552f6c66e07db3a6aedf8da2401306fee8 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 2550d2e096dcfb29ccf7d209dccd2bebbcbc9888 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb dbc08a38c3d171b9ae92a7586b85494fb0d56421 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 79a7337fc0ed6403b96c08ce60cc7a2684b4a2fe php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 13c50fe893e3befdcf3b0bed1aa1def891f6cb18 php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb c08cb2492cc1ad28c3d65d815e921ecdb366e613 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb e739e398653fb3bbfe8a8f72686abdf57beb4e41 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb e9c7b367bf6677e347fc9357919aed72c4a3db04 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 87699a9873022c41a7467fbf69ebc05bfd0d3400 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 1d79610ba23f91ca5147a5e481365fd4d5ddbeaa php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb bc717bd75c2bf1bcc52d38568cff6be7400261d7 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb f869ce6fe1f2eb3ff5c80a93e74ca6afc3f78a0f php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 0905a111ebbd50d184e19db0192d3fb855b2529c php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb da199656beecb0ce1133606cf8e9d392d948b52d php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb f7669385f5286ce45c09d54d17324a3553eaa64c php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 450e6c1fe84164a4d5f1dc177d55ba59e2ba2331 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 0386d60fdea5fd4dbb19f18bfe159d16333aa091 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb d0c59de1d3a2b09a72da7ce21c1bda8f8ae7402e php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 45aabff60f5d3e1a2678b53656f4c9f5e2a83ef8 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 6a61fc6794d5061152245bda417a7a7a6fa8435d php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 45881719a94912e6739dca9143a60959ac59e04f php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 528c28910d0d250a3710497356129bae0b77a1c0 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb f44385c6b1339b1c3db9fc0dbfbe41958a6bd118 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 0e08f2252ebbcdcc1dba0f750b3ebb83e61a6a16 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 2dea7ee90f4fa78e373d56e7b33993a7dc139cb1 php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 0ca6a8d76483a152bd914451f55023d6d4f18d6d php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 8fe79d6a415fe32e4e2f15071b14107eb9d31ce8 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 27e04a537910186af323a374ad62ab978b2f54eb php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_all.deb 12a154a1b72b21634bfe8abcc85e8a19e7c72a7e php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els10_amd64.deb 9bea97e94ffc0c1327ee2dc0106a7a03116d51de CLSA-2025:1757014900 TuxCare License Agreement 0 * SECURITY UPDATE: mod_ssl TLS upgrade attack - debian/patches/CVE-2025-49812.patch: remove antiquated 'SSLEngine optional' TLS upgrade in modules/ssl/ssl_engine_config.c, modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h. - CVE-2025-49812 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_ssl TLS upgrade attack - debian/patches/CVE-2025-49812.patch: remove antiquated 'SSLEngine optional' TLS upgrade in modules/ssl/ssl_engine_config.c, modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h. - CVE-2025-49812

0 tuxcare-ubuntu18.04-els apache2_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb be8f2a70ba5f958ef2b8147aaaf5778676afd2db apache2-bin_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb 2a17ad1784389762336e343a92f895c5abc259e7 apache2-data_2.4.29-1ubuntu4.27+tuxcare.els8_all.deb 50760c311d2aef4b4969118b351cd37afd3092ea apache2-dev_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb c326cebfc60c57fb7471b83eb8d11ce00ca60b0e apache2-doc_2.4.29-1ubuntu4.27+tuxcare.els8_all.deb 41d0d78257ca750eedcd09d57f175aedd6dfd5ce apache2-ssl-dev_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb c709d0b98480b6403ee4a526abb9218ec3bcbc66 apache2-suexec-custom_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb 278f696c98ed6430cf653a18f1053169699b4753 apache2-suexec-pristine_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb 8d96843e74ebdfc2ed5459fc4efdca4620876db3 apache2-utils_2.4.29-1ubuntu4.27+tuxcare.els8_amd64.deb 63f72f0c451957fb65841af6fb69361ef9ba0a34 CLSA-2025:1757015164 TuxCare License Agreement 0 * SECURITY UPDATE: stack-based buffer overflow vulnerability - debian/patches/CVE-2025-6021.patch: Fix integer overflow in xmlBuildQName to improve memory safety - CVE-2025-6021 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack-based buffer overflow vulnerability - debian/patches/CVE-2025-6021.patch: Fix integer overflow in xmlBuildQName to improve memory safety - CVE-2025-6021

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els5_amd64.deb bb9ee7b9245fcecbb7a287da782de583a8aac7ce libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els5_amd64.deb 089b05d3da35ba082cb940e6508c9650d31d5790 libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els5_all.deb 1d94253e625080e96ae7af921b9ac19ead199d30 libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els5_amd64.deb ac6ab46a0284d159733c184d057949423efeffc9 python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els5_amd64.deb cca38b22340a803b6d728dd1f00de68027579208 python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els5_amd64.deb 97d546061af93a84b5930096417cbe0ea75ec978 CLSA-2025:1757076749 TuxCare License Agreement 0 * SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els9_amd64.deb 2cb8671b95074f7954f14f1c1887d2232dfea850 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els9_amd64.deb bac6cbf1e3492ea58103b7d1c4fa9f858726647d squid-common_3.5.27-1ubuntu1.14+tuxcare.els9_all.deb 7f6f5c268db6adb32bd0db7aa2e82479df599357 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els9_amd64.deb 4ffab78afc6cfd1de42eab131db81d0cb1d0502e squid3_3.5.27-1ubuntu1.14+tuxcare.els9_all.deb d3b6c9c4b14597a7e1aa1608fa9280e9a069c45c squidclient_3.5.27-1ubuntu1.14+tuxcare.els9_amd64.deb bd8816997a48b0bab197b798c3d448cd0d346710 CLSA-2025:1757411388 TuxCare License Agreement 0 * SECURITY UPDATE: heap buffer overflow in InterpretImageFilename function - debian/patches/CVE-2025-53014.patch: fix out of bounds read of a single byte in image file interpretation - CVE-2025-53014 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap buffer overflow in InterpretImageFilename function - debian/patches/CVE-2025-53014.patch: fix out of bounds read of a single byte in image file interpretation - CVE-2025-53014

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb aabe925a0a20256b2cea135ba3d8aab709934f7e imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 9301779f1f49d6eb9f36c0a1df13ef6097920956 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 8beff40e551e4507536491272f253688c7635827 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 33abb3a90e3a995536f2b654bcc97356b5c1d7ac imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 68cb882b03e191700438382d46c1d297ec04c82e imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb e959328b0283fae9fcbfce6d137c24e38b0ca23c imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 26c9a3f1b8bd350a7774a77af98427ce8a5220ff libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 30f4f0b41fc74bce567e7919e65da63d367b4b5b libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb e28d377c674d18b46682e95552799a7f25f38f31 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 8dbb65272093915a81d190c97470d7ef5686f95b libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb fc5bae6fa79b8e9ffeebd0f251fb46004801f493 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 1e22949969bc03b84b50373ec68272859f05a9be libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 61374f942b3a7cb0561b0e1d5ceb071e7684c6bb libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 9db0bddff43af6367bc8bff65ea6537c1aabdfb4 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 3a6335287a25a8c7648fdb97b13027e07168e8a6 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 432a167924182928fa4e418cefc74b61810777f6 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 17b160095d1a68f157e9a3d7b58dc4eac8d3c3ac libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 2e3192338f3ee4142971c41c1791ed1327385cd9 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 91cbc0caccf052fb94333f76dd44972f91cb38b7 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 15bca2184d2593c202f32d7f5f717bd740854a07 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 5fb941d71f146cd35addad660586d7a049f95b54 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 4052fef5a3a89d29f564d9dbd51a7d548ff1e522 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb de3c941b5ca838f9f7f0b52b018e35eaf8b724c6 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 6af14e3261178d7bfe4ed91394bb115e5aa1150a libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 433d2fe9f8597d8627488bc715f4a2f1a4ac9007 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb d775718a5af76a681606790949972811d6c0f3eb libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 88860ec8cf235905bcc59f344bff99a359aca587 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 495b9bcd2642d5adb28ef2190b60cd9885c70bf2 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 51993241311c40a496a0ccbab11822ef5cb90919 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_amd64.deb 8769eb7fd921baff7bc086c091caac600174d96e libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 9461773087ac2536bab219ea195ed1c9c4556c4b perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els5_all.deb 0f394c31a1b79381eee2e6180a11891354545ccf CLSA-2025:1757523038 TuxCare License Agreement 0 * SECURITY UPDATE: inadequate error checking in pgsql and pdo_pgsql escaping functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdo_pgsql extensions to prevent storing of improperly escaped data - CVE-2025-1735 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: inadequate error checking in pgsql and pdo_pgsql escaping functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdo_pgsql extensions to prevent storing of improperly escaped data - CVE-2025-1735

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb acb4e80cf3c65410548d00b8477d2138686af40a libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 3f0f8bde880746c48469e85995f886353951ef9f php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_all.deb eaf4526a0e57653251399c0c7630b5072a9accca php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 6887320a8662d7e467b032b7148698748373169b php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 47f1d03ac5d73f850c47939d44c4d81b8e157570 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb e2775ca15e1ed6a1d8ba42b9aded367d8a67022d php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 533db8be5f2e5c57647a3a8e8ca7938ec749d4d0 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb a45971b54b3af403def11c4eaade2b7f3e9a9d57 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 5d8feb27a7302f25915f71b7d1628201f48e6686 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 2526bc73f7e20c6b7a27440d3f17f1978d9517d3 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 0d72b2b370059d9aa43efa304d5ecde5497894c4 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 0196937b21466b32fdb9c22ee742407b865e83bb php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb d15eef577d9a2638c533493fe2fdb6948cc0048c php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb e24382ba0b6c313811b5b4d8b6be4155ed8261ea php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb aed55b9cfd9f06e99168f87274b6f32879b9f553 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 2ada21614af098e93cc902eaf4ee68cff3f97653 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 7bbc98b52d4e115e245b237d1413eae03f310467 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 80ca715b5f2e8fe754e5dd6e50b4f4f656ad7107 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 154c46bff844e3f9b86f14b8dee73ed92c1673e3 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 7ebdc57763ca41dbe5f248e8db0161b0c88c5404 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 340fb10c20b3cab7dea57926fc17a059c6cbcf12 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 103103f63b010dfb255cb73742cb616d8f06511b php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 8dc16f8c9399f05d3f869ddfecc1399716858a3d php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 859a190327822df796ec62dac8b5c16d0d92f045 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb e2638622d57cc42aee49edb908445e82c4dfc368 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb da26ce60861e2f3bb7d5f2f100764cc4e83e816c php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 7cb29216dcb1ffb9fdced67708e0e5edcfd3f429 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 112efaab4d80db8b87c0460863d93057953a5189 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb ccfbb43a61fe19f904d8eea32149824167fca074 php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb b4eb44826f221ce6290d10ac86761203d2bff8a8 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 2d663970a411c23017d68390a4985393179b35af php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 9fe50566560ee53b83fd73d9e347020c472fdc19 php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 1120ffb538b5ee50b1aea25d10c686f8c173723d php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 255d5af801315073d95812d5527d3e75aec7188c php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb b04d45c67a07e97e52672074b1c9c646f6f77f5e php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb fbd965bacf3403369caadb8f6d97a760039b84f7 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_all.deb 9245cdf6981195e163ca415c287d65eb4e13ee92 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els11_amd64.deb 0470237b5df7ea5e5eae60cdeca9fd3d1e2a57d5 CLSA-2025:1757662564 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds read in sftp_handle function - debian/patches/CVE-2025-5318.patch: fix possible buffer overrun by changing '> SFTP_HANDLES' to '>= SFTP_HANDLES' - CVE-2025-5318 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds read in sftp_handle function - debian/patches/CVE-2025-5318.patch: fix possible buffer overrun by changing '> SFTP_HANDLES' to '>= SFTP_HANDLES' - CVE-2025-5318

0 tuxcare-ubuntu18.04-els libssh-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els2_amd64.deb f43b5200a8d38fbd5e0d8ecc3e9ab6fd847eee19 libssh-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els2_amd64.deb 4db9ea94c9f314061431ef886860eff0bd3b1224 libssh-doc_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els2_all.deb 0184c00261a40e236714ba23c168bd876685822a libssh-gcrypt-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els2_amd64.deb dbcb4e86556ed1bc6754f60d14fa52e24e82cc8c libssh-gcrypt-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els2_amd64.deb b7332f2e1c6c9253c96b768e552a62158f39c759 CLSA-2025:1758010922 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2025-38000 - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() * CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url: https://ubuntu.com/security/CVE-2025-37752 - net_sched: sch_sfq: move the limit validation * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50202 // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: propagate directory read errors from nilfs_find_entry() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: Remove check for PageError - nilfs2: return the mapped address from nilfs_get_page() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53131 - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53130 - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint * CVE-url: https://ubuntu.com/security/CVE-2022-49179 - block, bfq: don't move oom_bfqq * CVE-url: https://ubuntu.com/security/CVE-2022-49176 - bfq: fix use-after-free in bfq_dispatch_request * CVE-url: https://ubuntu.com/security/CVE-2025-21956 - drm/amd/display: Assign normalized_pix_clk when color depth = 14 * CVE-url: https://ubuntu.com/security/CVE-2025-21992 - HID: ignore non-functional sensor in HP 5MP Camera * CVE-url: https://ubuntu.com/security/CVE-2025-22021 - netfilter: socket: Lookup orig tuple for IPv6 SNAT * CVE-url: https://ubuntu.com/security/CVE-2025-22073 - spufs: fix a leak on spufs_new_file() failure * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2025-22086 - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow * CVE-url: https://ubuntu.com/security/CVE-2025-21722 - nilfs2: do not force clear folio if buffer is referenced * CVE-url: https://ubuntu.com/security/CVE-2025-22018 - atm: Fix NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-58071 - team: prevent adding a device which is already a team device lower * CVE-url: https://ubuntu.com/security/CVE-2024-58063 - wifi: rtlwifi: fix memory leaks and invalid access at probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-58052 - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table * CVE-url: https://ubuntu.com/security/CVE-2024-58058 - ubifs: skip dumping tnc tree when zroot is null * CVE-url: https://ubuntu.com/security/CVE-2025-21859 - USB: gadget: f_midi: f_midi_complete to call queue_work * CVE-url: https://ubuntu.com/security/CVE-2025-21640 - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-57922 - drm/amd/display: Add check for granularity in dml ceil/floor helpers * CVE-url: https://ubuntu.com/security/CVE-2024-57913 - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind * CVE-url: https://ubuntu.com/security/CVE-2025-21638 - sctp: sysctl: auth_enable: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-50195 - posix-clock: Fix missing timespec64 check in pc_clock_settime() * CVE-url: https://ubuntu.com/security/CVE-2024-50299 - sctp: properly validate chunk size in sctp_sf_ootb() * CVE-url: https://ubuntu.com/security/CVE-2024-50273 - btrfs: reinitialize delayed ref list after deleting it from the list * CVE-url: https://ubuntu.com/security/CVE-2024-41016 - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-50287 - media: v4l2-tpg: prevent the risk of a division by zero * CVE-url: https://ubuntu.com/security/CVE-2024-49965 - ocfs2: remove unreasonable unlock in ocfs2_read_blocks * CVE-url: https://ubuntu.com/security/CVE-2024-50179 - ceph: remove the incorrect Fw reference check when dirtying pages * CVE-url: https://ubuntu.com/security/CVE-2024-40953 - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() * CVE-url: https://ubuntu.com/security/CVE-2024-50290 - media: cx24116: prevent overflows on SNR calculus * CVE-url: https://ubuntu.com/security/CVE-2024-49877 - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-49938 - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit * CVE-url: https://ubuntu.com/security/CVE-2024-50008 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() * CVE-url: https://ubuntu.com/security/CVE-2024-47672 - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead * CVE-url: https://ubuntu.com/security/CVE-2024-49959 - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error * CVE-url: https://ubuntu.com/security/CVE-2024-49963 - mailbox: bcm2835: Fix timeout during suspend mode * CVE-url: https://ubuntu.com/security/CVE-2024-47709 - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). * CVE-url: https://ubuntu.com/security/CVE-2025-21699 - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag * CVE-url: https://ubuntu.com/security/CVE-2025-21689 - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() * CVE-url: https://ubuntu.com/security/CVE-2024-38544 - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt * CVE-url: https://ubuntu.com/security/CVE-2024-50251 - netfilter: nft_payload: sanitize offset and length before calling skb_checksum() * CVE-url: https://ubuntu.com/security/CVE-2024-49949 - udp: add udp gso - net: avoid potential underflow in qdisc_pkt_len_init() with UFO * CVE-url: https://ubuntu.com/security/CVE-2024-53101 - fs: Fix uninitialized value issue in from_kuid and from_kgid * CVE-url: https://ubuntu.com/security/CVE-2023-52975 - scsi: iscsi: Move pool freeing - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-56748 - scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() * CVE-url: https://ubuntu.com/security/CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling * CVE-url: https://ubuntu.com/security/CVE-2024-38541 - of: module: add buffer overflow check in of_modalias() * Miscellaneous upstream changes - fixup! UBUNTU: [Config] updateconfigs for NFSD_FAULT_INJECTION Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2025-38000 - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() * CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url: https://ubuntu.com/security/CVE-2025-37752 - net_sched: sch_sfq: move the limit validation * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-50202 // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: propagate directory read errors from nilfs_find_entry() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-50202 - nilfs2: Remove check for PageError - nilfs2: return the mapped address from nilfs_get_page() * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53131 - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-53130 - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint * CVE-url: https://ubuntu.com/security/CVE-2022-49179 - block, bfq: don't move oom_bfqq * CVE-url: https://ubuntu.com/security/CVE-2022-49176 - bfq: fix use-after-free in bfq_dispatch_request * CVE-url: https://ubuntu.com/security/CVE-2025-21956 - drm/amd/display: Assign normalized_pix_clk when color depth = 14 * CVE-url: https://ubuntu.com/security/CVE-2025-21992 - HID: ignore non-functional sensor in HP 5MP Camera * CVE-url: https://ubuntu.com/security/CVE-2025-22021 - netfilter: socket: Lookup orig tuple for IPv6 SNAT * CVE-url: https://ubuntu.com/security/CVE-2025-22073 - spufs: fix a leak on spufs_new_file() failure * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2025-22086 - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow * CVE-url: https://ubuntu.com/security/CVE-2025-21722 - nilfs2: do not force clear folio if buffer is referenced * CVE-url: https://ubuntu.com/security/CVE-2025-22018 - atm: Fix NULL pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2024-58071 - team: prevent adding a device which is already a team device lower * CVE-url: https://ubuntu.com/security/CVE-2024-58063 - wifi: rtlwifi: fix memory leaks and invalid access at probe error path * CVE-url: https://ubuntu.com/security/CVE-2024-58052 - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table * CVE-url: https://ubuntu.com/security/CVE-2024-58058 - ubifs: skip dumping tnc tree when zroot is null * CVE-url: https://ubuntu.com/security/CVE-2025-21859 - USB: gadget: f_midi: f_midi_complete to call queue_work * CVE-url: https://ubuntu.com/security/CVE-2025-21640 - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-57922 - drm/amd/display: Add check for granularity in dml ceil/floor helpers * CVE-url: https://ubuntu.com/security/CVE-2024-57913 - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind * CVE-url: https://ubuntu.com/security/CVE-2025-21638 - sctp: sysctl: auth_enable: avoid using current->nsproxy * CVE-url: https://ubuntu.com/security/CVE-2024-50195 - posix-clock: Fix missing timespec64 check in pc_clock_settime() * CVE-url: https://ubuntu.com/security/CVE-2024-50299 - sctp: properly validate chunk size in sctp_sf_ootb() * CVE-url: https://ubuntu.com/security/CVE-2024-50273 - btrfs: reinitialize delayed ref list after deleting it from the list * CVE-url: https://ubuntu.com/security/CVE-2024-41016 - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() * CVE-url: https://ubuntu.com/security/CVE-2024-50287 - media: v4l2-tpg: prevent the risk of a division by zero * CVE-url: https://ubuntu.com/security/CVE-2024-49965 - ocfs2: remove unreasonable unlock in ocfs2_read_blocks * CVE-url: https://ubuntu.com/security/CVE-2024-50179 - ceph: remove the incorrect Fw reference check when dirtying pages * CVE-url: https://ubuntu.com/security/CVE-2024-40953 - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() * CVE-url: https://ubuntu.com/security/CVE-2024-50290 - media: cx24116: prevent overflows on SNR calculus * CVE-url: https://ubuntu.com/security/CVE-2024-49877 - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate * CVE-url: https://ubuntu.com/security/CVE-2024-49938 - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit * CVE-url: https://ubuntu.com/security/CVE-2024-50008 - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() * CVE-url: https://ubuntu.com/security/CVE-2024-47672 - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead * CVE-url: https://ubuntu.com/security/CVE-2024-49959 - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error * CVE-url: https://ubuntu.com/security/CVE-2024-49963 - mailbox: bcm2835: Fix timeout during suspend mode * CVE-url: https://ubuntu.com/security/CVE-2024-47709 - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). * CVE-url: https://ubuntu.com/security/CVE-2025-21699 - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag * CVE-url: https://ubuntu.com/security/CVE-2025-21689 - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() * CVE-url: https://ubuntu.com/security/CVE-2024-38544 - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt * CVE-url: https://ubuntu.com/security/CVE-2024-50251 - netfilter: nft_payload: sanitize offset and length before calling skb_checksum() * CVE-url: https://ubuntu.com/security/CVE-2024-49949 - udp: add udp gso - net: avoid potential underflow in qdisc_pkt_len_init() with UFO * CVE-url: https://ubuntu.com/security/CVE-2024-53101 - fs: Fix uninitialized value issue in from_kuid and from_kgid * CVE-url: https://ubuntu.com/security/CVE-2023-52975 - scsi: iscsi: Move pool freeing - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url: https://ubuntu.com/security/CVE-2024-56748 - scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() * CVE-url: https://ubuntu.com/security/CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling * CVE-url: https://ubuntu.com/security/CVE-2024-38541 - of: module: add buffer overflow check in of_modalias() * Miscellaneous upstream changes - fixup! UBUNTU: [Config] updateconfigs for NFSD_FAULT_INJECTION

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb b69d265ebf4e90c6e2793267e839bb3851287f49 linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency_4.15.0-251.262_amd64.deb ea1ee441c0235e8ef97ea282434573ff1fe729f7 linux-cloud-tools-4.15.0-251-tuxcare.els39_4.15.0-251.262_amd64.deb 918e266bce9e4f5744eacd3b91feedd8b586a270 linux-cloud-tools-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb 71d88956801622bdd69e8cfd74e19cbc8385099d linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency_4.15.0-251.262_amd64.deb 7cdb55d92917f0d26342bb519bbb24e4d0d71c03 linux-cloud-tools-common_4.15.0-251.262_all.deb 2b035751349e6fdccb3283c936f18ba58c2988ff linux-doc_4.15.0-251.262_all.deb 2d000cc630397fc20a5a48c5ec535e356eaeea0a linux-headers-4.15.0-251-tuxcare.els39_4.15.0-251.262_all.deb 36d64f7a5a8d64c823ab13ae2c810be2206aa648 linux-headers-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb 41bdbe0040e201df6893d2601c18f3f7f105d8e3 linux-headers-4.15.0-251-tuxcare.els39-lowlatency_4.15.0-251.262_amd64.deb 53280a88f28e26514de4e494519f7a2f8abb45db linux-image-unsigned-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb 0978905af287fabb23bebdd179411520b054e69b linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency_4.15.0-251.262_amd64.deb cb00e124655d5bef8de2aebeef6a412d2ecd7843 linux-libc-dev_4.15.0-251.262_amd64.deb 90a513d92897ee2f29a09591918d0fb262cde1a8 linux-modules-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb 01b2c05d672194f704b5dcb0093d44d7e7b2b2b2 linux-modules-4.15.0-251-tuxcare.els39-lowlatency_4.15.0-251.262_amd64.deb e37be5ea53f3722311ad5a89f12de8104483f2db linux-modules-extra-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb 11c53ccc69e999988445ab73b4177d3ef9c6cc2f linux-source-4.15.0_4.15.0-251.262_all.deb 32b0eea9395cba06d152ef90964de6cdafd48931 linux-tools-4.15.0-251-tuxcare.els39_4.15.0-251.262_amd64.deb b6b7d8988b4651182b7b654a7630b27c79f8fa3f linux-tools-4.15.0-251-tuxcare.els39-generic_4.15.0-251.262_amd64.deb 094a08278d2b7de13448c84a2d22dfc195a52a1c linux-tools-4.15.0-251-tuxcare.els39-lowlatency_4.15.0-251.262_amd64.deb e3ab81f466716f708199600b23e9edc949be447d linux-tools-common_4.15.0-251.262_all.deb 8e311d2812daa83e5ccb7af4ceb1eeb56360cc92 linux-tools-host_4.15.0-251.262_all.deb 90c15aff8a8fb1c1d85c0202215ef33635c16872 CLSA-2025:1758011363 TuxCare License Agreement 0 * Bump ABI 4.15.0-251 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-251

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.251.262_amd64.deb 5d146b3fa1e93aa7dde39eb9b8b4e05622cd7a21 linux-cloud-tools-lowlatency_4.15.0.251.262_amd64.deb 6545c646f0971f845942b203b9652e0e2d75f432 linux-crashdump_4.15.0.251.262_amd64.deb c0e3e7a87584a359092a8e9f16d3d15d9d8a037b linux-generic_4.15.0.251.262_amd64.deb e57f80e908ef1be7da8065bd4024a7ad92b2a614 linux-headers-generic_4.15.0.251.262_amd64.deb b2a96b7b16496497321439169c1ac325cb9be7a0 linux-headers-lowlatency_4.15.0.251.262_amd64.deb a2d0bce79f44929cafc3a588e689ba5581d30b80 linux-image-generic_4.15.0.251.262_amd64.deb 34b04ccb233b432cc9e0ab1893c66fd9b0bb7c13 linux-image-lowlatency_4.15.0.251.262_amd64.deb 03fb2af81efcac6850607c522e28ca77727cf40a linux-lowlatency_4.15.0.251.262_amd64.deb d5479cd2eae395e9059c570b0ce3a111ce06c29f linux-source_4.15.0.251.262_all.deb f91454e785dcf962dd59db3df38f18274649c419 linux-tools-generic_4.15.0.251.262_amd64.deb e9de26b0f22dc44d217908acbfa2d76e4834a554 linux-tools-lowlatency_4.15.0.251.262_amd64.deb 1b440b4187d07a368745c45fdd6179762e6b71d7 CLSA-2025:1758101956 TuxCare License Agreement 0 * SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and deadlock in parsing of maliciously crafted tar archives - debian/patches/CVE-2025-8194.patch: Validate archives to ensure member offsets are non-negative - CVE-2025-8194 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and deadlock in parsing of maliciously crafted tar archives - debian/patches/CVE-2025-8194.patch: Validate archives to ensure member offsets are non-negative - CVE-2025-8194

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_all.deb bafaf3449d6d20d9cb29021ea97df79d40ee193c libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb 44df5e62fb57df141a67906f3726e687c34d596c libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb cbaf1a92a1afcf39fde50edfe45cc547c4b2961d libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb 06074850c3463250d8e4969f85a557def7e50709 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb 232dd128573d228f8fd54f10105b43e94334a9f3 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_all.deb 30d0f59ba83d348bce76d3a3712a285835b9f24a python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb 460d6a8985f6090e60a687865d98e9135792dd20 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb 5f3c21e224d342e4504abbd544cd6ee1851d953c python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_all.deb 1b15edb68edcc8a5583090b78fa06e321e0716bd python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_all.deb ab54cf9f5cb103f6b8247bb837d5971d9fefd738 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb f839eeab287b08caef9b3fee7f137af4e4050e33 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els17_amd64.deb 509e702e950d96952d34e429a25383c10cdfeab8 CLSA-2025:1758228073 TuxCare License Agreement 0 * SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630

0 tuxcare-ubuntu18.04-els dmidecode_3.1-1ubuntu0.1+tuxcare.els1_amd64.deb e23202ef8857f21eec24328dc21763126ec69f10 CLSA-2025:1758289801 TuxCare License Agreement 0 * SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix image filename interpretation issue by adjusting the offset value - CVE-2025-53101 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix image filename interpretation issue by adjusting the offset value - CVE-2025-53101

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb bdaa5ea3017b2b09e358e8e5d6e9ba6cbce15e5e imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 144f331b2cbdb2d39bbd0b5bdad2654f88e8a2ed imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb d15f2c0438573e45edf349f3132e7bad432d736a imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 4fdb23335d7f2a8e4cf58fee71948fc329d90e09 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb cdc11ec8b281bf4e0d01a8b51e2ab0107cc185fe imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 09b75ca6bdabb5210f3fa5d9f7f64810224f3d8c imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 484a254bd7998c35b8bc97f6367e65095edb0aa3 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 0e67805eb57cf28c88a5545f9fab6bed9cb29a6d libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 46e458b7304f922a4587bfaa1957a644e982227e libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb e6ffc2ca1e0f13cdb4c04d0889d7fc55f917ee4b libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 8f1f7bfae8b2cf13c72298c35b22c34e1dcd443d libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 3195bb7533a0b666f794f1fa8874b00a791e9f8f libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 1848966dedc9349fcd2209f40acb5afada52a37a libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb ef0d26774771e102a695e73b0b77660675c6d86b libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 16b45723d748e947a1504d53f614371bc15a2559 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 06ad3faa952eb18ef9ed7e53b726b3cf8f026be3 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb e6edb96d10b63f60f218b869f1fe517b07cc5265 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 7ab8f80c6cb50339c8be008d5e1195aa9eac0dfc libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb c6183cfc108804c6e4060edf2bbaf41cdaf68f3b libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 363e880bb60ca459cce8090a5c63b6ba970a01d5 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 2d4677d885bcfa55059f4ffceb78b0a7bdd4999a libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 6392dea0b3fb906b376f71fa1c363389b67cdd34 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 4ca020b4c91239cbfe6857eb7246dda8df4c8fde libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb fb1c2cccec7b00af8ddb809c9b8f2d771233b0d8 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 65df5743e686523f5988a8c1d2e0a0dcf9ce71e0 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb e772f8afe7620e287c16eeff924e05c3629d7ede libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 5b0c476da35cd3d1fe748e67868e13365057f8f2 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb db9534bde03161c8fac2f134793062af2ae14c64 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 5c564f9d3a557194449fa852468a418e5a9e7c8f libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_amd64.deb 77886397a1de5ada76bc09fb5d065ef916fdfb93 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb 57f39e01c1b848c22f17af22de1a99a3f4be591b perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els6_all.deb bff068ffc4fd5c2971c2b01d7846c1899ba7f9e9 CLSA-2025:1758292868 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption vulnerability in attribute type flags - debian/patches/CVE-2025-7425.patch: Fix heap-use-after-free caused by `atype` corruption - CVE-2025-7425 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption vulnerability in attribute type flags - debian/patches/CVE-2025-7425.patch: Fix heap-use-after-free caused by `atype` corruption - CVE-2025-7425

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els6_amd64.deb 237d8e2f3a4b3dfc8ce9d8167d7ca29054c56b89 libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els6_amd64.deb 7786a5f2cf60c41b7364eab8faff6e85013c1ab7 libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els6_all.deb e208eac8b4539e84010fbbf2d9e82f3f032ae4d0 libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els6_amd64.deb 02c7334963ab3e0c3ab488c3c34e9e635e33e26c python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els6_amd64.deb 9bfe50d10b1b095f3c5b04acf010b08afcba162f python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els6_amd64.deb 281ed87f7e90f8bcac1b59be68b3556f8d511fbd CLSA-2025:1758704282 TuxCare License Agreement 0 * SECURITY UPDATE: heap out-of-bounds write in BlobStream (WriteBlob) - debian/patches/CVE-2025-57807.patch: enforce extent ≥ offset + length when forward-seeking before writes in MagickCore/blob.c - CVE-2025-57807 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap out-of-bounds write in BlobStream (WriteBlob) - debian/patches/CVE-2025-57807.patch: enforce extent ≥ offset + length when forward-seeking before writes in MagickCore/blob.c - CVE-2025-57807

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 0486ce5eb947e92878639d5bb169d18fd600faa2 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 9bb9484bb28f724e0bab6ecaefe4b1c433b054f0 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 8085e24c48ef5d8bffc24182f70bc382dd39d5e2 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 8abbb8ba041782ba5e1ad95ffb8cc26519a485f2 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 06873f36356656ebd43629deb5fbe87213123da5 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb df6e76d3e223ce036a37c0f9e993f2d5c36ade66 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 19cce47e9fcd0bb7a80b1d90c3751911c46db89e libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb b696302316d28f66b5c730099f4458f92cd72511 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 5b134673d41da3e8824ec1ef878146bea28311b7 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 1523b211e5fa5e1ea6ce63ea44acaed2fd1124b5 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb ef99f783cef5ba333ae4e0fbcd277f43853eccfe libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb eed463ee6244b8be2dc65aa7fbaeaeb180e6fc07 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 11ffd7a84a61f6fd6ea2085b1bef120a48b240ac libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 8a8859fb52df5e37635ad049cc3a4c963d3f79b8 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 703f86da14a51753930da64f7a29d7045047715c libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 0b496152e5c403e87d4a43af5d23d7bfea196d58 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb cb8ffa87020f4d0ccbefe2d6fad952f3684f1c4a libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 0114c0fce64c6d355b447fb212c1fbc756a9025b libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 0278c0d08804963857b928c83b91af24590bc2d6 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 3c3a5162ea2c188da68818cb9325ade62adc04e1 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb e016f42793c37b197f22b82c291762c2ae8f2f7d libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb b534252d8060f421db03ad988dbb1057ba33d3d5 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 3a0d009da4538bf418fca793849df67457cfa22f libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 8dfba79c9efaa38f9e837febf3d711fa97dcda81 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 52d6da5f9f44790b4f888821de6ccc6fe2a85acd libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 46c13b327b083a20a31f600225d760c4c1589745 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 5c659a7c3541736398d0e9066743d2dcc61ddba4 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 57a8772ba8209cc1a43f06dd29b8ee59ae73b5e2 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb 276e5a2cf3ad666481dbf7d704212cbe6b26adeb libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_amd64.deb a3da73ea92aa4b2fdb09bcd5421fc20b71ad1373 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb d18a3e7078de65e7f48cd9d9db6b3aebe635d660 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els7_all.deb 92751a104b1cae9181d2308d13b09691fbbe9a14 CLSA-2025:1758915712 TuxCare License Agreement 0 * SECURITY UPDATE: double-free when exporting SAN otherName - debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries. - CVE-2025-32988 * SECURITY UPDATE: 1-byte heap write in certtool template parsing - debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused by malformed certificate template input in certtool. - CVE-2025-32990 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: double-free when exporting SAN otherName - debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries. - CVE-2025-32988 * SECURITY UPDATE: 1-byte heap write in certtool template parsing - debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused by malformed certificate template input in certtool. - CVE-2025-32990

0 tuxcare-ubuntu18.04-els gnutls-bin_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb 9cb4ac3d51f4d55f71e84080c9cf1567bbb79351 gnutls-doc_3.5.18-1ubuntu1.6+tuxcare.els2_all.deb e3382e1498c8ab5b170781e40b79ecdd672a82e4 libgnutls-dane0_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb 579475207a5c949336cbff6ce40696d15233fe49 libgnutls-openssl27_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb 4c91187f289417153d41baa8597a80e2506f6dd2 libgnutls28-dev_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb bbe31003c31e5dd8be053a5cb8ad5e0e173e896f libgnutls30_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb 05e70f6f15b79d602e22e28e2ab6aa0cf69b9627 libgnutlsxx28_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb 1c804e78b2f29a7a83bc25e756b4b7dde6788b57 CLSA-2025:1758916739 TuxCare License Agreement 0 * SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2025-58060.patch: block authentication using alternate method in scheduler/auth.c - CVE-2025-58060 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2025-58060.patch: block authentication using alternate method in scheduler/auth.c - CVE-2025-58060

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb c25bc4698b1b641753cbb9254d72ed86fe68261a cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb 7af8dfcab29502465cf8c8cc2bc8bdcc36fdae7b cups-client_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb e9e50a09cce1809122be58c9263c61905a8e3be0 cups-common_2.2.7-1ubuntu2.10+tuxcare.els6_all.deb 999917fd776f96d999684be8640f842016e998c0 cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb 3b7485e7c9834b20b471e285a21323f516434222 cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb b0d420ccd31f9e4bc82362b86508622d8dd7d4a6 cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb e4fc356e8c722510ce811600a9b70cffd9929c2d cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb f31c5470c9eee1e605475bbd5cf1bc4be4a300c8 cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els6_all.deb 5f4c620e0a4ea6cb63acd52d85fe995886a0d0b0 libcups2_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb dd2c0b93e568b07f1df8325511dd7c9f9fe70e4c libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb 2793b62a6b1ec4dcef8e4ad33fe6214a23d89d03 libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb 4389680c6b156581b0d29ae13fe04bca10134d4e libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb f71e8e0a11cb99dde88f62d8c4d80d0efab993ca libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb 50c070e411b390fc19edc1486c637201a949ede7 libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb 571fa9e314d4280aab23be9b013332d042e8de40 libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els6_amd64.deb b2ffb54e311e1b857033f0a303ed0b6957c2cba3 CLSA-2025:1759145882 TuxCare License Agreement 0 * SECURITY UPDATE: memory leak via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory leak via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 606853cc922a0a9544b45fe24f18886df2f88e18 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb f3bb6882a9655a538b551e02f3548e67e372d464 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 8e7f875921c7890db434b0060f36a5c27ee3a676 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 48971c948287790e736539d4629be88235d680c4 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 50b0772f9e64dceefc8f318dc1cf4766f07635a5 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 6340269fedf3d5a9e68d24328651fd10f9454e1e imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 18d9b235264ffa33c416e478fe82b51f332da4aa libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 7117551eb69334dcd9c62849838a5a3a59062a5f libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 5d6df50b27acf4c9e8316528ca1c8dce08c20070 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 48afc814c7b9f772d67e5ca326d67ad6b28969a8 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 9bd04a2ffc58603fb5141fc0ed9cbd9874af47d4 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb d66380f67ca4f7f116dd6944aa5a52eab67f522b libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 589295eeb44a9d7d72c37a7c430f2a2b531ce6ea libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb f4e2caf96e8cfd5e6789a7ef3a836d7629883d0d libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb a06bc49757f023e9712d21bf7f65ac7a3134c811 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb e26af5c7559a37285365e0516babde03020471c7 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 88fbec57a7136a85762f44815fd2caa408ffeeb7 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 730a159370505635e35913543a60bb3d84b3c3d0 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 7135e225006445ed5707bf80abab81030f1ccb14 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb fde47c72edaaf5d17b667aa7980e887b3c5e6314 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 4d70888208e979acf4d589b6057fa4ebcb7b08bb libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb c6170484590df29c329af870818cf9109d473db9 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 27aaa65700b1dbc07fb1072db08cf5a05c5a93ff libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 0df04f13579c851ee7bbe8d0491b321edadf7728 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 9dc7f81b7b0285a66ca1f80783d09879455ad98e libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 9f56efcca629e062ce2fc3c9013afff990244bfa libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb b0b7699280c36ce599bf21e8fe9c7d7b94879ee3 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 199d0b39a8a3ff854b3574782f6d9da34b8decce libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb a142a06193339bf71961ebfc34a1941409238415 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_amd64.deb 257dd7fe056947e0578ed58a08c5a50c1a0e7dce libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb 1ce6fd07c024c40c876ac767153ba7a3c9339a5a perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els8_all.deb d73f2ee60ec3e15218e808adbfc8dc40a6b61408 CLSA-2025:1759410214 TuxCare License Agreement 0 * SECURITY UPDATE: IPP extension tag parsing vulnerability - debian/patches/CVE-2025-58364.patch: fix handling of extension tag in ipp_read_io() - CVE-2025-58364 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: IPP extension tag parsing vulnerability - debian/patches/CVE-2025-58364.patch: fix handling of extension tag in ipp_read_io() - CVE-2025-58364

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb c332c069f040397a5fe9ae511f804998fda4f862 cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb 1c3e78b0f44b3f9228e167558d461bb68decc581 cups-client_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb 27c914c2d974d073feca8ecfcbe9f85b24e70fe6 cups-common_2.2.7-1ubuntu2.10+tuxcare.els7_all.deb 369e6d87e1d67a52d36070f6af596fb6180eab31 cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb 4e4a4e10aaef28bc9cf11b7716bcb2e94ffd3fd1 cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb f18b5eae65f2959158d5010ac85213659f8d6a67 cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb da2a7f598813da16a3785fbf64ab79566a9f7989 cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb aca6c9711071c9249dd900abd64743dec30f9504 cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els7_all.deb 85229d67fd09f4410c0c0651d57a4aa15e5f1679 libcups2_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb c6d83faebd562f016712ee75f41842dfb8f0dae5 libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb ff6681a4beba5103b549fd69e26b1ff60115d4c0 libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb a14c684f4ce7b505e2440027869f976cabb48332 libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb c38aab3bbfad649d6c448968231b6649316d9746 libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb f981cfcc30690919d1755006fd5d09fee22b29d2 libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb 0d4bb6d6500df36f84ca907a909dc2a7987c09a6 libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els7_amd64.deb fa9822c303f40997d61dc63e29723c0c8c7950c5 CLSA-2025:1759420505 TuxCare License Agreement 0 * SECURITY UPDATE: denial of Service vulnerability due to zero dimensions crash - debian/patches/CVE-2025-55212.patch: Fix invalid width or height checks in ThumbnailImage method and add safe reciprocal function to avoid division by zero - CVE-2025-55212 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of Service vulnerability due to zero dimensions crash - debian/patches/CVE-2025-55212.patch: Fix invalid width or height checks in ThumbnailImage method and add safe reciprocal function to avoid division by zero - CVE-2025-55212

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 1038f02b33346855d9d03fec2bb3541a946fe5c2 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb 4835375fc7e0fce3704148a1f0226bcadfbfa9be imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb 41b14ba438633398d5cce82845a4115b18dc4262 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 75b3ce5ba8c1dd5755a93c17107424ad3e0ad7e3 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 1f3932c5079eb9747540f07af2d1d4e8ef20557a imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb c51351c698efc09c6e930d5772501f0fb43f17af imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb d5e95cb95ba72379da47068137791bc58c66a411 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb fc90e0f33afd6846469e5bb983b7a03b871acc78 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb be51a144e84fc81091284f59ff19516deb9ca7de libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 7af3356c1c30e277a3a257ff242aab90948107f4 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb 10211d117f7138ff64a45bd054659d72bce9c2c2 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 53d04ad3e6f432530eeacdf80cb94891c90376e9 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb b31e97db385d7d9153ce3158366f52f87b572e32 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 387cd8584427e0f588dfff8bb67db16e47af5dbf libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 01b4b992ccc629849a45632a71df21ad0aa3f8bb libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb c0ec37c010f5431823323be694d204e708bd9eda libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb fc933efcfe84079076a142f53d7054be0c5aac1f libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb f41baaecc6ac988fc800e073fb0a9f94c0a1406b libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 4fcf7f46a87c9ed4ffafd99eeb9757afb09fbd7d libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb b69b7cc87e0560e7a92dbfb5915f2fb9328ecb9c libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb ffbba50b30323caacee831b8c6874c51c1104fd5 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb a89a6a21912ec5da3582850bc8525085d2a4b5dd libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 4d78f2beca55ba97e4c7486e1eb67bccd484e26b libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb f2c546a7535338333e6c68a7ae15b7e345071f96 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb 7047c4b9f2cbdeff95be76efb80725921fe7a2bd libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb 760b298778c05c0a46c63f6bf6921e3ad0b3aa49 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 7cc14934727fd9d14417ef38f8bf0f4502cc8005 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 17e93d901841b55374aa6b84cb3100cbb779e1a4 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 9dee0a21a7ff4430a6578664a812f3c16f269f65 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_amd64.deb 1fdea37886cf31442fb9c39384b49345d7a562b6 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb fce79ca9160be1863683f68896ed0db2057eae73 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els9_all.deb 256e9a0f1efca244b964a9474daba3d96a7b26a9 CLSA-2025:1759856673 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption vulnerability from unsafe magnified size calculations in ReadOneMNGIMage - debian/patches/CVE-2025-55154.patch: Fix type mismatch issue in png.c causing incorrect image dimensions calculation - CVE-2025-55154 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption vulnerability from unsafe magnified size calculations in ReadOneMNGIMage - debian/patches/CVE-2025-55154.patch: Fix type mismatch issue in png.c causing incorrect image dimensions calculation - CVE-2025-55154

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb b4fa2f27a1c42a28bffc617b608242e7558e72d3 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 6034013fc20c715e9d60a4de2ac7fef232bf9cfc imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 8f72c6a0ca3f4cab4f0baaab6836615e43d8f7cc imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 7ecd848512261c4481369b767abc11fae950f7f0 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 3d30d5f2a58d0782058f5e3885466efe930c9827 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb c9d25759716f803a04db21e1fddf7ae2458e35da imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb cb60eea908a4acef663359c3bd5b7ad92897cc19 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 7906f4b0f98f17eea46eec778f2ffdd9d1d1096a libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 053953d1327f10cff1f9d8a77554cefde0927fd5 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 9d25b038be79f44a81573f69bae55b2784228cb0 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 4b384ee4166fdad7639e350f4aaaa595a997056a libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 37d05e9bc4bb317ddcd262ecbfb1101992c1c38b libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 0912e46462b21a50057a2af4da4ee702810cf312 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 205113b8371ea76a0c5491ba4f486b3200ccb419 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 99b80af8fe479fa08498b427d86d162c8307d4b8 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 384afdece3bb2cda8ce0a9cc9772ee04a4491984 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 576ac81a99081fb188baa14b364ee1e407dcc8d4 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 783094f2ac5b9076a83328b228993c56e247fd69 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 076e8b87e14e059a630b476de8374881c12a8eac libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 41a106602e3b7c36a16d74fd589556ea5f7a1779 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 429e95c0f663f805cc2dbdc5c36c943f7d84563d libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb e3b5dc246271adb694f02060b987e9c49be999ad libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb f774a0e186dc872174965ac6bf53e4a2e2d26ea3 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb be1a4fddc30738fd84111a91d8a4eeddfffbc5f5 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb a7fc6ea2b531e1345e3581847df1d4e5d28d3bb1 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 6ae1e1092456e88d6b5c4e7d631be54a710c9887 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 3d7c86c3d00ea41bde56f2c5c5f63dffaf102346 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb 91e37c903d945f9abddabbb331a2cd17659c1da6 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb ca79e3e76aaad6fb5decd1b48f6453835a1a2d6f libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_amd64.deb da56dbe200b73de2339bbca03105252cbf32ed5c libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 894fef3cec8fcebd57167da50cb7def6243913de perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els10_all.deb 92ef9618fc329abb8dc4d8fd8def0c833018c58f CLSA-2025:1759864577 TuxCare License Agreement 0 * SECURITY UPDATE: fix privilege escalation in pam_namespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix privilege escalation in pam_namespace - debian/patches-applied/CVE-2025-6020-pre.patch: prerequisite changes - debian/patches-applied/CVE-2025-6020.patch: enforce proper handling of instance directory symlinks to prevent mounting arbitrary paths - CVE-2025-6020

0 tuxcare-ubuntu18.04-els libpam-cracklib_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_amd64.deb 55f5556a29b7ff0b2ad0650a0a9e9be6b6dc428e libpam-doc_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_all.deb 7298f4ed43fbed9a41b0fcdb2efa0fecb587c0e1 libpam-modules_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_amd64.deb 04727872f3c712da156871a1cea596515522dddf libpam-modules-bin_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_amd64.deb 835dabb7e83bbfc5b805364712650923f1e89749 libpam-runtime_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_all.deb 95ec86dcbdfa00cf2b612e391504c9d3379d7cf1 libpam0g_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_amd64.deb 6ec081c38edc8c5ea080ea9f053f89d99f54f685 libpam0g-dev_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els2_amd64.deb f1246821dd079aab83753de9e1f5c5cacc00a897 CLSA-2025:1760017411 TuxCare License Agreement 0 * SECURITY UPDATE: fix NULL pointer dereference in SOAP with huge QName - debian/patches/CVE-2025-6491.patch: Add safeguard in ext/soap/soap.c to handle invalid XML node names produced by libxml2 with extremely large namespace prefixes - CVE-2025-6491 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix NULL pointer dereference in SOAP with huge QName - debian/patches/CVE-2025-6491.patch: Add safeguard in ext/soap/soap.c to handle invalid XML node names produced by libxml2 with extremely large namespace prefixes - CVE-2025-6491

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 9239983029735f1bf2abd22424a0411a364bfb71 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 82c28ebe39dcb9c8d0d8b26b5af95ff2d36f7d15 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_all.deb b9cd3b9b3f2942aff9e25a6822177b43dfc7260d php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 8890e4665de16d44fffa4ed314aaec918d0c13f9 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 7e91084b0f7b8762a2d08437cb93ebf42dea7bf6 php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 4579294620f402df9e7932473d3ced7befd95a38 php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 14bc043d8b59c52e75e1806b321cb406ea41dc66 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb ebe84c921962e964503c7ccad8dd04d60e75c996 php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb fba10b33e20ca21a0c1f04adeddd8c1aaa996be7 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 1f44531f4e05b037fb221190965a273876ec93a9 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb e42358a2e548a3e92a0d2fc8f569c77180b19178 php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 958dd13c2348acc67d76dd41bb9d9a19c26f4b2d php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb a8e72f0f4dc9f93c721f95a929b00679d20a9b2c php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb cbd8dff4f46230a6cc7d206cf9c7bad0c86f2b5e php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb d8a5c052d818bf92cd785e0e95b867827a238b17 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb c5be6a9d42f62c4be2d1e76c34d7273484c114c2 php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 763f6d84bf9e35d33cd7d63ce8167a68692edec1 php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb a4f983bb1117331ad8b7c31e75e2b8885ff86cf1 php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 5562e372ea806353665469fd85ae7079c0a61e66 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb be49b88ce34f2c383df821549db2f4d8a333da81 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 25a5a20fe0d2856d2e9a898eaf5b50b9c9f4f8c5 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb a1e0173baf890d34230c0a28ac1b1250947b2072 php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 48445204d43ca697f70b0c7fb91b40a8a3218f60 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 11987d0762787b7e3f2224f07211a589bcc821fc php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 0a8d8ceef8811df596a5d25c1e7b0c07d362e362 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb f5b313ccdce657af333dbe8fc2cedc1aed00b04d php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 3483e45fbeda7bcebcb3a04bd56ea107c6515f78 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb b90547b88ffa8ac8cb2a08927bb70010e15c1072 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb a1965d682f49d6e92b914a80fffb5cbcc9c6453e php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb a28df842f3596891bcda7b4050693ed68bc0348d php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 106b33fbace1ad6c522074eb1a3d8f472330f3b8 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb b54fbfc041ee251edd226ca7b5be827628949fdf php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 9bb633f75c0d8c78501b46a5986f34fe5da23b4a php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 3df104eb1751ef7ae314e2fd14ea831053bf6369 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 773ca9e697d819c1403d95cc6abb9b6cbfe0ddc5 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 736e0668fd4e6cce87bbdc4ba196fe74a3273434 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_all.deb dc2c9d8c8a506aa081eeb41a132762db4420dcbb php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els12_amd64.deb 4b5f3340fc003ba1fef051684373ec373718c273 CLSA-2025:1760019012 TuxCare License Agreement 0 * SECURITY UPDATE: 32-bit Integer Overflow in BMP Encoder - debian/patches/CVE-2025-57803.patch: Fix buffer overflow issue in BMP decoder caused by insufficient memory allocation - CVE-2025-57803 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: 32-bit Integer Overflow in BMP Encoder - debian/patches/CVE-2025-57803.patch: Fix buffer overflow issue in BMP decoder caused by insufficient memory allocation - CVE-2025-57803

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb d5eb23624bedb545451ddf486fa3d566a8aa087c imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb c15c96f04da218d26a82fd28149b18f308590e8a imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 1f7a7eeca4c8f8a104bcb8c20b615724e8767df2 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 710ba8741b6a94289871f8f47c84d9d6f3dd1e2a imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 8879b02d07129ff6443b40aeba67d86074b18c72 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 05b6f31c4e8b85784176f471aa5b834d31e85de4 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb e24dbb268caae3365ef81087dc2401a1d864e7fe libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 69d8e422df0224a22bf1f174c9c662b1cc6735da libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 6f1737863abd192a961afbeb9855a54271ac9f9d libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 7d8fbc5961b1fbf2ddee8af5c3ddd3431b010ac4 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 1f71811aa0c9cecfd5f7312b185d14cd811ee2d3 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb d63efc4c8cce2f96284ba6beab9fad255837a62c libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 5f44f67dce34046960c1f80b61ee4a5a8e5ce57a libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 610dc16b996003a2909646e1e86c6a53fb28e88b libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb f33053a6a532a969e2a4cc1edf37b9d78486224c libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 9d60055f86ffa705a9a3f9c28981bd6c860e43fb libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 9162de9837b5d9aa3dea16dc2f9c4eb8e4f9a5f7 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb f686637ce5fbafcc6d86fd04070c6a785b35301e libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 5b2163df7fa354ea34c86f8e2400958b276b8d85 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 4f83550caa7e596a807d554e1bbf23b7ad86df51 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb ed9526307c81456857a1b250f48801404a04dae0 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 87ceff6dcc88ad93e5d5f932808a78b0f8870c37 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 571abf552405f18e626bce3b0883d3681047074d libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb bbd61c661c1f7619303bfb820c204f6b3a958f2d libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb d15db24cc426e2e925947286bb2bd5e6d775c475 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb d010504b94998f74e4bfaa27502d92c3f0597ab5 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb cc564f64458932810db29f71d8779af89f7fcf5a libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 3529b9e2a66eaa10097b8153c1816b9fde3a848c libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 37dd96474c4f22d9169b081e85e2062f36c53e4c libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_amd64.deb 7bb8ce5701bec891f891d7ba5395447aa87da231 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 9f822ac6dfe0161975f08eb9bf42176f006c2a5d perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els12_all.deb 2b14cd392f65dd95b433eb8cd53e433905b76c7e CLSA-2025:1760020498 TuxCare License Agreement 0 * SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714-*.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows and resource exhaustion - CVE-2025-9714 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714-*.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows and resource exhaustion - CVE-2025-9714

0 tuxcare-ubuntu18.04-els libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els7_amd64.deb 912e44aed29f88f01b56c3b9322ef3d3e47b6f70 libxml2-dev_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els7_amd64.deb de9f8ac03d0741db988bd0d8d35ab9855ecee92d libxml2-doc_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els7_all.deb b1a29833fd7660cd04abb53420df878927168fce libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els7_amd64.deb e4ea2f116f00ca3b556e9f7a7f6c11cc34ac14ce python-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els7_amd64.deb 28067b2123aab57ea29c68a670d73c6e05251782 python3-libxml2_2.9.4+dfsg1-6.1ubuntu1.9+tuxcare.els7_amd64.deb 79794d7b04f4545ba470871e581d0ab8af2af718 CLSA-2025:1760024944 TuxCare License Agreement 0 * SECURITY UPDATE: Fix directory cleanup vulnerability - dpkg-deb/info.c: Fix cleanup for control member with restricted directories - Add treewalk to set proper permissions before removal for non-root users - CVE-2025-6297 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix directory cleanup vulnerability - dpkg-deb/info.c: Fix cleanup for control member with restricted directories - Add treewalk to set proper permissions before removal for non-root users - CVE-2025-6297

0 tuxcare-ubuntu18.04-els dpkg_1.19.0.5ubuntu2.4+tuxcare.els1_amd64.deb 800d6c6b9dfcc06323070e7e79d7816a1ddacf14 dpkg-dev_1.19.0.5ubuntu2.4+tuxcare.els1_all.deb f0dae26e885862e3dd358eadb7452c6627f3b208 dselect_1.19.0.5ubuntu2.4+tuxcare.els1_amd64.deb cde32c13cbbd2c189b66f563556a659410d786ab libdpkg-dev_1.19.0.5ubuntu2.4+tuxcare.els1_amd64.deb 6e5d6fef6403a3efb7b7fd0dc046a47166236c19 libdpkg-perl_1.19.0.5ubuntu2.4+tuxcare.els1_all.deb 5784a365711b2d2e0133394375fbf10ce7cd3d68 CLSA-2025:1760647898 TuxCare License Agreement 0 * CVE-url: https://ubuntu.com/security/CVE-2022-43945 - NFSD: Protect against send buffer overflow in NFSv3 READ * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52836 - locking/ww_mutex/test: Fix potential workqueue corruption * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52864 - platform/x86: wmi: Fix probe failure when failing to register WMI devices - platform/x86: wmi: remove unnecessary initializations - platform/x86: wmi: Fix opening of char device * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-38350 - net/sched: Always pass notifications when child class becomes empty * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_htb: make htb_qlen_notify() idempotent Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-url: https://ubuntu.com/security/CVE-2022-43945 - NFSD: Protect against send buffer overflow in NFSv3 READ * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52836 - locking/ww_mutex/test: Fix potential workqueue corruption * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52864 - platform/x86: wmi: Fix probe failure when failing to register WMI devices - platform/x86: wmi: remove unnecessary initializations - platform/x86: wmi: Fix opening of char device * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-38350 - net/sched: Always pass notifications when child class becomes empty * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_htb: make htb_qlen_notify() idempotent

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb d5a0d26c21cce8bb8b3d4cd0989c74a5e43d73b8 linux-buildinfo-4.15.0-252-tuxcare.els40-lowlatency_4.15.0-252.263_amd64.deb 8d329980d0897d48e2033e60ef7f43d586c4b207 linux-cloud-tools-4.15.0-252-tuxcare.els40_4.15.0-252.263_amd64.deb bd85411eba2583ac2791d8fc4da2e47fab607396 linux-cloud-tools-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb 394897f74fef885cc64b04f9db67d9d5ac41168f linux-cloud-tools-4.15.0-252-tuxcare.els40-lowlatency_4.15.0-252.263_amd64.deb 488b30c8afe1eb44e3f5dc356e867afa3158d7aa linux-cloud-tools-common_4.15.0-252.263_all.deb 70e4aac04c0d12c8f1873582b9c91c06383945ca linux-cloud-tools-generic_4.15.0.252.263_amd64.deb ef35cc3c2b53b46fd885cc0e4f8cc10134d108a3 linux-cloud-tools-lowlatency_4.15.0.252.263_amd64.deb 39cf8b80e303b4095c020d104e2d80d4dd8cceac linux-crashdump_4.15.0.252.263_amd64.deb ee6cb8a729e7080a0a7abbdd1eed692f8f4fae18 linux-doc_4.15.0-252.263_all.deb 45b66c9e47045c69ce1c41b1131f2cbc88e59bf2 linux-generic_4.15.0.252.263_amd64.deb b9c131ef4f2a0936e00396d39325ba9449bf19c0 linux-headers-4.15.0-252-tuxcare.els40_4.15.0-252.263_all.deb ac48a98eb9ec149e3669b5327cfbd2a91e2a4be4 linux-headers-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb 77bfd46e3e2c4ff2ba3c4408753855a7f4872008 linux-headers-4.15.0-252-tuxcare.els40-lowlatency_4.15.0-252.263_amd64.deb 6afbed7e2718ea7eeede43a6bd7e2bd7a9ed3d7a linux-headers-generic_4.15.0.252.263_amd64.deb d96e856f9e764bd90dc10241b650da8cefbec64b linux-headers-lowlatency_4.15.0.252.263_amd64.deb 8a9c91cf87de09db3befb7fe5adbd8c9aedf9cca linux-image-generic_4.15.0.252.263_amd64.deb 33ba992a8b84baca95654cc54ab789949fffa614 linux-image-lowlatency_4.15.0.252.263_amd64.deb 9c41d4d8d71e8e76032b0279a835b6371bb78754 linux-image-unsigned-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb 72e8ce568c5161ecf3122727d608db75fd6974db linux-image-unsigned-4.15.0-252-tuxcare.els40-lowlatency_4.15.0-252.263_amd64.deb 48c50382b628244a3ea2b907a4e1559d48b52001 linux-libc-dev_4.15.0-252.263_amd64.deb 7b1cd462f491813826007f6cd23d966e3fc7d90b linux-lowlatency_4.15.0.252.263_amd64.deb fb4fb946f244ac89eedb68e9b874d00dab361193 linux-modules-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb 5d8920bbda3bf4fa2aeded8f2b35eea4d79ffac1 linux-modules-4.15.0-252-tuxcare.els40-lowlatency_4.15.0-252.263_amd64.deb 8c2918c4d161bdb1cd870ea7c106c10e8acf91b8 linux-modules-extra-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb 7515cbdc269e112aa92d698443d06a84664109a5 linux-source_4.15.0.252.263_all.deb 0c3642d650d169c65914144f8a106ef6056d50c0 linux-source-4.15.0_4.15.0-252.263_all.deb 430644abaa0c03561235d1082951cc6bd4757e28 linux-tools-4.15.0-252-tuxcare.els40_4.15.0-252.263_amd64.deb b95f9f0958f6075314b36bdcc421589afb15a4c7 linux-tools-4.15.0-252-tuxcare.els40-generic_4.15.0-252.263_amd64.deb 8edda45f13f5b1f667687e5c08c2879f000b4cba linux-tools-4.15.0-252-tuxcare.els40-lowlatency_4.15.0-252.263_amd64.deb 6c0862aec127ae6b479df992c0afee4e519c73b8 linux-tools-common_4.15.0-252.263_all.deb a879bbd1e7c946b164fb592b0fdf3cf576cef61e linux-tools-generic_4.15.0.252.263_amd64.deb cfa1a1c06828b79ef63b3303211d4303dc03b265 linux-tools-host_4.15.0-252.263_all.deb 34accbf633766499eb50d463977b8016327f38bb linux-tools-lowlatency_4.15.0.252.263_amd64.deb 1b1362314f957c9703531b26ef167b3facc3f0b7 CLSA-2025:1760649038 TuxCare License Agreement 0 * Bump ABI 4.15.0-252 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Bump ABI 4.15.0-252

0 tuxcare-ubuntu18.04-els linux-cloud-tools-generic_4.15.0.252.263_amd64.deb ef35cc3c2b53b46fd885cc0e4f8cc10134d108a3 linux-cloud-tools-lowlatency_4.15.0.252.263_amd64.deb 39cf8b80e303b4095c020d104e2d80d4dd8cceac linux-crashdump_4.15.0.252.263_amd64.deb ee6cb8a729e7080a0a7abbdd1eed692f8f4fae18 linux-generic_4.15.0.252.263_amd64.deb b9c131ef4f2a0936e00396d39325ba9449bf19c0 linux-headers-generic_4.15.0.252.263_amd64.deb d96e856f9e764bd90dc10241b650da8cefbec64b linux-headers-lowlatency_4.15.0.252.263_amd64.deb 8a9c91cf87de09db3befb7fe5adbd8c9aedf9cca linux-image-generic_4.15.0.252.263_amd64.deb 33ba992a8b84baca95654cc54ab789949fffa614 linux-image-lowlatency_4.15.0.252.263_amd64.deb 9c41d4d8d71e8e76032b0279a835b6371bb78754 linux-lowlatency_4.15.0.252.263_amd64.deb fb4fb946f244ac89eedb68e9b874d00dab361193 linux-source_4.15.0.252.263_all.deb 0c3642d650d169c65914144f8a106ef6056d50c0 linux-tools-generic_4.15.0.252.263_amd64.deb cfa1a1c06828b79ef63b3303211d4303dc03b265 linux-tools-lowlatency_4.15.0.252.263_amd64.deb 1b1362314f957c9703531b26ef167b3facc3f0b7 CLSA-2025:1762544876 TuxCare License Agreement 0 * SECURITY UPDATE: heap-buffer overflow read in MNG - debian/patches/CVE-2025-55004.patch: Fix heap buffer overflow issue in MNG magnification with alpha channel - debian/patches/fix-missing-cast-function.patch: Fix missing CastDoubleToLong function failing build - CVE-2025-55004 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-buffer overflow read in MNG - debian/patches/CVE-2025-55004.patch: Fix heap buffer overflow issue in MNG magnification with alpha channel - debian/patches/fix-missing-cast-function.patch: Fix missing CastDoubleToLong function failing build - CVE-2025-55004

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 38f898978209ae9623aa7328dadd70ca74feb588 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 862f32b46a9d01be5316bcf6e8e55d5f70bbdeea imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 6535ff42df427c8bf8719b0318acb75fdb0262c0 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 12e48e81d067f6bd7bf6e71ac37eb86d414ef1f5 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 02d573b96def41a722ee8b5dc05f74d90c62845e imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 5787d79a8d6e0cf86341fde7253840d52c6d1083 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb edf842d9cbddf0ddc7ee431cb935702357331324 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb f597f4d49e8361757e860abe60ca5e24a5db94c3 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb c287b08fb060def573b66eebdadee30b95c7956b libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb b8af4f1dc9ba13f0ca801fcae04a01614aaa070b libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 3a5afbc99ce0557bf9ff502f473c5214f94b36a0 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 995f25e0adf399fa2909287d376490175cecf44b libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb b16d3e25d074996518a7a59891c139403ede44cb libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 9b9e49cf25babc5e272ee405055269877629fd39 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 43c6e7229c0a196ece53d292ad6eaefda769d41f libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 2a378aa6f8227c11dac5021524d0dcaed78b315c libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 2f07e7053c80155dc3c0e05daf3c0b2f2cb86b56 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 5437baf39246159d578b8e2f7b12699e94ab524e libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 6a35b241123746e02105b62abd5812cc45c8cbad libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb d8030a769842434c9007f7bcdc2685fbd90b65ef libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 3f289ca2e3a8e2fef5257e35799ba891098503a3 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb e2e4a395078d7ad2b56a6e5bfcd0553cd124fc0d libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 49b10d10d2288b8a4d17dc5a82ffe318e7cab28e libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb f3d9082dac0a8cae1890137b0e659a1aa65772f9 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 9f2d7fd8ca89545596cc3d734e65a154e9e55dd7 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb ccb5644f8f74961e95e4f9f0ad1c362c36ee544a libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 33baaaa253486db408c0ef30504f12ce8367fb18 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 41d8d7ee0e80020c9147511d526fc959c9eac6a4 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb 9d351d8d38c90a086dac2f7a087cca69986e22a0 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_amd64.deb a2a07d3fb6acfb6a8ed2fd5f3e487e14a8603a67 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb af725197ae0d55078c624ea0a92252648b6b0b4b perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els13_all.deb 0100926a646039e190bc556a5750bc6aabf9e7d6 CLSA-2025:1763043157 TuxCare License Agreement 0 * SECURITY UPDATE: UBSan function-type-mismatch - debian/patches/CVE-2025-55160.patch: Fix UBSan function-type-mismatch in cloning functions - CVE-2025-55160 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: UBSan function-type-mismatch - debian/patches/CVE-2025-55160.patch: Fix UBSan function-type-mismatch in cloning functions - CVE-2025-55160

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 02f7044dc081cd71b5fe3abbc6687ce7ea5c149c imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 7202b8e6452ff3d44f1a7d4ad041c86c0a9206d2 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb f503d745f9b2c39a5dce31dc02ab156e9ae33128 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 2218822700f92b15fd2d567ba237dc3ba3335b87 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb ca16f745c777cc4ae5113b9601122a2bdaaf5836 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 2ff3adcd7d3e54d2fa20931cd179c651c9adf730 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb a73c730afca325c47ede98bbf87b34e0a4a9ac1d libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 642015c46e403f9a3e84680fdb4c6a6902b7d6a2 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 4e0c9fbb80c1914c5a2e39935db9f1ef714a1595 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 53d2a56123e4d160047cba54b9cfe4105958ba33 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 7ecd2c1a31a422ac707b5bbce72f4f252e0511cf libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 64fcdd71dec08b9c71cdf02431503f9a157d4731 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 8bc40f3d650c702147e4008b93e65766c457e61e libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 4fa5c3afc1b86a0b5a3cbabb67c738c247790044 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb f56411f3863e504e10fa7caa7d9b90ef0e0b570d libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 051b787b204304fd08bf6165f448e9f52dac3569 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 8ed5770f136f021689c10903d1fdef028304e5e6 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 055fe7b896926495b136f2796b20714f1d0f287e libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb a2d0d639e5ab8dfce458d40ca5e739ee30e654b8 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 297fecfe92db4edc4d27f9de333647ff598d91a0 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb d2e0a416fb697999398b39e03e5024f6d51f09cd libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 9ba1be725613d08d48837cb3145166246a6c014b libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 2e97697453c5742dfe88d632da9ec133a4ff02f6 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 8ba9bacc0066fc9f59c63f78eb0e882d9235c507 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb a61437c5057895b1411e1127fe04cb1bddfd62d9 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 83a0e9878788e0e7bdbb1b5eae6935bb3390d968 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb c4fd31994f6e22f5546f1eb48f39539d181cc385 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 1d0219ee001f7cc4002c69cd10233255ea30328f libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 93b7dfdfb005157bd5af9b6138d61c6817cb129e libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_amd64.deb 365dfcec6e68b77363ea008e116091a484df78d4 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb b572b4cd802496fe379b780df6c64621d6a45c59 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els14_all.deb 8942bcb34378efd4e624fb87648ec5a38c8623b4 CLSA-2025:1763467263 TuxCare License Agreement 0 * SECURITY UPDATE: information disclosure via HTTP authentication credentials - debian/patches/CVE-2025-62168.patch: Fix bug causing visibility of proxy auth data to scripts by redacting credentials from error page code expansion output and mailto link generation - CVE-2025-62168 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: information disclosure via HTTP authentication credentials - debian/patches/CVE-2025-62168.patch: Fix bug causing visibility of proxy auth data to scripts by redacting credentials from error page code expansion output and mailto link generation - CVE-2025-62168

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els10_amd64.deb a2a178c0c13ffcce23bf622c415ff9d2de7e6a10 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els10_amd64.deb 641bb161372d100ee6c1482539a01fa6014b7c0f squid-common_3.5.27-1ubuntu1.14+tuxcare.els10_all.deb 216ad0a811c5d5e1b19d511ed6386163f40a6f03 squid-purge_3.5.27-1ubuntu1.14+tuxcare.els10_amd64.deb 370ed074568c2552a05bdf7d97caca7f94e25a77 squid3_3.5.27-1ubuntu1.14+tuxcare.els10_all.deb 6730be1be910fbc935b04b3b49d663eeeeb709f9 squidclient_3.5.27-1ubuntu1.14+tuxcare.els10_amd64.deb 4a87eee75a66d44d4fe343d1219480192fc2b847 CLSA-2025:1763990271 TuxCare License Agreement 0 * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2024-58072 - wifi: rtlwifi: remove unused check_buddy_priv * Focal update: v5.4.291 upstream stable release (LP: #2106002) - wifi: rtlwifi: remove unused timer and related code - wifi: rtlwifi: remove unused dualmac control leftovers * Focal update: v5.4.237 upstream stable release (LP: #2023420) - ext4: move where set the MAY_INLINE_DATA flag is set * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - ext4: ignore xattrs past end - net: ppp: Add bound checking for skb data on ppp_sync_txmung - media: venus: hfi: add check to handle incorrect queue size - sctp: detect and prevent references to a freed transport in sendmsg - ext4: improve xattr consistency checking and error reporting - ext4: introduce ITAIL helper - ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() - ibmvnic: Do not attempt to login if RX or TX queues are not allocated - ibmvnic: Enable GRO - ibmvnic: Fix netdev feature clobbering during a reset - ibmvnic: create send_control_ip_offload - ibmvnic: Define vnic_login_client_data name field as unsized array - ibmvnic: Use strscpy() instead of strncpy() - ibmvnic: Use kernel helpers for hex dumps - wifi: at76c50x: fix use after free access in at76_disconnect Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2024-58072 - wifi: rtlwifi: remove unused check_buddy_priv * Focal update: v5.4.291 upstream stable release (LP: #2106002) - wifi: rtlwifi: remove unused timer and related code - wifi: rtlwifi: remove unused dualmac control leftovers * Focal update: v5.4.237 upstream stable release (LP: #2023420) - ext4: move where set the MAY_INLINE_DATA flag is set * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - ext4: ignore xattrs past end - net: ppp: Add bound checking for skb data on ppp_sync_txmung - media: venus: hfi: add check to handle incorrect queue size - sctp: detect and prevent references to a freed transport in sendmsg - ext4: improve xattr consistency checking and error reporting - ext4: introduce ITAIL helper - ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() - ibmvnic: Do not attempt to login if RX or TX queues are not allocated - ibmvnic: Enable GRO - ibmvnic: Fix netdev feature clobbering during a reset - ibmvnic: create send_control_ip_offload - ibmvnic: Define vnic_login_client_data name field as unsized array - ibmvnic: Use strscpy() instead of strncpy() - ibmvnic: Use kernel helpers for hex dumps - wifi: at76c50x: fix use after free access in at76_disconnect

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb 6809a4831ce296f2dc62da41e6ba18cefbbf73e4 linux-buildinfo-4.15.0-253-tuxcare.els41-lowlatency_4.15.0-253.264_amd64.deb 538d0fd732946c3189767df194cf98650b6b4565 linux-cloud-tools-4.15.0-253-tuxcare.els41_4.15.0-253.264_amd64.deb 0ec24574b9aae091dfc79f8f259f4ca457f08abc linux-cloud-tools-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb a24f15987c6abe47e75d4ff9c50add684b5dec8a linux-cloud-tools-4.15.0-253-tuxcare.els41-lowlatency_4.15.0-253.264_amd64.deb 450cddb9de0c0fc28db8318d5db4dc46585aacd9 linux-cloud-tools-common_4.15.0-253.264_all.deb 85b7f5f02b32b715b507b24ffa3826ab2bef4afd linux-doc_4.15.0-253.264_all.deb cd69ba0adf61d91d7199cb78226fd65f3f5af365 linux-headers-4.15.0-253-tuxcare.els41_4.15.0-253.264_all.deb 424c8f24df99f8b447b3a579d09a7fed9fcf0a95 linux-headers-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb 16a099b7fb96b09030deb49d127496bdcf940fc0 linux-headers-4.15.0-253-tuxcare.els41-lowlatency_4.15.0-253.264_amd64.deb f583803d6be1cee2b3507b1a69f238d28bdac7f9 linux-image-unsigned-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb 1651bb27815e400b562ddbb9dc2a59e81dc43376 linux-image-unsigned-4.15.0-253-tuxcare.els41-lowlatency_4.15.0-253.264_amd64.deb 0b0643a2c8766691c18f95ead59248eaa6eb58f6 linux-libc-dev_4.15.0-253.264_amd64.deb b84fcab92b1ae83821f5973eb409c939e27f65c9 linux-modules-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb 081ecd6c6d839003daf824f0888adba3401c7498 linux-modules-4.15.0-253-tuxcare.els41-lowlatency_4.15.0-253.264_amd64.deb e58338b3becc04fbc68b86e17930f418df4e425f linux-modules-extra-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb b53470425acd0339c0b5b04e5bb086b4d086c8c5 linux-source-4.15.0_4.15.0-253.264_all.deb 72ba47fd2a1c753cf0bf074c8f7425235bad6d3e linux-tools-4.15.0-253-tuxcare.els41_4.15.0-253.264_amd64.deb eb901b1b23a8770d26115e967f99d98fdc57c554 linux-tools-4.15.0-253-tuxcare.els41-generic_4.15.0-253.264_amd64.deb eb3209d9ee2567f25d2b5240d0c1965c9a281f1b linux-tools-4.15.0-253-tuxcare.els41-lowlatency_4.15.0-253.264_amd64.deb 4d4371cd54fe494bbb784e2f91f9eb9bca0f9d94 linux-tools-common_4.15.0-253.264_all.deb 230e7282132cc73392bca84b933b5fdb21dca23c linux-tools-host_4.15.0-253.264_all.deb 0f427301f1e3a85d972816fa786285c6f3b63037 CLSA-2025:1764773600 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems caused by memory allocation failure - CVE-2025-62171 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems caused by memory allocation failure - CVE-2025-62171

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb f32c5796d4727f0de26a570354857058c52fabeb imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 89ccbf1a590bea5b855f28fd97ec725d6b183f5c imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 5784cd64d0bd38cdfd4a0ff0f2da8fea4f4c8801 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb a9aef514febac5ca49b294921f41f41649ab6145 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb bcb8ba571131f708f3dcdcd5ecf937faf7a2a849 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb cb98209a4815dbc4bb43bcaf68d85fc65a22a031 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 050feaa0e7d64f1127127475acc650e2ce50671a libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb b6e71140e11fddec25a6f7c382e090b33dffaa79 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb a0ae64e910f42d100d3d7cbb55df93261108b5d6 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 4b9678a59736df13731ba8515ac6f187d25df666 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb ef5cdc6d2d88db2a6531e096ef739400005c9325 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb c60e8f4b0b92ab30d8af7c20b28263ce1642a324 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 61b5c4b67e69d3ecd26cbee91c4a90b08fa0e7a1 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 02a8c0afb425fe098fe637fc21b9f4904ad243fa libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 42688219411ad4c010c8188d89a854447de7970e libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 576e89631a535e2919466129d937fe6782d5e530 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb aa4939bee81a518c131593767e0c08d70146ae46 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 885613d3e436295ddafcb8f18e69d2055b7281b8 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 906c8197c62ec811044ffccc605d3f1bd3be4628 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb ded0496d55a3208bdd305ca5e842a345350fd09f libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 1e69d77bac1a3578b177624ca59bbdc82e121bc0 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 18962de57147ea963f80ad7cb4fea0af9f9d4654 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb ca12013a5f6f11b4dfce031db71b4b9d59ffdaf0 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb a4de95be7363d304e7c147ffc5ae9f81b2bfa096 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 95d09604c1078b0814920dd72d310d112f28e34b libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 2153b8d98324df747ed1856b067248be6043c2c0 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb ab87bef5ceff557998e1fa1d38f5f8cbad047dec libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb 1cf4da9fdd347ed09b057882f98bb1076c459e64 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb f74d8289a58c6ce0ddca5929aa26041483db1084 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_amd64.deb aa6f2cddb48d5e3372af61166d24f65a737ba63a libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 930e00d8e8d30e84bd7d1b3af2ebf4870ef74163 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els15_all.deb 04189836d0d8b063907aeeae1e67cab827518891 CLSA-2025:1765451524 TuxCare License Agreement 0 * OpenJDK 8u472 release - CVE-2025-53057: fix unauthorized remote data-modification - CVE-2025-53066: fix unauthorized remote data access - CVE-2025-61748: fix limited remote unauthorized data modification - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-October/thread.html Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u472 release - CVE-2025-53057: fix unauthorized remote data-modification - CVE-2025-53066: fix unauthorized remote data access - CVE-2025-61748: fix limited remote unauthorized data modification - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-October/thread.html

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u472-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb c39093ffd5607269c214864c5dbe48e13677eda3 openjdk-8-doc_8u472-ga-0ubuntu1~18.04+tuxcare.els1_all.deb 84276008466e16554877b2a3f4bbbfec184213ac openjdk-8-jdk_8u472-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 16f4b1162086a7bb46a80ff6c449811df2fecfab openjdk-8-jdk-headless_8u472-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb c98674ce2559ea2bdea352bcaed69baf75946e4c openjdk-8-jre_8u472-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 34e0e8509a5c6c599779f04075e2463c18920aa1 openjdk-8-jre-headless_8u472-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb 877bd7a0ddc1b2ef6efd3630933f8b605c284398 openjdk-8-jre-zero_8u472-ga-0ubuntu1~18.04+tuxcare.els1_amd64.deb b332b9c66c6210818a878cf259f07a1b8d13f2b0 openjdk-8-source_8u472-ga-0ubuntu1~18.04+tuxcare.els1_all.deb b909a6b6f0823a4d6f45bb798c2007e84754f928 CLSA-2025:1765478108 TuxCare License Agreement 0 * SECURITY UPDATE: remove abort call in debug format printing code - debian/patches/CVE-2025-11839.patch: remove call to abort in the debug format printing code, allowing display of fuzzed input files to complete without triggering an abort - CVE-2025-11839 * SECURITY UPDATE: fix SEGV in vfinfo - debian/patches/CVE-2025-11840.patch: prevent segmentation fault by checking for NULL name in reloc howto structure in coff_slurp_reloc_table - CVE-2025-11840 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: remove abort call in debug format printing code - debian/patches/CVE-2025-11839.patch: remove call to abort in the debug format printing code, allowing display of fuzzed input files to complete without triggering an abort - CVE-2025-11839 * SECURITY UPDATE: fix SEGV in vfinfo - debian/patches/CVE-2025-11840.patch: prevent segmentation fault by checking for NULL name in reloc howto structure in coff_slurp_reloc_table - CVE-2025-11840

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb aeeed06071c276d28b48abd742fec008d59be2ae binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb bbdec33a93170bbb7dd383d6eb257d2b2e092082 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 9ba5bc9f8c06eaa51fd94bebd9b9ceff38740349 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb dd7687f7b6abe7dce7d39b22b923ca70d5df2fd8 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb e9192ade33c4a1e68713e61feb108a13e341cf28 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 36c6e14a518378bbf1273b647e6d1fc904be5c53 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 06fc0f768d62f8c69de889d809ed84b4f33a7a1b binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els11_all.deb 737365b9776e812edb3c3d2c3e9c15c051e19efd binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els11_all.deb 8115574ba480cd82ea19d770168ea076e229bf28 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 51afc688b0cacb1a5e70ffe66438322e19e96461 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb ce6f3c31b9881f6f485cbd278fb46ac3712274d0 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb d257300b8fb21becebb6e4d52d999bf746d8df1c binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb b11b9aff4ff811964cacd6d320a338a3f9efff47 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 25e3d37166f0e0b1076f380e1f030d3375a065fb binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 129ef38c49151e87b15588485da24483f8300cf3 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb f4c0e3fd07788329dfa0e8cb523958b8df39e95b binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 83b03cd89bdee0ad6b9a4a4e61f6f64b683d89cb binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 52421fbcdd51a112541380c90494d28299974eaf binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 87ff830881afb3629c759a54d94fa0a80ba65149 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 4b574a4da4d0c1f8d2f14caae374ea7cdd4eb72a binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb d31bfd12f60e0de8628815b0d7b2ccc7b8f1f83f binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb f2d7ada81c3e13560e776dec733d8722d2a9cf6b binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb f02f45ec16bbbfa0e64c67458f909b613ee00de7 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 6f9a9089f29f9d7a7dc7cac04ce94fc0c6e17a6a binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb fbb9176b66034c6f298231abff15beabd57c86e4 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 4f773cc9dd7881b7b330ee1ef8f29a6505f1d35a binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 664fb560187606ff1e0037fd1d7f6cc2269f9704 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 056aea4958a670a83e46db0a988a6808ccf7f126 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb e1481c9f89c401f429a3d2258c57fde3dc9795bd binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 02c38cd9af248796bfd5fb5dca93cfad11c98734 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb f93544e949a9003f804877ef759b9d1d5288e9ce binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 13780296a47dc1e559bc60f1e9ec91a1d490cfd8 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 0f78fa0689ed51a0e0978dedac27256846db3219 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 84f7dd4f89a8e8db6f6f1c28e60f4ca683ef3266 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 659ee0a83ad53ce22e1662093e70f06f17da9ee7 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 6f9be094b89823d9cc8821d7e8a83b3de3cbc048 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 79940365f308ba4f89ac03dc144475825908fd80 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 6b02fe025430b6b671c883be259a1826aeae6bba binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els11_all.deb 9fe73403d409b98b6e2ee56945dbec6730289964 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb c8c1f1374c4f8004605f10cf04f90fcf22e1707c binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb d6aa51b77b6e31f4f4c241d47d52c4e39c7e7f48 binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 3e78079953006408d9746d8e818871d3e09e41d8 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb ccdb63aad879ed83a74c5cbac9bf4db2400684c4 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els11_amd64.deb 6415354748dcedd1d3bef30706e2aef75d6a722c CLSA-2025:1765801626 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption when handling malformed ELF files - debian/patches/CVE-2025-1182.patch: prevent illegal memory access in bfd_elf_reloc_symbol_deleted_p() when processing corrupt ELF input - CVE-2025-1182 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption when handling malformed ELF files - debian/patches/CVE-2025-1182.patch: prevent illegal memory access in bfd_elf_reloc_symbol_deleted_p() when processing corrupt ELF input - CVE-2025-1182

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 260ec7701ee494bf4760360904da0eb3e9d26205 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 9027a3ae71bf2133b5dcfd1f275cd9c8ec409383 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 398287028f0e0a80bfcd54cbcc8f3dc55bb07d8b binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 1da0c8de73b7df46f4072438607b6e0a34bcb0b3 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 1efe72e28edc5efe953bd6332f6d55d27499e842 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb f37b49da787dc93c8ee3b1dcb4c8eb26bfe303fb binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb e162e81c8a2b9253936debbf3cf6fe60994c5c5e binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els13_all.deb 097cffab4218d0be81cc9ccff2b4ac58dd3e9f3e binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els13_all.deb 5e16c453788e34886c788c2bbd010c1623deab7f binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 0a718cb4b2e8012498334098c1f4bedc52d58f61 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 04a6f6424e3137a969bcc8c104c59f9bcb98a59c binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb d58ed38123ea018809bcec74c7aac81ffac02e52 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb bc5018acc560d4608bede14bfdc388b8075ed069 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 2c5f5b82da639f7c8a3aa1944e36d02b15e64d2f binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 7c8f58537f01b8a7cc1c12d3bdd3719f9e381dde binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 4567e6177990eb4bbf2bca96dc7e3d4df98e6686 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 2df0523ccbde2ed4b06fdd30120a96993f059920 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 8e30640f8c25fdaec1c8fa4026387bfe243ec300 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb a7e0df93bb58c28640ab0c2b0de54328034af2d7 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 838b99e5f3f715de78e563adafb426d1bbb417ab binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 4960c0e401b11b1ffe1c2a9ef35a5447809de7f5 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 30e1f70effedbcd0300cd3540a48976886f6624a binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 6313f5fc42f879da8dd8112b5997954b194edcbb binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 55966ab2f2d48973d978930e089802b17796394f binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 5291f805009d4a26039b2159fc5c0bafd4583a35 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb ee04b28722bcd52e8d8470199ae6cadcaa2197c2 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 4c1ebfbe8dc0b17f0c0bd01ac8d9995e49b88825 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 047da11641f498ca0dc44939a18faf453441df59 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 4c62cc2ce49261800a5d28e32b090cc603b00ee9 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb a4e1f92e1f2156967e195d5c88a070231d372ea9 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb d5fb171b6954fd632f66bb3ce3c3574478b33329 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb d554fe87f198f2d9b648be3c5b8823cf0573a946 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb e5b3e90fa337d3636b4d986859656757c3487d36 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb a4ad4bf4021e556ca1caff5a3eaca84732ee33bb binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 86fc13f7d9b61fdde925a2d14818fb6c3b1ecc35 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb b15db2cf69287fe1117a96fb53efa9f342449a05 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb ad814cf7cb24857023b9a0f0f3700d45819dc1c5 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb cbda2ac8e346d6d3487bfc920d55f6e9e0e83a4f binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els13_all.deb 8e96b17d680f66ad7aeaa3b4a8146eebe49e3cb9 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 3dc85ca47dd634b238c9bc6eceb020b3507f3af7 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 159c55cff3180d6e4d3474de1b6edb86fbbe6071 binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 811d0938f77d275266cb39c8116ff2ff1e0a3ad4 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb debe5339abb2fd7fa0d6fbad272b2e93831857a2 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els13_amd64.deb 923fb1c3ede91568e1a3e12e950ad8056e804e1b CLSA-2025:1766051004 TuxCare License Agreement 0 * SECURITY UPDATE: debug_information memory leak in process_debug_info - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking alloc_num_debug_info_entries instead of num_debug_info_entries to determine whether debug_information has been allocated - CVE-2025-8225 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: debug_information memory leak in process_debug_info - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking alloc_num_debug_info_entries instead of num_debug_info_entries to determine whether debug_information has been allocated - CVE-2025-8225

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 0595cde7dc4857afb2dbf973ec56846bc9d6dfb3 binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 58c733452cd68cb1a7b170d247f08b31f5907342 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 8b48af1fc56a890271d26de28f19b62b2e6350c2 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 7f17577c1c443fdc561eab30f98353d47ae6ac86 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 450fdc5d4de6602995d68fa0da92f44f699d8325 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb b0b5eea7799feb5aee12dbbdb9437f7d51a2513c binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 1f34889ebf9cb22539eff9796642139ad056f877 binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els14_all.deb ed5a9e9322f53e8cf030cb8175cd3d820d833549 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els14_all.deb 515a3e01da42adf27b81859475c49dcb268b6139 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 1d8efe83e1d31cffb7cc8c6a9d32fb34e57c6011 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb cb7486eb06c2589696ae1bccf2567e9c8718de5c binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 487b5dfdc16e21fc56396967152c05fe4a5feb06 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 32ac46a1a07f3cc685122a498b7ffab161a7eef8 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 2298abf4f54ef2e2104cb048b7144787b664be5d binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 8aad5d91ec84384e3861300dc957d84a1f4f3cf1 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 784b8c97508e721cd8f81920f8c731f7e1146be2 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 5b6bde15480effdd9d5e7e9e475c2cf9dc2ae1fa binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 3e3599b6ca94bfdd5b4dfc84bf78c34ac7ac16b8 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 2386d107bd33eb7b470d9b6a1ba5ad92a00a3e50 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb aea35a5e285efb3eebd7ddbd65ac69fe1e0058ea binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 9a6d0fa28a201ecd82b0bd0acf2421097308ba9b binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb dc9ff600c3218e1ac3d74cf4b7316be4ca6c708f binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 7bf2ca3b657b335b316c947e0e3184dc02cc1212 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb c825a998299a179461db43e199f22d0266bb9dea binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 50c13472ea84006753f3cf4a6354f6c7ad160da2 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 7d5dfeea30788466f3838d9463f29a0322156400 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb d420bd57953f357c88ff3b85ba4d053c9b0c8b23 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 94db80912115920ae3868992f4155a09889c10bf binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb c301caa2383f400a77b6a5da4bee0912137588fd binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb ce55ccfbd53a35ff345f2e6eafb70a4779ecb9f5 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 9552a0bd8d1132a2e5b0f9c960ef0201ccbc4ada binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 10bc4473ef7c1a5433b1644633daf3497298230d binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 3280b2e8cf11faf78f8990400b8d11aef7ea5328 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 1f307dca649e9e817d823c7ce2afe4bdfc3d54b8 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 6e809568f722555238be5bec967f83f7d0c496fc binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 38938541aebd07372025e1acebc8f07c84374b7d binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb bb6679346c1649de12a1ab083a36fbe3776bd670 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb bc205081d8f6fd5a92cc6195c9b128a97b8cc8c7 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els14_all.deb 3e2ce74bcd233adf6e41416f6a7dd635f79988e4 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 21d4e843b594a4b936ff278e39d61dd299a31cc3 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb b44b4e4d74a33065da28fd161dd4b98167ad8c5a binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 484f9912a8b31caf984adfa70e781c597f395b47 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 1e89f2ea700db445119b2ac02978547c22e0c07c libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els14_amd64.deb 49a3c0dde059811fcad95555d89b2829dacf0f47 CLSA-2025:1766137116 TuxCare License Agreement 0 * Reworked CVE-2025-6020 patches to preserve ABI compatibility - Add _pam_modutil_sanitize_helper_fds() as a static inline helper in the header for modules - Keep the exported pam_modutil_sanitize_helper_fds() in libpam as a wrapper that calls the new helper None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Reworked CVE-2025-6020 patches to preserve ABI compatibility - Add _pam_modutil_sanitize_helper_fds() as a static inline helper in the header for modules - Keep the exported pam_modutil_sanitize_helper_fds() in libpam as a wrapper that calls the new helper

0 tuxcare-ubuntu18.04-els libpam-cracklib_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_amd64.deb d4144c10676e40d5c7d1bae2ad44ad8485d858fa libpam-doc_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_all.deb 348d95f9a32df2fb4fc0cbac79096b7b19848c1d libpam-modules_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_amd64.deb 180810f8207a119bf69b737654b37a38aeaf9f6b libpam-modules-bin_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_amd64.deb a91e0fdda85d160ab66ec5cf33b92ead7a076f85 libpam-runtime_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_all.deb b43efd4123043ab932a49bb1b57e887870f77317 libpam0g_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_amd64.deb ea9ece7147ec1f4c95b42b95d185257ce550e2a9 libpam0g-dev_1.1.8-3.6ubuntu2.18.04.6+tuxcare.els3_amd64.deb 1c06214266649889e8388e30be114231b2923815 CLSA-2025:1766657780 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption when processing relocations for ELF files - debian/patches/CVE-2025-1181.patch: prevent illegal memory access when checking relocs in a corrupt ELF binary - CVE-2025-1181 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption when processing relocations for ELF files - debian/patches/CVE-2025-1181.patch: prevent illegal memory access when checking relocs in a corrupt ELF binary - CVE-2025-1181

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb ca07e4a4b442198bf57104c6ddd07490bd13915b binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb ee8bd53a9c614e1dca47dfb14ba7df1e8d1a0b0d binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 899bd23c52e61b6601335fbf99a6fc1c59833920 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb f1be0443c45bf5ef5a7f2c639e3b3c5c5061c65e binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 16257c12e728886cead463c547638986a79586d6 binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 33231233eeb89134673dba212cac44d5b9aecc9b binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb cc681969b151f23dc6d402073574c37eee41688d binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els15_all.deb 5be96b57f30b9c9cba815e84f3b9591b79ee0679 binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els15_all.deb 0876084e42a3640f5d426bc5e2bc844049901181 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 0bc7ea8c2ea83bd7cbe1f4338f55381770038da0 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 6bfe85fe68f9f32d9f630be0035dd62af9495bb0 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 23c7228e82264cf6e740c91b060595a01411de7b binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb c5856cc1df53f206b631cca7aa013f8ba2039044 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb da9348402ec28af2d0a11d5cb75e9d97aaf3dcf4 binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 7cd1319855d3dc379ee2fbe3f624d8c65f6ff66e binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 419e5e0b290715558731dabeaee8d4cb27f94416 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 4ef1260f8d431d6e9ef008b1d6758917daf53f12 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb b3066987cdd2721b166afab9987185cbcb346203 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb a784ddfab423fd03e2c70764d55a35c4552c97b3 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 24ff0ffbe2cbe8c160139d0cf5f0741113c33ad8 binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb b00358483bd2ae0de50b6eedb17abd0278f91714 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 20e897a9b7d6864e06315e87048c78d80d25fd01 binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb b428c3fcca25c2ff3de1349bab4680327ebc874d binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 20116edc9b5560e2e9b6bc8a8dc927ff40fce8b9 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 4d35b20ba80c3bc7846ec9a43dcc9116bc85fdc7 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 422e9c95de9d7f23024fbd851824b53e954cd153 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 5122158d973bcc105155dc8c701a9972671306dc binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 0b29a63c4ff86b6a51e8a15adae1a7891d802715 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb ff271ab342948d838b796ee0f519d8a482d6f63b binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 45d61d386e9dc71bbad94237518ba30982ffd14b binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb d46e917b6364ac4a8d1d2ea6a9027715cd789823 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb dc0362d399ffa6b9c8cdacc40dc9bb8c794f0721 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 00f1bb0235af0a19d88678a69074848fd867401d binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 2ceebfa7c0f162e015a8c0e5a0761d0377ff55c3 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb c945e67ce0be0c338afd1fafe4a5716cedc13886 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 290318b1e1df0e121ad147c4febb82b9d9fc14f0 binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb e1e31667a15fedc98f07ceb12752fcaf610b85ea binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 8766c1d0c8b28a0a1f3135fea2cdff95c0198af3 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els15_all.deb 8ca1962e2644792f034e553ae782ca5284b4a8ef binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb b1fa84876303a4e97e03f7f8535e2e2a989a8fa3 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb f6e9da86382e762c23191dab292ac8b8c73d550a binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb cac8288bac6c7fa3bf42ed8225497b1648e83476 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb d486ff258200a157ef83b48c9971b9c57a20ea41 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els15_amd64.deb 8c0a1df2a39978b579808e85a6ff751f2ab09395 CLSA-2025:1767120767 TuxCare License Agreement 0 * SECURITY UPDATE: Heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HT_MAX_SIZE before allocation. - CVE-2025-14178 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HT_MAX_SIZE before allocation. - CVE-2025-14178

0 tuxcare-ubuntu18.04-els libapache2-mod-php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 609a612382c25c00ab51393546ba54c6892762c8 libphp7.2-embed_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 1da7a6f596f5f18c724897a8375fba8d918208c5 php7.2_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_all.deb 6adfd31af272d4aad32eb03ea16766d3b1326328 php7.2-bcmath_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb a90e974db88d7b49f7c8bf0c4d5a6d8961542ae0 php7.2-bz2_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 7bb67efcc8eee960f68362208c74724777755b2e php7.2-cgi_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 1e5124406b365ccdf0d9575db6be394279830786 php7.2-cli_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb c3a7375fdf6b1fd357f0ad028571d0140e491278 php7.2-common_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 8b68eba02b9abee6c760f7165eb44b44a0d7a13e php7.2-curl_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 48be7f7575f65fd825c474b68f2ee2265c6b73c7 php7.2-dba_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb bcab07e05a52c01f197a86c24fa1e26f26f48a36 php7.2-dev_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb e64ce50a475f1f0631b65909d10aae99867f803c php7.2-enchant_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 7cc78c82d5f3f60e558328b14419b7acbd4f07f0 php7.2-fpm_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb c3889cfd3e05fe3e79938d0fca9c89d77d8537ea php7.2-gd_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 9f245fc03dc14a1f76187091be10156604d35346 php7.2-gmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 0299c2e933ad54ee739517c6f1e497f288eb0e84 php7.2-imap_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 33bb7bf441ce1a113c3014ce711011f0b90e3abf php7.2-interbase_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 2d6d11eee08cb36f6200d66ed6441249dda61bfb php7.2-intl_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb af875370932a32983c106335d37a55fc9166bceb php7.2-json_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 67d14ffa84cb668796a361123519f39804ce1e26 php7.2-ldap_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 9ab738fc763efb8d97a8de4321247a4127457c64 php7.2-mbstring_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 4a4e886f9a0c195ab9d8a230003d3a9fb3dcd8b1 php7.2-mysql_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb f44de337d1d86b6289140bd4ae0c2fd19863c0de php7.2-odbc_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 900a26e22213dc537aef957ed9e92f3aaf36d978 php7.2-opcache_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 0f24c10f8cc740dbeae2bdb10378b05fea58f8e9 php7.2-pgsql_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb a980bbceaaebffa58b961da56b3a80f82a054ed1 php7.2-phpdbg_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 9e48856248b8b1ae087673d99f4f100bfe777f69 php7.2-pspell_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 5fb62db8ddaabe99403dafa91bf7f4e935e8bb37 php7.2-readline_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb f37ebf4625713438ba6c30b2d256e8b5b67f26a1 php7.2-recode_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb c76a4da3ebba015c1a4e142f4d7f99dfc9a14e3b php7.2-snmp_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb b0e8aecb6b5c7c2ade237eba41bd9c4126cc1c13 php7.2-soap_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb f673e37d13b52eda24dc2218f10f25cc098b1601 php7.2-sqlite3_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb e41bb00d7d0989cca666ca1b3fc835fda5b751ac php7.2-sybase_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 18c733be9395dd793564db0cb43bcfd26bcaa380 php7.2-tidy_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 173f494097fed3c75865a351e1cb35e9e7046fc8 php7.2-xml_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 180547aebb33cec167c007bed037a7d49425c3f1 php7.2-xmlrpc_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb 6f530792b1eb2c3889741f0312cf2779cdb2b8f4 php7.2-xsl_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_all.deb b3a9b17e766e413a126a9c9b2e504025aed10a26 php7.2-zip_7.2.24-0ubuntu0.18.04.17+tuxcare.els13_amd64.deb c200f89a24d2e3d2e3b9bad9fcb1676b7d628068 CLSA-2026:1767626154 TuxCare License Agreement 0 * SECURITY UPDATE: Heap-based buffer overflow in elf_swap_shdr function - debian/patches/CVE-2025-11083.patch: Avoid a linker crash by rejecting corrupt section headers in linker input files. Changed elf_swap_shdr_in to return bfd_boolean and validate section sizes against file size to detect and reject corrupt headers - CVE-2025-11083 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based buffer overflow in elf_swap_shdr function - debian/patches/CVE-2025-11083.patch: Avoid a linker crash by rejecting corrupt section headers in linker input files. Changed elf_swap_shdr_in to return bfd_boolean and validate section sizes against file size to detect and reject corrupt headers - CVE-2025-11083

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 58e03191df8292803abfe0b9848c9661da66640f binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 08bf2dfacd22e1cd3e372ad03d8c7f537b79052a binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb a7cc1bbdf2db16706c30bbb8370d90b1c32baa80 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 92c263cec486bcd23294e95880520f9f55ac3459 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 24c7a2b26df77f68b07d1515b430c9a57cbc69ee binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 35aeb6334b041e14c131c749254278ac7b1d051b binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 9df3a3b813ddd9ad833cbab8d598555d273f6e4b binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els16_all.deb 0d7564f202ddd02dd74db02c4cce53fc667134fd binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els16_all.deb ce3920efa900e454fecf5ba12a735b506be3d118 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 53c9b6b98d786a9721dadf8db17e9d444bc8b7ea binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 25d0c688405db68b793022cd2edf6c33bcd2483a binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb dca77a6a4b4a5f985908c6e1fd86ce0fb6acb048 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb bc09621ca76dc6c5a93d16ca61d97b22876bf289 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 502e3fb4edfccd3afb4c51fdc63d6d93f5ca792e binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb d7cd183c96cc8c56c167e1dcb04c64d6497383ed binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 22c635123540caa6f7709e12917a398c76964f99 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb c976eba453ff0c26dd82bcbdbc3577b002cc6ead binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 2b1fd452affbd57a04e5cb26fb208d82eea59cbc binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb d1b71c6e67c88172478421adf87fdedb90f1e652 binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 68c4d72c586c4aeeabe93b990cd3bd62fef8aaba binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 19203c47dce229bad0c7ac49c31cab86b342deec binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 30a827f9cdac1997680bf3b61eac77b956939787 binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb aea9fee80f90394bd61a1f3ab1292198e3071dd5 binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb e483ebb38838a68ac787f5ecb4936ba912405dd4 binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb abab0d89176c8dadb7e5c944d2a4c9da5e494a89 binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 175125c49f7959bc3d2cd5b8279874eef4f3a75a binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb e8d8458491b6e549eaa72fa77878a62b68566713 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 56b62a322fcccff562a6ca609ed6e0c9b4931e01 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 04e305a0b60d9fc6d7cc3e026aef0841d4cd8b02 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 0700e555dd6a6ca9ccef9f71d17946e0c45a6009 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 27afed28472b8a3f3f95aa78cfc495e9c12827e8 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb b3dde9dc8c65b65c78aef7146b570bdf6d7ed679 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 8e692dee786aaa6002c41eb0f8d5378b68240813 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 71a529befc4c1332159a2c34438cbd71c696c371 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 116fc0b5d07bf7cce6b513d430f5dcf3cabf4ee2 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb e6025de65f22d697024b57ed93812907e026dc0e binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 97b811098b0b6d3acf42d475051e4e7d7f8a89a1 binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 579066d31d1d083829c08514ddf9aa05a1c8417b binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els16_all.deb 9d5467b1db2fbb89d3b576b5b12351bfc9845a35 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb e86460f5a2ea7aa69c1b2b714b51ad45a74a50a7 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 452f2b1420c86f633e643d5113413f4d324560cd binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 1679c739832f426d20af49b41d8e68d1b1803db0 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb f2e08207f998e0b4922ab4b6b1f4f202a67ba0ec libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els16_amd64.deb 6db96c1b1019a435b71418b76e86f9f7568ed5b9 CLSA-2026:1768210674 TuxCare License Agreement 0 * SECURITY UPDATE: Possible DoS attack caused by a slow client communication - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client - CVE-2025-58436 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Possible DoS attack caused by a slow client communication - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client - CVE-2025-58436

0 tuxcare-ubuntu18.04-els cups_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb d6e24a019fd838121d8d84601a1a9e1e6d7aef46 cups-bsd_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 90a3c399de6dc5df6e98b6a6f165f181971015ee cups-client_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 65c37397a2b2e197896c2633b9fa44dfbdc5b1db cups-common_2.2.7-1ubuntu2.10+tuxcare.els8_all.deb a94daae7ba7e1bcb36f3eb595e2b33c7e2b56912 cups-core-drivers_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 977e3f8d61bb0618b1a979769f0993a3d0073c44 cups-daemon_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 5ae8e023fdf6e7db41f206e17cb97422e2c82401 cups-ipp-utils_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb cfa752964ef2439f0eb61b4560467a705d4eb352 cups-ppdc_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 6a9aef89b4c0ca04912eea81863e250e8ea9309f cups-server-common_2.2.7-1ubuntu2.10+tuxcare.els8_all.deb 1d02c3956d28a5a949560162c06c7d1c3f53246b libcups2_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 71f32a1fd01ee4cab17a86c406df0cddecd711a9 libcups2-dev_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 23092f695c797af1210ae8be0c297a95665374a7 libcupscgi1_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb a486d89016b48ae6dd5fd106b17b3136536f58a4 libcupsimage2_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 948b66c130c7c43ced4a04b425f60a884b2438ab libcupsimage2-dev_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 28d2d52bbbd69bc2ac85408373208d3d8af18443 libcupsmime1_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb 16e351c1c6c7cfb1f9cf7a7c96c30a186eb38fbc libcupsppdc1_2.2.7-1ubuntu2.10+tuxcare.els8_amd64.deb ea0445738c9ec3df51aa400b95bb529b8c0f4e8a CLSA-2026:1768211193 TuxCare License Agreement 0 * SECURITY UPDATE: Carriage Return characters in credential protocol - debian/patches/CVE-2024-52006.patch: fix to disallow Carriage Return characters in the credential protocol by default to prevent vulnerabilities when credential helpers interpret bare Carriage Returns as newlines - CVE-2024-52006 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Carriage Return characters in credential protocol - debian/patches/CVE-2024-52006.patch: fix to disallow Carriage Return characters in the credential protocol by default to prevent vulnerabilities when credential helpers interpret bare Carriage Returns as newlines - CVE-2024-52006

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els9_amd64.deb 7b2fb19819d69f0390d8a63f8931486216949d41 git-all_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 2cd177a51ed4a669012b26ba138e648940913c36 git-cvs_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 1abe0e4e5fc2318ae7a5d7cd0d6c9187f3da8c48 git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 819c4a7ca86350d6be29be397c08aff1c6d5896b git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb b8b3eeb54a279ed360ea4eba5257890c43c6b637 git-doc_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb ce4f5199dda22d16399980e948a13f7973a76c3b git-el_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb b9dda46b331366f1f8175ee60d06ae56e0d7f2fa git-email_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb f4d5eaf4081a7b02eed0e7341e02bce404217061 git-gui_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 02cb2ea2d9c75a76b51afacf708fda0d3d079008 git-man_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb bda7868f108819fcf49a9678f510ab332fd0d5fd git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 376d84511bacdad01020556a7eb6af7becc87b05 git-svn_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 6a4bf8d9b122c2ea0658493689927ef85e160c20 gitk_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb edcd025b481306936bc58a5ddfee8572e2b0d481 gitweb_2.17.1-1ubuntu0.18+tuxcare.els9_all.deb 335b9b7bd9e3274825caaf9883ad2e6df4cd56b9 CLSA-2026:1768224570 TuxCare License Agreement 0 * SECURITY UPDATE: einfo calls with %F specifier do not always exit - debian/patches/CVE-2025-1153.patch: introduce fatal() function that always exits, replacing einfo calls with %F specifier to prevent program continuation after fatal errors - CVE-2025-1153 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: einfo calls with %F specifier do not always exit - debian/patches/CVE-2025-1153.patch: introduce fatal() function that always exits, replacing einfo calls with %F specifier to prevent program continuation after fatal errors - CVE-2025-1153

0 tuxcare-ubuntu18.04-els binutils_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 98b557d5d36f8fc583c6409af95ce60b9afd157c binutils-aarch64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 4110963188068934aa5321878224878192ae14f5 binutils-alpha-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 542b53927d7c366d7f1d97af12117311714cf906 binutils-arm-linux-gnueabi_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb e8ef3acf37940f18959558053219e2332c20e252 binutils-arm-linux-gnueabihf_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb a5d8b3d7c2a092638437bbd1fcdc68af67ccc4ec binutils-common_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb fa8d2da26cad095f6e7361339f324e7b223d1393 binutils-dev_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb c0579f4a8d0e5f146fd35965cef0c0bed0b063bc binutils-doc_2.30-21ubuntu1~18.04.9+tuxcare.els17_all.deb 4cb1130d80151a28d33fe4ccf4ffe385a37da82f binutils-for-build_2.30-21ubuntu1~18.04.9+tuxcare.els17_all.deb fd4d384dfad8a53eda44d5732ea4b00c41c09088 binutils-for-host_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 5e1b2fcdd33dad70b0bb5031123cebeddc6b5229 binutils-hppa-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 9967470073f5e216847abe7242104b2da84a6598 binutils-hppa64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb d02adc6d64e3c2a1588d0aa5be802721ea9d8587 binutils-i686-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 117358840191cb4407aab494fc68022bffbf79d3 binutils-i686-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 7e5c7030c65ca43b4a3c3ad6fbe7ff8277ccb42d binutils-i686-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb d41eee88c4d9f59c403bc571559b1c3b68f83ba5 binutils-ia64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb a859e90b1af775680dc15a75398b17e8279d9629 binutils-m68k-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 62aa5c352187f30d847b713e2433d915e84a8b69 binutils-mips-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb c14a53587c4f7cc34b36e435c180f7d467e1bdd3 binutils-mips64-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 82094c93390989aa11f14da2f1b694c61765118f binutils-mips64-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb ec80bceedecae7d6d79193877f9cebfceaebc701 binutils-mips64el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 4ccad5fd17ea3e8b66a9fd54b82f703df2959b68 binutils-mips64el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 6f877a91d66bef8881b2465a4a147f439659da0c binutils-mipsel-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 1369b9586bfc7a3a0dfcb6d5753a2564bb86eaee binutils-mipsisa32r6-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 9ac6246d0bdfd0bccd67ef48d4dadfe6f745158d binutils-mipsisa32r6el-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 1256e9b3f6ec1059c4adb5c89096570003f1ff4a binutils-mipsisa64r6-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 249fa0f078fbc12bc44bf939bb5837ff22241b44 binutils-mipsisa64r6-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb deacf7b5e03bbcebb137698f818f3e1f922682c5 binutils-mipsisa64r6el-linux-gnuabi64_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb a388d606b4c1de44c660d3b54f254aa26e2a4d07 binutils-mipsisa64r6el-linux-gnuabin32_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 9283b248c7fb77c0a3398b5333a47301ba261139 binutils-multiarch_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb fa42cd06b265b4104be56076e7399de47942b437 binutils-multiarch-dev_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 6017d48ed0768e3515823609ff292a946e4a5f69 binutils-powerpc-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 7931592461ae780f01104d4934bc8d7e591238d9 binutils-powerpc-linux-gnuspe_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 5ef2cbc5c0744ff5c6a9d7276840af8ccbd03210 binutils-powerpc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb d750b9983e861e37fcb32a67aaae4d9ac3269975 binutils-powerpc64le-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 14eb015ebf2067b48f818c0e20823a2150ee06e8 binutils-riscv64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 505306cc88f36110097307d86db4c882c924365f binutils-s390x-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 331e3653acb2b0416f0e4e8fde4484acbf47f81b binutils-sh4-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 4afe57ee6e62fad15fbb90988812741f18639543 binutils-source_2.30-21ubuntu1~18.04.9+tuxcare.els17_all.deb 20b11a6c910dc45058e4abf2dd7732bff59b2209 binutils-sparc64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 315ebd572c41d35acda5993fb4e0d780d49c84d4 binutils-x86-64-kfreebsd-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 792ce30d99176b810ecbff4fd198e32fa84771fa binutils-x86-64-linux-gnu_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 05a2128eb59c6a9aecd0aee703af27761e9f9497 binutils-x86-64-linux-gnux32_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 1be51c33c825a41b1781ccc563084786ca976df9 libbinutils_2.30-21ubuntu1~18.04.9+tuxcare.els17_amd64.deb 86f145a558f9476a6e62a1063f71eda9e74e8e51 CLSA-2026:1769187509 TuxCare License Agreement 0 * SECURITY UPDATE: Revert fix for CVE-2025-55004 - This version of ImageMagick is not affected by CVE-2025-55004 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Revert fix for CVE-2025-55004 - This version of ImageMagick is not affected by CVE-2025-55004

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 97258f2d01adad69e628587fd39c9d4194acc6b5 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb 4c88144de5cdce776b932a990847075a6c3d7c78 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb b6a406c88b769fc3057dede751f73e172d63e4dc imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb b214a8a56ea15bd96551a10c18e54171d61278e2 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb d297186a2a640730e643e1be64718712c5e1d116 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb be839700cd8e7e3c2d7ab136c792c0c369c96486 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb eab652ba338192514e582154172e5f5e69432c22 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb dd037a9a95f2ab134d245196a149f4a4f8259501 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 0b32f876787d35958c815b3d5d0bafa321918560 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb c7e2679900725fb96a905759902cb6c14caf422c libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb 5f69dc46e3a3e45876b8cafbeb82803e959c52e4 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 80b658f6fc037d321df25c2df9ccebc5dcff1eba libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 34164b8c13c54061aed412f2a0550f515e3d2817 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb f76c500dbf8818f92d5f8695a94f86b5b6dd2cc7 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 84cf6b03db83daff68bb4226386fa6067d9224c6 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb 584f77126db715a5df1618fb929e604568fe6280 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 194ed1991dcb12d51137759cc4e2ae36e20f8c32 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb e0d3e3e8e57ba61eb378eb0aa747fda4f70be7d6 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 7bee983523bd49adf42607b7fd1ded5c4c0dbf96 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 38e2c915d63c7efdf450e13d8f852dacbd10bb18 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 4af09097e0979dc2ca347ce4a3a753cb7bad39bd libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 823b2107011f0d73d51bfd379315163bd733613d libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb ce75cfb0d39a769775b0fbed00bb1b8bcba8618d libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 61662a48d078f5bad98cd987520502d56f1fece8 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb 47df3b97ceb8a2b5afb6fcef94880e2322bbee44 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb 09b20a82b9ca81891afc854ad0b1f38e80b7b6af libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb da72fcc7b36ac366386535a3b16c65f69102acf6 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 88a0e312f02f911af871e93f58c1dc5b60c516e3 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb 3b07358f677391b5f2b9615d27f02639c12e0240 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_amd64.deb c160280f3084c40e30cd72d44eff3f89ce0bef82 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb af394c27c56d32cac77dd5063b7fab4c93e933d4 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els16_all.deb 18439936994b40b7b3c1f2501fa4972363bd5279 CLSA-2026:1769015071 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: Fix faulty double increment in armor_filter function. - CVE-2025-68973 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: Fix faulty double increment in armor_filter function. - CVE-2025-68973

0 tuxcare-ubuntu18.04-els dirmngr_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb ede4350796f3ab65353cdc2b61167eadcd46c0ef gnupg_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb edcc76e95514b2143397b27b3a1ca4d19f478d17 gnupg-agent_2.2.4-1ubuntu1.6+tuxcare.els1_all.deb 182b065681706042790560262cc59d45443f91ec gnupg-l10n_2.2.4-1ubuntu1.6+tuxcare.els1_all.deb 4586f098703bb523dbf3a47f732e57bce434d6d7 gnupg-utils_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb c6ba0197e3754d718fc454b77539a8550d3cc12c gnupg2_2.2.4-1ubuntu1.6+tuxcare.els1_all.deb de66f72edc6606ed20f6b8f52f393aff788ed51e gpg_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb ef2d2d08a70852b28bbc81de820dd44eba53333a gpg-agent_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 7b3f7e95f7398bbe75770c3f4117ba90d08fa00f gpg-wks-client_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 4992d4b655d3a05c2ca625b49ddfa9146ecc3f06 gpg-wks-server_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 36d56a206abfab134af8c1f7b4c9bdab47ee650e gpgconf_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 7518c3167d3d0629f67d633271ce8d8a3cbbc829 gpgsm_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb aaa2402dbb09f83c6e3ab4552304e702021b46f6 gpgv_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 76294c0220c14468023f0249b573431b56333d90 gpgv-static_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 1988f7b6e00775238f4061c0ea577dff200849b0 gpgv-win32_2.2.4-1ubuntu1.6+tuxcare.els1_all.deb d07e5903324d80e5b76b6c8d65a79c14ef9c63a1 gpgv2_2.2.4-1ubuntu1.6+tuxcare.els1_all.deb 2d51529f5e8d9e21993071d52aa99185c4a8fe53 scdaemon_2.2.4-1ubuntu1.6+tuxcare.els1_amd64.deb 8fa0b83d5bd1e8e05ce2167ca0bc0516468cd49e CLSA-2026:1769507907 TuxCare License Agreement 0 * SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode <host>[:<port>] in credential_format(), sanitize the user prompt - CVE-2024-50349 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode <host>[:<port>] in credential_format(), sanitize the user prompt - CVE-2024-50349

0 tuxcare-ubuntu18.04-els git_2.17.1-1ubuntu0.18+tuxcare.els10_amd64.deb 904f41ce9afd50e501ad16486eae893c789c870c git-all_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb 9413812360b34acded99712704d424a269824a6e git-cvs_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb a4893c79ae88ca310c654580a9cd3923e6fcd67c git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb cd155587f4677f59293882838f09bfe32e4c5fac git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb 5f7901da8d134f7c4af21d54f2d9a305a9993c60 git-doc_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb 2364579cedc88a31c87e4e0992914c25ca7cee6a git-el_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb bd4c730514b89b7ee44f971548c0808cd1e16a60 git-email_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb dd4ae3d267a5650bb6f2a75c9fe42baef630d55f git-gui_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb 4eb70d73c3219edd0c83e970255111d8287d36b0 git-man_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb ef6bb224364992368afb7b634f0a365eaeaf1bd1 git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb b91e69e4432f3e1c763199462ab3b43e4fefe8fd git-svn_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb 5c7aef0a2e204ab472dc3db27d1c54738166fc99 gitk_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb d6d749253d6bd707a4a7de0adf322b4443e81212 gitweb_2.17.1-1ubuntu0.18+tuxcare.els10_all.deb 6f23929330406c08abaf3cbc6a3d80325e1f8112 CLSA-2026:1770216604 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-11-11: - New microcodes: sig 0x000a06e1, pf_mask 0x97, 2025-06-27, rev 0x1000273, size 1635328 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056 sig 0x000806f4, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f4, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f5, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f5, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f6, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f6, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f7, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f8, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f8, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x00090672, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x00090675, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000906a3, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906a4, pf_mask 0x40, 2025-06-13, rev 0x000b, size 119808 sig 0x000906a4, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000a06a4, pf_mask 0xe6, 2025-03-19, rev 0x0025, size 140288 sig 0x000a06d1, pf_mask 0x20, 2025-08-29, rev 0xa000124, size 1642496 sig 0x000a06d1, pf_mask 0x95, 2025-07-23, rev 0x10003f0, size 1670144 sig 0x000a06f3, pf_mask 0x01, 2025-07-30, rev 0x3000382, size 1534976 sig 0x000b0671, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06d1, pf_mask 0x80, 2025-08-28, rev 0x0125, size 80896 sig 0x000b06e0, pf_mask 0x19, 2025-05-16, rev 0x001e, size 139264 sig 0x000b06f2, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f5, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f6, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f7, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000c0652, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06f1, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 sig 0x000c06f2, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-11-11: - New microcodes: sig 0x000a06e1, pf_mask 0x97, 2025-06-27, rev 0x1000273, size 1635328 - Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248 sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056 sig 0x000806f4, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f4, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f5, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f5, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f6, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f6, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f7, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f8, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f8, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x00090672, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x00090675, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000906a3, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906a4, pf_mask 0x40, 2025-06-13, rev 0x000b, size 119808 sig 0x000906a4, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000a06a4, pf_mask 0xe6, 2025-03-19, rev 0x0025, size 140288 sig 0x000a06d1, pf_mask 0x20, 2025-08-29, rev 0xa000124, size 1642496 sig 0x000a06d1, pf_mask 0x95, 2025-07-23, rev 0x10003f0, size 1670144 sig 0x000a06f3, pf_mask 0x01, 2025-07-30, rev 0x3000382, size 1534976 sig 0x000b0671, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06d1, pf_mask 0x80, 2025-08-28, rev 0x0125, size 80896 sig 0x000b06e0, pf_mask 0x19, 2025-05-16, rev 0x001e, size 139264 sig 0x000b06f2, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f5, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f6, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f7, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000c0652, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06f1, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 sig 0x000c06f2, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912

0 tuxcare-ubuntu18.04-els intel-microcode_3.20251111.0ubuntu0.18.04.1+tuxcare.els1_amd64.deb 8970b3cb003c67f8cc0e1da92212c1b6ecfa82d1 CLSA-2026:1770732201 TuxCare License Agreement 0 * SECURITY UPDATE: XML_ExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference. - debian/patches/CVE-2026-24515.patch: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: XML_ExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference. - debian/patches/CVE-2026-24515.patch: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515

0 tuxcare-ubuntu18.04-els expat_2.2.5-3ubuntu0.9+tuxcare.els4_amd64.deb e3a94a07fe7291a80e6c50dbec7822e976e3931a libexpat1_2.2.5-3ubuntu0.9+tuxcare.els4_amd64.deb 2ca867705529be143f8fc7b6cba8f3cd83c8713a libexpat1-dev_2.2.5-3ubuntu0.9+tuxcare.els4_amd64.deb 5ca86d2c2a455d42993db7826a098d7c9b1b343d CLSA-2026:1770804474 TuxCare License Agreement 0 * SECURITY UPDATE: The trailing 1-15 bytes of a message may be exposed in<br>cleartext on encryption and are not covered by the authentication tag,<br>allowing an attacker to read or tamper with those bytes without detection - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path unauthenticated/unencrypted trailing bytes - CVE-2025-69418 * SECURITY UPDATE: Invalid or NULL pointer dereference when processing malformed PKCS#7 data can result in a Denial of Service - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use. - CVE-2026-22796 * SECURITY UPDATE: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference - debian/patches/CVE-2025-69421.patch: Check oct argument for NULL - CVE-2025-69421 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The trailing 1-15 bytes of a message may be exposed in<br>cleartext on encryption and are not covered by the authentication tag,<br>allowing an attacker to read or tamper with those bytes without detection - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path unauthenticated/unencrypted trailing bytes - CVE-2025-69418 * SECURITY UPDATE: Invalid or NULL pointer dereference when processing malformed PKCS#7 data can result in a Denial of Service - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use. - CVE-2026-22796 * SECURITY UPDATE: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference - debian/patches/CVE-2025-69421.patch: Check oct argument for NULL - CVE-2025-69421

0 tuxcare-ubuntu18.04-els libssl-dev_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7_amd64.deb 7a941bd8b4a7300b7d5dd1ff1854f85cef1a63e3 libssl-doc_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7_all.deb 694f786e5a7d34b9c2f4f4f0fd4e2e0fea934c51 libssl1.1_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7_amd64.deb 262eea4c6b437ec2fe56f3b9ea8454dbdd72a0d1 openssl_1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7_amd64.deb 936847f647f535226166bcff35cbe195d7ea3d42 CLSA-2026:1770910304 TuxCare License Agreement 0 * SECURITY UPDATE: out of bounds write vulnerability in XBM decoder - debian/patches/CVE-2026-23876.patch: add overflow checks to prevent out of bounds write in coders/xbm.c - CVE-2026-23876 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out of bounds write vulnerability in XBM decoder - debian/patches/CVE-2026-23876.patch: add overflow checks to prevent out of bounds write in coders/xbm.c - CVE-2026-23876

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 61b389065c694254eb238cc1ba3633710166aa95 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb a40a9587fcfa37a2700e354695dced469c76c947 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 771b634746b74131aef6d24f8f0432516f9fef14 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 8ea24bceb5c5f2173eea5703970581d754031642 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb bdfa1f3d8e5bb636c37add20aaf2dff098037e6b imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 4399b89d342a1202b5da238564177989018ad48f imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 689696bdde7ae05c023c3612319db1e5d3802e1b libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 9532fdd775038ecfae833349e45aea6b74a9ef87 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 2d6ae1df1b59c4613691efb8579a6e7f5b9b517c libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 65e9627bfe8ddfb0f48ace9df4a67df6e7f3afa0 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 588e1765791df50f46a1504cc38efeba9a051e5d libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb fd94cfb7b130001fb8c8bf67da75100a43ad71c3 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb e8434d9cc9735e4a1427064b6325cb37473e85fa libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 6721f372c238d53782b15ff56b9fd91ea9b9d5b7 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 109e4290192a17a6b09ba52113917686ab111cc0 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 032b2d011ab6bd66805506efbea85ba6712c0793 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb c53784573f3d2a0726dc3377fb7ff534b3bb8d5d libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 99f9ab52a73bbf9e91cc3ffd8c0e0ad953d949ff libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 5d5968b0464bdfe7f267d5d01efaf9a2e65554de libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 08794bb4a280f44b57b6a835d2ea032c5a327bc0 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 711a51b814951ec9725238348ef34fe96acd8acf libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb bb146cb429e30ad2bb7b1b353267858f2b2db3e9 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 323e00243395da1fe31a30e96cc9cd2c448512b5 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 7c85c842d1c17554d255121a31d528751812db17 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 39887a14a04d57177f498806251eca0983aafa58 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 91345a52cb171ae306bc49f524e7868474590a52 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb e0cbc28b985fae8206b53a0a96bccefa5004cd62 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb cd60b619625c08134aee896bd69ae7d3515b1646 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb bb103a31e46f496a4aa83cee92f1c97686424950 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_amd64.deb 10ef0ec70b0e649a0e9427aa01cc268d43d82c13 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb 5a4f62d6a35e91d1b3ffaa7233c7454f17f75136 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els17_all.deb b83d66d2cedad9c0c240bd1661b4721d793b8cee CLSA-2026:1771409779 TuxCare License Agreement 0 * SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 * SECURITY UPDATE: WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow and trigger a DoS attack - debian/patches/CVE-2025-69204.patch: fix DOS due to integer overflow during image processing of a specially crafted SVG image - CVE-2025-69204 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 * SECURITY UPDATE: WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow and trigger a DoS attack - debian/patches/CVE-2025-69204.patch: fix DOS due to integer overflow during image processing of a specially crafted SVG image - CVE-2025-69204

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 0825bfa9cc125e57c513d106349e140acc6502a2 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 946367af7e0c07b009386198ad8f5c35b378ad65 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 34344cc59fbbfe3071eae2137014a26b970b5d3f imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 7fff54cb4885256014700080bdaf29b106bfb1c4 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 8c30566a81e80a9c41447c43e9e7871553e70f96 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 31217e6de4a6f05bd218ea5bf0a5b26a0ad0cba5 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 491536242eaf0283aa59e043e91cda0f6db3f9f9 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 36f90a54b1e7c34dec33d24b7023b9123e53fd79 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 1805aae556ac77fd8c903ffee10808e92741c77a libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb ca3fdf3a1cd01b314717d9c02273f9e48890a326 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb f3942ba1c8a2ea3a73e0a0530f45a72e786ac952 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 4161f30582ef51fdb58aa00f230b4d28e6a6a8cb libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb d7eb5bf1e96a40fa4ceee10e5e2e6b1edff7d643 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 237a2af4c8c7df3cbaf6e57b91ee06e20b6436bb libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 67765177fc2b5e39d159b78eb863699950e53b07 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 95028a08849397776c61372bf56cd84d3c808f30 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 29e65a069b9019c2b4cdb24c643a9505d79ecb9a libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 7cb471956cea4794e7abfeb494b7e572c1a84629 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 2d6870a516fed5824a0d5b229753b3429edef40d libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 0cf9c43644cbb7d4c75ef30ed3edc5ac418dc504 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 5030b4b31c30c77023958a56a4848905fe51fd3b libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb f6e85bd7092f70b9390f5755939b9e3a4be7ec5c libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb d5fb0d681f2d32707104bd3ff25ce44496c724d2 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 76cb4856cc81354cbd8d9c6aff5f64b3fbf84b68 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb a718d593ddde8fcaecb381b1e3d75e5fc12c78ca libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 69965d427fdd96cfe98511e2678ead1047e19c92 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb d81e0cc5e16c4c9d57ee79f7d02cf6d253669f54 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 42898171258a5f74ce1ba37e628e96af1a96855e libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb b9080ccc5f928afadcda79f7dc991b47074d55af libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_amd64.deb 3ec4e1bfa0e6f20b8d0a34772fe6b82d05873e96 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 18692da65bfcc6cc561e33132a3880e20ed2f475 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els18_all.deb 102b31a90b8a70ab4126be42c9dea296f5d4e717 CLSA-2026:1771597308 TuxCare License Agreement 0 * SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_all.deb f0cc835c67dde2366b2588bc96a51ba3d1b3b0ee libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 033bfac27ddeee961803c380eef27e60d57f694f libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 81801955bdffb70748c850c060a655d2a3b63491 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 32d4cb678d47c92743e0a703519e282d37976997 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb c8842a5b12dcc89ef006a039b227b14a1d154bc2 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_all.deb 5779f79141440e8d3dc83d91fc7ea3b0be5d7044 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 30b9127c201f9b212a51f8c712108edfddac768d python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 166f10141184595edaa70e7c9069289d041b5dd7 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_all.deb 7c62e3404887502bc0fb813426d29780c298b54a python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_all.deb b807008b57666e010c7b1539da6d732cf9f72f40 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 46aa957074ec25610045f8c5626b0463e12b35d4 python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els18_amd64.deb 3f3fe2da3487a026eb010e56be396d6fadd19cd7 CLSA-2026:1771664593 TuxCare License Agreement 0 * OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html * d/p/hotspot-libpath-*.diff: Refresh patches. * d/p/uabs-*.diff: Drop patches applied upstream. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html * d/p/hotspot-libpath-*.diff: Refresh patches. * d/p/uabs-*.diff: Drop patches applied upstream.

0 tuxcare-ubuntu18.04-els openjdk-8-demo_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb c8621eacebe88864dd4daf5680f3f85a16e91d4e openjdk-8-doc_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_all.deb 33e50852c42eedd322b817f69e8fab24e4a206ad openjdk-8-jdk_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb b7fc6fe63bf5c7450ba7dd67e04bbfd241c6d175 openjdk-8-jdk-headless_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 873f1f80475226b8e04d28b8e658bd21df576ca8 openjdk-8-jre_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 2eb9143c0570d7d06566a169a26aa5bd792c5e71 openjdk-8-jre-headless_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb 16f987a46bf35090d595330e8dcaa63f20321910 openjdk-8-jre-zero_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_amd64.deb b0383d24833c7b66c39969b6ac1fd9f880014ca8 openjdk-8-source_8u482-ga~us1-0ubuntu1~18.04+tuxcare.els1_all.deb eff8cef701b62098c4452de9d1f34063210504e5 CLSA-2026:1771857969 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer underflow in GVariant parser leads to heap corruption - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflows in GVariant text format parser when processing input longer than INT_MAX - CVE-2025-14087 * SECURITY UPDATE: Integer overflow in escape_byte_string() leads to heap buffer overflow - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflow in escape_byte_string() for byte strings with many invalid characters - CVE-2025-14512 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer underflow in GVariant parser leads to heap corruption - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflows in GVariant text format parser when processing input longer than INT_MAX - CVE-2025-14087 * SECURITY UPDATE: Integer overflow in escape_byte_string() leads to heap buffer overflow - debian/patches/CVE-2025-14087_14512.patch: Fix integer overflow in escape_byte_string() for byte strings with many invalid characters - CVE-2025-14512

0 tuxcare-ubuntu18.04-els libglib2.0-0_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_amd64.deb a99a3233bc0624e1476b8e56c709fa776db8a6cf libglib2.0-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_amd64.deb 50b65753e933c18c80a3279096138fc166d0e1c5 libglib2.0-data_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_all.deb dc1f9a7944a47271d3e7c92a0df18f9f347bf18e libglib2.0-dev_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_amd64.deb bd63f147c239f36a4446db4a42306e3604f88e16 libglib2.0-dev-bin_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_amd64.deb 13d6c8afb7420d634a76bd2a67fe0245dbb37607 libglib2.0-doc_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_all.deb 09127e3e86b2fc08be42f3a1cf3430a68dae905b libglib2.0-tests_2.56.4-0ubuntu0.18.04.9+tuxcare.els4_amd64.deb fc8660f2f804760304cb13daaf38cb5397f95780 CLSA-2026:1772103023 TuxCare License Agreement 0 * SECURITY UPDATE: newline-based command injection in user-controlled commands - debian/patches/CVE-2025-15367.patch: Reject control characters in protocol commands; prevent acceptance and processing of control characters as cause of malformed commands. - CVE-2025-15367 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: newline-based command injection in user-controlled commands - debian/patches/CVE-2025-15367.patch: Reject control characters in protocol commands; prevent acceptance and processing of control characters as cause of malformed commands. - CVE-2025-15367

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_all.deb ce3795acbe75fd3df025fecc8e3005714e90b809 libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb c37120e667dd3a8f864a25d247d2d56aeddfc986 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb 33d49fc1b11e4553fe29cb27bf6623e7be83c576 libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb 6aa60cce4bb4fc78a400a2e4a1786aaf76b16234 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb 5bc3f1b741024efb10b77d8083fb1891f7f1eb0c libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_all.deb c1aefbb3ac64662815146bf0bbc68d9023f61bb7 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb a2663324d979c7cb3e90aff764015433261f118b python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb a84c292164534b59875dafd5d847fb640cd0b67e python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_all.deb 4782f5664f3b80c68e1ed3236f3733e7c2f8ddb4 python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_all.deb 58061225966e5b7e5391af41f473d8ad3c9a316c python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb 59b26ada382d66c4b05e6ee1f246af68efb761bf python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els19_amd64.deb 70ec5abd22aef2804423b2feb9632eabad871e2e CLSA-2026:1772451545 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 * SECURITY UPDATE: out-of-bounds heap write on 32-bit systems - debian/patches/CVE-2026-25897.patch: Add size-calculating heap overflow sanity check and validate row padding addition to prevent out-of-bounds heap write on 32-bit systems caused by integer overflow in pixel buffer length computation. - CVE-2026-25897 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 * SECURITY UPDATE: out-of-bounds heap write on 32-bit systems - debian/patches/CVE-2026-25897.patch: Add size-calculating heap overflow sanity check and validate row padding addition to prevent out-of-bounds heap write on 32-bit systems caused by integer overflow in pixel buffer length computation. - CVE-2026-25897

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 964628fa66dfd7e423fd7748af42427dfd5e0dde imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 66229f555c0f7e107e50b95aba207d066abe17b9 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 2578961849c2836249179d1d9d45d38c31a321bb imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 9e611d0845bf00c78368256d58493754182b583f imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb a784c163c0af084208b4448ee0811f6a9608ac2a imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 82d100a8c75f84cb3ceb153621724aaf2b362a5b imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 1076f11bbc492f57418f48a12307ba130f3de151 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 0dbea81553f7e97eb95186d96551300857a13560 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb e53f350c93c3ebba42632ecef56825e28618ae09 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 2aa6ac745ed9c2de9fa0cbfc16304904732fda13 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 9b375e116a64d3815bb42d85d3b58f5e834ca80d libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb bc6d0e621053e3cc594d841ee726271336df81d6 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 523542b5d37066057d0ab8d736f91d85f9dc7336 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 843547aa18d1fe48c556943bad15fa8b5c5b4c47 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 28b95acd64823e7b873fcb60b7c95f7f7438a2d4 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 9bdb391994e3dd7402e9dca212618e4a1be47863 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb ab861cb75283de855ca0de5280fbbb3936456846 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 0d980e4f77f55e533935a33ed6af9e10783b47f4 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb d96a0f641372f3fb64ab3ab6a402ee57c9d9c9a5 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb d966c789c92d49b94e503ca69905be30f8696b9d libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb c52295fbae79bf2d424f95ef553085d5e0c0dc9e libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 0c14c358e45be32adbeda0051a07f846ae5594db libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb e73992c161d529c6d067688185786d6642e5e996 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 13e5d4b146f67fe462d257ab000529736d9bd07f libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 2261092a557f828d0040cbf7cadc8a5ac6a6eadd libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 90b55b6d80de1d514a68d19c1251141c4ccdf632 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 940e0f4cece9af9cc41183afd15052af452a88df libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 32a34595250b00aea348377dd715345c96af675d libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb 4bcb1e4fe1ac146ee4da968f41af54d4250c3004 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_amd64.deb ccf6790bb69ee01311c4a80b9a252a6663adb45b libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 04335f69e63a6e4a14f3120714a0bb0222b267ed perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els19_all.deb 125035b6a60dc564221d25287255bd78411011e9 CLSA-2026:1772642715 TuxCare License Agreement 0 * Update ca-certificates database to 20260129: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "GlobalSign Root CA" # Certificate "Entrust.net Premium 2048 Secure Server CA" # Certificate "Comodo AAA Services root" # Certificate "XRamp Global CA Root" # Certificate "Go Daddy Class 2 CA" # Certificate "Starfield Class 2 CA" - The following certificates were added: # Certificate "TrustAsia SMIME ECC Root CA" # Certificate "TrustAsia SMIME RSA Root CA" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Client Root ECC G1" # Certificate "OISTE Client Root RSA G1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20260129: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "GlobalSign Root CA" # Certificate "Entrust.net Premium 2048 Secure Server CA" # Certificate "Comodo AAA Services root" # Certificate "XRamp Global CA Root" # Certificate "Go Daddy Class 2 CA" # Certificate "Starfield Class 2 CA" - The following certificates were added: # Certificate "TrustAsia SMIME ECC Root CA" # Certificate "TrustAsia SMIME RSA Root CA" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Client Root ECC G1" # Certificate "OISTE Client Root RSA G1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root"

0 tuxcare-ubuntu18.04-els libnss3_3.35-2ubuntu2.16+tuxcare.els5_amd64.deb 79b68972949d11243d5d6d0a0adf75bd2c704020 libnss3-dev_3.35-2ubuntu2.16+tuxcare.els5_amd64.deb 8df02c9de5845e1bddb98b2942cd4879bcbb6f9d libnss3-tools_3.35-2ubuntu2.16+tuxcare.els5_amd64.deb 1b1de9b7e0f22af8828e26dc362944a10589a9e8 CLSA-2026:1772793148 TuxCare License Agreement 0 * SECURITY UPDATE: null pointer dereference and crash in image reading - debian/patches/CVE-2026-25795.patch: Fix NULL pointer dereference; move DestroyImageInfo call after filename copy; cause: DestroyImageInfo was called before filename copy, freeing read_info used to access filename. - CVE-2026-25795 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: null pointer dereference and crash in image reading - debian/patches/CVE-2026-25795.patch: Fix NULL pointer dereference; move DestroyImageInfo call after filename copy; cause: DestroyImageInfo was called before filename copy, freeing read_info used to access filename. - CVE-2026-25795

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 739f10f651840baa8c846964d8914f97ce8c89fa imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb fe816968ad95f853efa369f71db83ab6eda7ccfe imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb 457101a6f6d6be62619e2738bbeec2e5985ec59b imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 583deeaa107c10e322702479103bf006b7186e32 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 8c290a7e8707513669ec6c530f597ff8450d918e imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb bee8a7da263df9551e6e745258b6544c16168082 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb e18b7dea379a3f153056d60fba859476f0ca4a3a libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb aaf51dd8ae3e2da77b6f64446df9eb037a41adc5 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb a7304138fedc4adb98503cca3bbdc28507c3d3cb libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 4ba539c246436aaa18bfb97c26e98f4421d06415 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb 842fcda16ce9765ad9804d20d1ad0e7b2a9bfff3 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 136951cb79df28dc5cbd611d8e9861915778a75e libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb eabcd4872c470245b0504d2378f93eaac6df8bc6 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 0e3d4b33d14e51c7e2ad560677e80fbf5980f5d4 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb c492048a53eafc6d4043a374ca6a6a9dd142e2cc libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb ab8a00172ef1382d697c2956ed223984d6b1713c libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb dce52ea159af68700d02837a2d832e12aec7e6fa libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb 4a158b69dc151e6d8bda46de3b967f5166b5370e libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 7ac09bd38e9a697b9be8a0e839a6ee9e08057112 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 4029ee4a025d4491eb661c5e9f5cc475923000b3 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 7154c6c0aacec856d97ff8cf93f1c35cd3f5c80f libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 6567925479c3401fd47b76f6a809b2fc43ffbf7e libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb ad9ab8550bf04efb948f2d9414d30b3eeba27f1b libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 5ca601ab7baca8fbf6e6110006cc4518cc45b31b libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb 297ba5601c3c13d691be7f00eaf4bdf68df315d7 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb 350507da5dcef32b24c707fc9fcbb2b171149eed libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb e4a06cbf2e90798c8f4bce4006ddaf1ebbb22e99 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 29e8e8b9750ffe6826d638695bc4d5647cf58436 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb baf380503aef63bc10d91104eff4230a4ae07df0 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_amd64.deb 24332f3c8d737bbc282ed03c1f94fa4170a37f4f libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb 0b6b3cc874e3232c5c15acc44e286ed53c79d87e perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els20_all.deb dcdd0e63fdd481664e18d72325c304bd63f6baa3 CLSA-2026:1773050498 TuxCare License Agreement 0 * SECURITY UPDATE: remote command execution via unsanitized WINS hook NetBIOS name handling in Samba AD DC - debian/patches/CVE-2025-10230.patch: validate NetBIOS names in source4 WINS hook to prevent shell metacharacter injection - debian/patches/CVE-2025-10230-test.patch: add torture tests for WINS hook name sanitization - CVE-2025-10230 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: remote command execution via unsanitized WINS hook NetBIOS name handling in Samba AD DC - debian/patches/CVE-2025-10230.patch: validate NetBIOS names in source4 WINS hook to prevent shell metacharacter injection - debian/patches/CVE-2025-10230-test.patch: add torture tests for WINS hook name sanitization - CVE-2025-10230

0 tuxcare-ubuntu18.04-els ctdb_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 3df8ae138b5c028c744507db4db1c93fb5c2fd09 libnss-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 2cb6ca79e5f869aac59bfd9f0050d01b9b1f887a libpam-winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 37677f81a2fcb59d7869328164779f68c0b1d2a2 libparse-pidl-perl_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 16851d30f69c830165826a7be9af114cd0b2c8af libsmbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 060673ea2c6490566751ae95451ee7d41b02e68c libsmbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb ad2693ad96f438b37e79bd90bc507ced8ae29b69 libwbclient-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 71087029d4cd5fea41aa45e7715108cba995904e libwbclient0_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb f3169bce963384e2a32668f32c05f0db4340ff06 python-samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 264b971a6fb876cde4f1f6bee99516f4ba7458b1 registry-tools_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 8d82bbb109394b16204ad6ee22834265aa7fe6a9 samba_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb e4afb6214e3de951cc9a1125e239a7c029f47677 samba-common_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_all.deb 8df640b44126273dd1698597666e1f4e9d605e01 samba-common-bin_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 25232a2f36d0bd4ee9d709feef5969e9ab6b37f7 samba-dev_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 529ff63d391871e9425fea43f5abba2c5c8e9c43 samba-dsdb-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 89d819a82138f31ece037be219545ce9a9a5424c samba-libs_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 77b4fb9c29a83c602bd6a5d04e6ff2f4af1a9cd7 samba-testsuite_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 325ec53cd08e19158e5d5e44575c3b91254bce9c samba-vfs-modules_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 11155c054172a7a125ead6c71d8908ffb175f77f smbclient_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 45dc1c21b702015abb1c258adcb92dd4abb2609f winbind_4.7.6+dfsg~ubuntu-0ubuntu2.29+tuxcare.els6_amd64.deb 411a461fb6d69676cdd53fdd85f38b4fbb7b2c8e CLSA-2026:1773221551 TuxCare License Agreement 0 * SECURITY UPDATE: quadratic complexity in xml.dom.minidom node ID cache clearing leads to denial of service - debian/patches/CVE-2025-12084.patch: Replace quadratic _in_document() traversal with ownerDocument attribute check in _clear_id_cache(); ensure Element and Attr instances have ownerDocument attribute. - CVE-2025-12084 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: quadratic complexity in xml.dom.minidom node ID cache clearing leads to denial of service - debian/patches/CVE-2025-12084.patch: Replace quadratic _in_document() traversal with ownerDocument attribute check in _clear_id_cache(); ensure Element and Attr instances have ownerDocument attribute. - CVE-2025-12084

0 tuxcare-ubuntu18.04-els idle-python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_all.deb b072564d4af2dd12981ffbbc2216e7cf0055888c libpython3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb 8d740e07946082b28fd0517c8ca087caf3b469f1 libpython3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb 613a28d77f74b2cecce6a42373ee8ab3bd2abf8f libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb 2d8dbc40f853df8e8be7e180e5d3a2122bf408d1 libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb da769d74bfef839c10cfe6346eb1d428dd419593 libpython3.6-testsuite_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_all.deb 2778d2c3aae9984d0facb515b9311dbcc20ec954 python3.6_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb a85579e899f7419f8dd4bdce2a0f7d3378170275 python3.6-dev_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb ef89ae4d3819fe2efb80c304a2e0bd45410e6148 python3.6-doc_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_all.deb c443b07a4282421fdbfffd777b4227745b60654b python3.6-examples_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_all.deb 60b77bcd12411257c7c842554f9917337513cf84 python3.6-minimal_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb 07c43bc86d4cab4a212a7b45025ac23d4bed38bf python3.6-venv_3.6.9-1~18.04ubuntu1.12+tuxcare.els20_amd64.deb e91b48319da3becaf0b1788c585347b107af38c6 CLSA-2026:1773225871 TuxCare License Agreement 0 * SECURITY UPDATE: division-by-zero during image loading resulting in reliable denial-of-service - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing && with || so invalid horizontal or vertical factors trigger an error; cause: incorrect boolean expression required both factors to be invalid - CVE-2026-25799 * SECURITY UPDATE: Null pointer dereference in ClonePixelCacheRepository resulting in denial-of-service - debian/patches/CVE-2026-25798.patch: Add overflow sanity check in OpenPixelCache and reset cache storage class and length before throwing on allocation failure - CVE-2026-25798 * SECURITY UPDATE: memory leak in ReadSTEGANOImage that can be exploited for denial-of-service - debian/patches/CVE-2026-25796.patch: free watermark object on three early-return paths - CVE-2026-25796 * SECURITY UPDATE: a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT` - debian/patches/CVE-2026-26066.patch: replace `c=0` with `c=ReadBlobByte(ifile)` in formatIPTC so the loop advances past an unrecognised tag instead of spinning forever - CVE-2026-26066 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: division-by-zero during image loading resulting in reliable denial-of-service - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing && with || so invalid horizontal or vertical factors trigger an error; cause: incorrect boolean expression required both factors to be invalid - CVE-2026-25799 * SECURITY UPDATE: Null pointer dereference in ClonePixelCacheRepository resulting in denial-of-service - debian/patches/CVE-2026-25798.patch: Add overflow sanity check in OpenPixelCache and reset cache storage class and length before throwing on allocation failure - CVE-2026-25798 * SECURITY UPDATE: memory leak in ReadSTEGANOImage that can be exploited for denial-of-service - debian/patches/CVE-2026-25796.patch: free watermark object on three early-return paths - CVE-2026-25796 * SECURITY UPDATE: a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT` - debian/patches/CVE-2026-26066.patch: replace `c=0` with `c=ReadBlobByte(ifile)` in formatIPTC so the loop advances past an unrecognised tag instead of spinning forever - CVE-2026-26066

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 503f9f7903b12cdff45b78ddfc608170252b8fcd imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 0f1579be06d268c99518879a00f12222d2f03ab8 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb c2d5c44833d7a10b2d64f908634cade90f3764fa imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 62f4ee0246589d5621ded65b88c04c629decfdb7 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb fe10c9a422af37bc4236acc90e2959a0761c44a6 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb ace574e6b72a2564221ea1c526fd949ed0ea76b8 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 85d9ea707bc0c2a9f88d7091994e5b6b3c306606 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 839c023ed3ca535fdb2e17f03808f77a890da942 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb ef3cb7929798a87cd87f8bc68c364702e4452315 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 403ae0a273254739c18fa916ba1dbb99d911fd57 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 98909848cf3740daabada6dc043a8b4065b9062b libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb a55f737461880d7230375133c0a0a29fde910ba1 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 9f3a6fa8c731d0a2ff08b048b0cf678223574ba6 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb f9fea659128bf38e89e9b5003fc8a545dd54afa3 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 010725c0cca16ac23e53d66d29d678282625c3db libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 83bd8bea5e025d45ef51ba67561a7b9923a20913 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 3a6c73d12b2cf345dfcd6bb129547d6c2783019f libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 75fd9dc4724242dfa2043fc4dbedeb8da6eba8e7 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb fde7900229c6adc1af7c880e2c174b9e093231e3 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 0d68fb41a4c71bc2b409112e91cbac9b5c172ca0 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 84191461a93776e59dea2fa4d5f173a4f2af05c1 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 100465d195ba7613b16274e734070a07cf73fe86 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 2445a992dca46a2919d20801ea4653d4b6483117 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 670b626c95f5df4d3ff7ff8aa92a9bcbfa011447 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 90c465f3a170895f4d23a82fa997ae25de0090e9 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 9e4bd2a1d1625011ba53eb2358caddcc40e48dff libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 592cd955ac2dd6e5d4f41f12bf1721a1ca3fae30 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 253bfba27f7277949350e41524784fee14832f4e libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 7c7dbf873cf9cf86728146388d818a5e7a0867f1 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_amd64.deb 47ef5bec037f5f41c3de30680f383940c2329c3c libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 3c328ef6db86bbd0edfe456bd8d98b1690b17b8f perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els21_all.deb 62db6ca0d358bce62691ea1f7933a94009fcdc78 CLSA-2026:1773316090 TuxCare License Agreement 0 * SECURITY UPDATE: OAuth2 bearer token leak on cross-protocol redirect - debian/patches/CVE-2025-14524.patch: do not use bearer when following redirect unless allow_auth_to_other_hosts is set - CVE-2025-14524 * SECURITY UPDATE: libssh global known_hosts override - debian/patches/CVE-2025-15079.patch: set SSH_OPTIONS_GLOBAL_KNOWNHOSTS to same path as SSH_OPTIONS_KNOWNHOSTS - CVE-2025-15079 * Resolve test failure - debian/patches/fix-test-46.patch: updated outdated cookies' timestamps Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: OAuth2 bearer token leak on cross-protocol redirect - debian/patches/CVE-2025-14524.patch: do not use bearer when following redirect unless allow_auth_to_other_hosts is set - CVE-2025-14524 * SECURITY UPDATE: libssh global known_hosts override - debian/patches/CVE-2025-15079.patch: set SSH_OPTIONS_GLOBAL_KNOWNHOSTS to same path as SSH_OPTIONS_KNOWNHOSTS - CVE-2025-15079 * Resolve test failure - debian/patches/fix-test-46.patch: updated outdated cookies' timestamps

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb 105f62d038995f8686cff9c7051647213cf1c4d3 libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb 31f637123a1116f502e3a12c9cc6a1c225cbcd79 libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb d370202bfa4a053a8b575549ae79f9ce5960579a libcurl4_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb 59478a0d1bff72491072766efc487e980d1a15af libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els7_all.deb 52058792c268aa864affbeb8e3a77ae368273893 libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb 732dbe86a8583a08b9dbb62eb3003f1788f491ac libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb 7a21631f761fd3111a4f07ad630ba51220da09a0 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els7_amd64.deb f5546c270e8aefbde35dfb54ffd211acdff4126f CLSA-2026:1773412568 TuxCare License Agreement 0 * SECURITY UPDATE: unexpected SSH agent authentication during public-key SSH- based transfers - debian/patches/CVE-2025-15224.patch: Require private key or SSH agent for public-key authentication; prevent attempted public-key auth when neither private key nor agent present; fix missing check that allowed public-key auth flag without key or agent. - CVE-2025-15224 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: unexpected SSH agent authentication during public-key SSH- based transfers - debian/patches/CVE-2025-15224.patch: Require private key or SSH agent for public-key authentication; prevent attempted public-key auth when neither private key nor agent present; fix missing check that allowed public-key auth flag without key or agent. - CVE-2025-15224

0 tuxcare-ubuntu18.04-els curl_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb f148ee61a081965984267b3cec208dae862030ca libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb 2ccdb19ab804deea970e4e46633bd0669908f7d8 libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb 377aef8f0d858b8d24a142269dda76417d4f3ecb libcurl4_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb f91415b0ded3fcc42ba218e58d4e00eb8a1ac928 libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els8_all.deb 837a6c151ebbcc487ebc27cd86ece7830ad7d4fe libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb 82d1fbca03794229a24e88fd96106106874d6b14 libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb 5533c97ee906a433384aa164c498ffeb54ea2c54 libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb 92bbefeecde0a58fcb7509c3207fbdd7510cff65 CLSA-2026:1773413074 TuxCare License Agreement 0 * SECURITY UPDATE: heap information disclosure in PSD channel decoder - debian/patches/CVE-2026-24481.patch: initialize pixel buffer with zeros in ReadPSDChannelZip to prevent heap memory disclosure - CVE-2026-24481 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap information disclosure in PSD channel decoder - debian/patches/CVE-2026-24481.patch: initialize pixel buffer with zeros in ReadPSDChannelZip to prevent heap memory disclosure - CVE-2026-24481

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb e9f6beeb76fcda7879cf5bef5ce1cc05de6c2e6c imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb c9af95a1478788aa5fb9ef1f9a103289b4125c1a imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb 5f44ea0225eaee3eca1a7041747f1c3ce5a3415f imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 50f8db768539ce5133c8c9919dbae3304b1f73fe imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 1cc7a87b8a3c69869655907be4f22ae175d36f3f imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb a63e7c427fc316d223c7db827a59c61101d64cf8 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb a93294a9ddc0d33afa1d554a99bc5ffdc6f73abb libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb cad89532930a55c299fd87b8a55d386f13b36393 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 64f46358cb358475219e7d9d57406997c4b50eb2 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb abb0b5db0deee25bf3d3ad5bd4c7758a9007f94b libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb b5ad335dbe860f00d95f8834160c7d59cbd74c3e libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 058db47f32209e14c0404935a163704075c882fe libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb ba2c3a785ab7fb494a4be6dcbf5c1f0c5adaba9c libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 933bbcb2270e3d112fe2568d616fe03817205ba9 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb c0f2d50f2457bc58c194e5b61f65fcbea0490d00 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb ff064d455a7ed7e3a8a55c4f40ac462cb17765d4 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 90c2bdcee287734f789c9541f3afb7e4374327e4 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb fb9cd11f681d7cfefd461de8200500cec4953a06 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb df798b671e78cd1223c4afc472120f31108e9438 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 63346a12987fcdf3f2c545dfd941a8fe9e4eb289 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 0570717c29a0410e70d7e10303bf3806fab21e87 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 886e757a573dfd23439921acc2a7e68c36700290 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 75044dd07b836e7752b6a7fe02a3a9f78a04aafd libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 2a30b9bb9fe00a16a3e05db0fa4c7638fe1fbad0 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb df7eca264563c9b909aeeaee307af9a0c4a9bc56 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb f5b6ff96d385293bc16a17e8ad8fd91721242849 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb bfcc2af4ade64ac488f97c3d0a945c45c120e70c libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 197456430c2ac4ed5eceee0bdb2a052333137452 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 6c3a5154cf25fe512074884225ea7113b236450d libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_amd64.deb 56ea443ac536462ef0d361dfc1ab0a0e198be357 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb 77e76bcd6faabfd929aa3bf5ef22420a4d6a9f9b perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els22_all.deb 8d7e67afc007ec3d47c18758289d172be0371c90 CLSA-2026:1773684237 TuxCare License Agreement 0 * Update ca-certificates database to 20260305: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.84. - The following certificates were added: # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" # Certificate "e-Szigno TLS Root CA 2023" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20260305: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.84. - The following certificates were added: # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" # Certificate "e-Szigno TLS Root CA 2023" - The following certificates were removed: # Certificate "Baltimore CyberTrust Root"

0 tuxcare-ubuntu18.04-els ca-certificates_20260305ubuntu0.18.04.1+tuxcare.els1_all.deb 26fb6005640e1bfab466e643b84ded7bbc11ba2b CLSA-2026:1773757893 TuxCare License Agreement 0 * SECURITY UPDATE: Unauthenticated heap memory disclosure via mismatched zlib compressed protocol headers (MongoBleed) - debian/patches/CVE-2025-14847.patch: Return actual decompressed size instead of buffer size in ZlibMessageCompressor::decompressData - CVE-2025-14847 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Unauthenticated heap memory disclosure via mismatched zlib compressed protocol headers (MongoBleed) - debian/patches/CVE-2025-14847.patch: Return actual decompressed size instead of buffer size in ZlibMessageCompressor::decompressData - CVE-2025-14847

0 tuxcare-ubuntu18.04-els mongodb_3.6.3-0ubuntu1.4+tuxcare.els1_amd64.deb 515526d197e40f6752b0f5e293855544ceb4d88d mongodb-clients_3.6.3-0ubuntu1.4+tuxcare.els1_amd64.deb f577ec7df2df5ed9ad1d5aeb483e0d3b837ac976 mongodb-server_3.6.3-0ubuntu1.4+tuxcare.els1_all.deb db3cd3c380181ff430f90110a5ea097cc1f446ee mongodb-server-core_3.6.3-0ubuntu1.4+tuxcare.els1_amd64.deb 99534a7f6a247bd438a00e5460a6b1c0a91633fc CLSA-2026:1773832495 TuxCare License Agreement 0 * CVE-2023-53515 - virtio-mmio: don't break lifecycle of vm_dev {CVE-2023-53515} * CVE-2025-39967 - fbcon: fix integer overflow in fbcon_do_set_font {CVE-2025-39967} - fbcon: Fix OOB access in font allocation {CVE-2025-39967} * CVE-2025-38702 - fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702} * CVE-2025-38563 - perf/core: Prevent VMA split of buffer mappings {CVE-2025-38563} * CVE-2025-39869 - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map {CVE-2025-39869} * CVE-2023-53577 - bpf, cpumap: Make sure kthread is running before map update returns {CVE-2023-53577} * CVE-2023-53608 - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() {CVE-2023-53608} * CVE-2023-53604 - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path {CVE-2023-53604} * CVE-2023-53619 - netfilter: Replace printk() with pr_*() and define pr_fmt() {CVE-2023-53619} - netfilter: use kvmalloc_array to allocate memory for hashtable {CVE-2023-53619} - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free {CVE-2023-53619} * CVE-2025-38680 - media: uvcvideo: Fix 1-byte out-of-bounds read in {CVE-2025-38680} * CVE-2023-53454 - HID: multitouch: Correct devm device reference for hidinput {CVE-2023-53454} * CVE-2025-38699 - scsi: bfa: Double-free fix {CVE-2025-38699} - ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265} - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() {CVE-2023-53676} - fs: jfs: Fix UBSAN: array-index-out-of-bounds in {CVE-2025-38699} * CVE-2023-53596 - drivers: base: Free devm resources when unregistering a {CVE-2023-53596} * CVE-2023-53622 - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition {CVE-2023-53622} * CVE-2023-53090 - drm/amdkfd: Fix an illegal memory access {CVE-2023-53090} * CVE-2023-53116 - nvmet: avoid potential UAF in nvmet_req_complete() {CVE-2023-53116} * CVE-2023-53138 - net: caif: Fix use-after-free in cfusbl_device_notify() {CVE-2023-53138} * CVE-2023-53035 - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() {CVE-2023-53035} * CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668} * CVE-2023-53616 - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount {CVE-2023-53616} * CVE-2023-53554 - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() {CVE-2023-53554} * CVE-2023-53587 - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} * CVE-2023-53541 - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write {CVE-2023-53541} * CVE-2023-53559 - ip_vti: fix potential slab-use-after-free in decode_session6 {CVE-2023-53559} * CVE-2023-53484 - lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484} - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() {CVE-2023-53484} * CVE-2025-39824 - HID: asus: fix UAF via HID_CLAIMED_INPUT validation {CVE-2025-39824} * CVE-2025-38715 - hfs: fix slab-out-of-bounds in hfs_bnode_read() {CVE-2025-38715} * CVE-2023-53153 - wifi: cfg80211: Fix use after free for wext {CVE-2023-53153} * CVE-2025-38555 - usb: gadget : fix use-after-free in composite_dev_cleanup() {CVE-2025-38555} * CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743} * CVE-2025-39945 - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} * CVE-2023-53506 - udf: Do not bother merging very long extents {CVE-2023-53506} * CVE-2025-38714 - hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() {CVE-2025-38714} * CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number {CVE-2025-39685} * CVE-2025-39839 - batman-adv: fix OOB read/write in network-coding decode {CVE-2025-39839} * CVE-2025-38708 - drbd: add missing kref_get in handle_write_conflicts {CVE-2025-38708} * CVE-2023-53521 - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} * CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-38713} * CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} * CVE-2025-39691 - fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691} * CVE-2023-53259 - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} * CVE-2023-53285 - ext4: add bounds checking in get_max_inline_xattr_value_size() {CVE-2023-53285} * CVE-2023-53148 - igb: Fix igb_down hung on surprise removal {CVE-2023-53148} * CVE-2023-53219 - media: netup_unidvb: fix use-after-free at del_timer() {CVE-2023-53219} * CVE-2023-53215 - sched/fair: Don't balance task to its current running CPU {CVE-2023-53215} * CVE-2023-53305 - Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305} * CVE-2025-38103 - HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() {CVE-2025-38103} * CVE-2025-38051 - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} * CVE-2025-38157 - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} * CVE-2023-53373 - crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} * CVE-2025-38079 - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} * CVE-2025-38212 - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} * CVE-2025-38313 - bus: fsl-mc: fix double-free on mc_dev {CVE-2025-38313} * CVE-2023-53311 - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput {CVE-2023-53311} * CVE-2023-53307 - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails {CVE-2023-53307} * CVE-2025-38403 - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} * CVE-2025-39683 - tracing: Limit access to parser->buffer when trace_get_user failed {CVE-2025-39683} * CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697} * CVE-2025-39689 - ftrace: Also allocate and copy hash for reading of filter files {CVE-2025-39689} * CVE-2025-38574 - pptp: ensure minimal skb length in pptp_xmit() {CVE-2025-38574} * CVE-2025-38572 - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} * CVE-2025-38685 - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685} * CVE-2025-39911 - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911} * CVE-2025-39973 - i40e: increase max descriptors for XL710 {CVE-2025-39973} - i40e: add validation for ring_len param {CVE-2025-39973} * CVE-2025-38724 - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() {CVE-2025-38724} * CVE-2025-39860 - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() {CVE-2025-39860} * CVE-2025-38530 - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530} * CVE-2025-38529 - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529} * CVE-2025-38497 - usb: gadget: configfs: Fix OOB read on empty string write {CVE-2025-38497} * CVE-2025-38483 - comedi: das16m1: Fix bit shift out of bounds {CVE-2025-38483} * CVE-2025-38482 - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482} * CVE-2025-39702 - ipv6: sr: Fix MAC comparison to be constant-time {CVE-2025-39702} * CVE-2025-39730 - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() {CVE-2025-39730} * CVE-2025-39817 - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817} * CVE-2025-38494 - HID: core: ensure the allocated report buffer can contain the reserved report ID {CVE-2025-38494} - HID: core: ensure __hid_request reserves the report ID as the first byte {CVE-2025-38494} - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} * CVE-2025-38527 - smb: client: fix use-after-free in cifs_oplock_break {CVE-2025-38527} * CVE-2025-39965 - xfrm: Duplicate SPI Handling {CVE-2025-39965} * CVE-2025-37927 - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid {CVE-2025-37927} * CVE-2025-37817 - mcb: fix error handling for different scenarios when parsing {CVE-2025-37817} - mcb: fix a double free bug in chameleon_parse_gdd() {CVE-2025-37817} * CVE-2025-38204 - jfs: fix array-index-out-of-bounds read in add_missing_indices {CVE-2025-38204} * CVE-2025-38323 - net: atm: add lec_mutex {CVE-2025-38323} * CVE-2025-38346 - ftrace: Fix UAF when lookup kallsym after ftrace disabled {CVE-2025-38346} * CVE-2025-38348 - wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348} * CVE-2025-38416 - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416} * CVE-2025-38428 - Input: ims-pcu - check record size in ims_pcu_flash_firmware() {CVE-2025-38428} * CVE-2025-38245 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} * CVE-2025-38377 - rose: fix dangling neighbour pointers in rose_rt_device_down() {CVE-2025-38377} * CVE-2025-38459 - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} * CVE-2025-39863 - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863} * CVE-2025-21726 - padata: avoid UAF for reorder_work {CVE-2025-21726} * CVE-2025-39760 - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} * CVE-2025-38198 - fbcon: Make sure modelist not set on unregistered console {CVE-2025-38198} * CVE-2025-38375 - virtio-net: ensure the received length does not exceed allocated size {CVE-2025-38375} * CVE-2025-39993 - media: imon: reorganize serialization {CVE-2025-39993} - media: rc: fix races with imon_disconnect() {CVE-2025-39993} * CVE-2025-39883 - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883} * Focal update: v5.4.211 upstream stable release (LP: #1990190) - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input * Focal update: v5.4.231 upstream stable release (LP: #2011226) // CVE-2023-53000 - netlink: prevent potential spectre v1 gadgets * CVE-2022-49980 - USB: gadget: Fix use-after-free Read in usb_udc_uevent() * CVE-2022-21546 - scsi: target: Fix WRITE_SAME No Data Buffer crash * Focal update: v5.4.225 upstream stable release (LP: #2002347) // CVE-2022-49763 - ntfs: fix use-after-free in ntfs_attr_find() * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) // CVE-2022-50258 - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() * CVE-2025-21727 - padata: fix UAF in padata_reorder * CVE-2025-37882 - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling * CVE-2025-38250 - Bluetooth: hci_core: Fix use-after-free in vhci_flush() * CVE-2025-39751 - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control * CVE-2025-37810 - usb: dwc3: gadget: check that event count does not exceed event buffer length * CVE-2025-37839 - jbd2: remove wrong sb->s_sequence check * CVE-2025-37892 - mtd: inftlcore: Add error check for inftl_read_oob() * CVE-2025-37923 - tracing: Fix oob write in trace_seq_to_buffer() * CVE-2024-43883 - usb: vhci-hcd: Do not drop references before new references are gained * CVE-2025-37739 - f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks - f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() * CVE-2025-38069 - PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops * CVE-2025-22083 - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint * Miscellaneous upstream changes - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too - HID: core: Harden s32ton() against conversion to 0 bits - fbcon: Introduce wrapper for console->fb_info lookup {CVE-2025-38198} - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38323} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* CVE-2023-53515 - virtio-mmio: don't break lifecycle of vm_dev {CVE-2023-53515} * CVE-2025-39967 - fbcon: fix integer overflow in fbcon_do_set_font {CVE-2025-39967} - fbcon: Fix OOB access in font allocation {CVE-2025-39967} * CVE-2025-38702 - fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702} * CVE-2025-38563 - perf/core: Prevent VMA split of buffer mappings {CVE-2025-38563} * CVE-2025-39869 - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map {CVE-2025-39869} * CVE-2023-53577 - bpf, cpumap: Make sure kthread is running before map update returns {CVE-2023-53577} * CVE-2023-53608 - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() {CVE-2023-53608} * CVE-2023-53604 - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path {CVE-2023-53604} * CVE-2023-53619 - netfilter: Replace printk() with pr_*() and define pr_fmt() {CVE-2023-53619} - netfilter: use kvmalloc_array to allocate memory for hashtable {CVE-2023-53619} - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free {CVE-2023-53619} * CVE-2025-38680 - media: uvcvideo: Fix 1-byte out-of-bounds read in {CVE-2025-38680} * CVE-2023-53454 - HID: multitouch: Correct devm device reference for hidinput {CVE-2023-53454} * CVE-2025-38699 - scsi: bfa: Double-free fix {CVE-2025-38699} - ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265} - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() {CVE-2023-53676} - fs: jfs: Fix UBSAN: array-index-out-of-bounds in {CVE-2025-38699} * CVE-2023-53596 - drivers: base: Free devm resources when unregistering a {CVE-2023-53596} * CVE-2023-53622 - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition {CVE-2023-53622} * CVE-2023-53090 - drm/amdkfd: Fix an illegal memory access {CVE-2023-53090} * CVE-2023-53116 - nvmet: avoid potential UAF in nvmet_req_complete() {CVE-2023-53116} * CVE-2023-53138 - net: caif: Fix use-after-free in cfusbl_device_notify() {CVE-2023-53138} * CVE-2023-53035 - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() {CVE-2023-53035} * CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668} * CVE-2023-53616 - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount {CVE-2023-53616} * CVE-2023-53554 - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() {CVE-2023-53554} * CVE-2023-53587 - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} * CVE-2023-53541 - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write {CVE-2023-53541} * CVE-2023-53559 - ip_vti: fix potential slab-use-after-free in decode_session6 {CVE-2023-53559} * CVE-2023-53484 - lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484} - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() {CVE-2023-53484} * CVE-2025-39824 - HID: asus: fix UAF via HID_CLAIMED_INPUT validation {CVE-2025-39824} * CVE-2025-38715 - hfs: fix slab-out-of-bounds in hfs_bnode_read() {CVE-2025-38715} * CVE-2023-53153 - wifi: cfg80211: Fix use after free for wext {CVE-2023-53153} * CVE-2025-38555 - usb: gadget : fix use-after-free in composite_dev_cleanup() {CVE-2025-38555} * CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743} * CVE-2025-39945 - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} * CVE-2023-53506 - udf: Do not bother merging very long extents {CVE-2023-53506} * CVE-2025-38714 - hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() {CVE-2025-38714} * CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number {CVE-2025-39685} * CVE-2025-39839 - batman-adv: fix OOB read/write in network-coding decode {CVE-2025-39839} * CVE-2025-38708 - drbd: add missing kref_get in handle_write_conflicts {CVE-2025-38708} * CVE-2023-53521 - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} * CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-38713} * CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} * CVE-2025-39691 - fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691} * CVE-2023-53259 - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} * CVE-2023-53285 - ext4: add bounds checking in get_max_inline_xattr_value_size() {CVE-2023-53285} * CVE-2023-53148 - igb: Fix igb_down hung on surprise removal {CVE-2023-53148} * CVE-2023-53219 - media: netup_unidvb: fix use-after-free at del_timer() {CVE-2023-53219} * CVE-2023-53215 - sched/fair: Don't balance task to its current running CPU {CVE-2023-53215} * CVE-2023-53305 - Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305} * CVE-2025-38103 - HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() {CVE-2025-38103} * CVE-2025-38051 - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} * CVE-2025-38157 - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} * CVE-2023-53373 - crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} * CVE-2025-38079 - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} * CVE-2025-38212 - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} * CVE-2025-38313 - bus: fsl-mc: fix double-free on mc_dev {CVE-2025-38313} * CVE-2023-53311 - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput {CVE-2023-53311} * CVE-2023-53307 - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails {CVE-2023-53307} * CVE-2025-38403 - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} * CVE-2025-39683 - tracing: Limit access to parser->buffer when trace_get_user failed {CVE-2025-39683} * CVE-2025-38697 - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697} * CVE-2025-39689 - ftrace: Also allocate and copy hash for reading of filter files {CVE-2025-39689} * CVE-2025-38574 - pptp: ensure minimal skb length in pptp_xmit() {CVE-2025-38574} * CVE-2025-38572 - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} * CVE-2025-38685 - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685} * CVE-2025-39911 - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911} * CVE-2025-39973 - i40e: increase max descriptors for XL710 {CVE-2025-39973} - i40e: add validation for ring_len param {CVE-2025-39973} * CVE-2025-38724 - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() {CVE-2025-38724} * CVE-2025-39860 - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() {CVE-2025-39860} * CVE-2025-38530 - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530} * CVE-2025-38529 - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529} * CVE-2025-38497 - usb: gadget: configfs: Fix OOB read on empty string write {CVE-2025-38497} * CVE-2025-38483 - comedi: das16m1: Fix bit shift out of bounds {CVE-2025-38483} * CVE-2025-38482 - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482} * CVE-2025-39702 - ipv6: sr: Fix MAC comparison to be constant-time {CVE-2025-39702} * CVE-2025-39730 - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() {CVE-2025-39730} * CVE-2025-39817 - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817} * CVE-2025-38494 - HID: core: ensure the allocated report buffer can contain the reserved report ID {CVE-2025-38494} - HID: core: ensure __hid_request reserves the report ID as the first byte {CVE-2025-38494} - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} * CVE-2025-38527 - smb: client: fix use-after-free in cifs_oplock_break {CVE-2025-38527} * CVE-2025-39965 - xfrm: Duplicate SPI Handling {CVE-2025-39965} * CVE-2025-37927 - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid {CVE-2025-37927} * CVE-2025-37817 - mcb: fix error handling for different scenarios when parsing {CVE-2025-37817} - mcb: fix a double free bug in chameleon_parse_gdd() {CVE-2025-37817} * CVE-2025-38204 - jfs: fix array-index-out-of-bounds read in add_missing_indices {CVE-2025-38204} * CVE-2025-38323 - net: atm: add lec_mutex {CVE-2025-38323} * CVE-2025-38346 - ftrace: Fix UAF when lookup kallsym after ftrace disabled {CVE-2025-38346} * CVE-2025-38348 - wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348} * CVE-2025-38416 - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416} * CVE-2025-38428 - Input: ims-pcu - check record size in ims_pcu_flash_firmware() {CVE-2025-38428} * CVE-2025-38245 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} * CVE-2025-38377 - rose: fix dangling neighbour pointers in rose_rt_device_down() {CVE-2025-38377} * CVE-2025-38459 - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} * CVE-2025-39863 - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863} * CVE-2025-21726 - padata: avoid UAF for reorder_work {CVE-2025-21726} * CVE-2025-39760 - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} * CVE-2025-38198 - fbcon: Make sure modelist not set on unregistered console {CVE-2025-38198} * CVE-2025-38375 - virtio-net: ensure the received length does not exceed allocated size {CVE-2025-38375} * CVE-2025-39993 - media: imon: reorganize serialization {CVE-2025-39993} - media: rc: fix races with imon_disconnect() {CVE-2025-39993} * CVE-2025-39883 - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883} * Focal update: v5.4.211 upstream stable release (LP: #1990190) - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input * Focal update: v5.4.231 upstream stable release (LP: #2011226) // CVE-2023-53000 - netlink: prevent potential spectre v1 gadgets * CVE-2022-49980 - USB: gadget: Fix use-after-free Read in usb_udc_uevent() * CVE-2022-21546 - scsi: target: Fix WRITE_SAME No Data Buffer crash * Focal update: v5.4.225 upstream stable release (LP: #2002347) // CVE-2022-49763 - ntfs: fix use-after-free in ntfs_attr_find() * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706) // CVE-2022-50258 - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() * CVE-2025-21727 - padata: fix UAF in padata_reorder * CVE-2025-37882 - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling * CVE-2025-38250 - Bluetooth: hci_core: Fix use-after-free in vhci_flush() * CVE-2025-39751 - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control * CVE-2025-37810 - usb: dwc3: gadget: check that event count does not exceed event buffer length * CVE-2025-37839 - jbd2: remove wrong sb->s_sequence check * CVE-2025-37892 - mtd: inftlcore: Add error check for inftl_read_oob() * CVE-2025-37923 - tracing: Fix oob write in trace_seq_to_buffer() * CVE-2024-43883 - usb: vhci-hcd: Do not drop references before new references are gained * CVE-2025-37739 - f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks - f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() * CVE-2025-38069 - PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops * CVE-2025-22083 - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint * Miscellaneous upstream changes - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too - HID: core: Harden s32ton() against conversion to 0 bits - fbcon: Introduce wrapper for console->fb_info lookup {CVE-2025-38198} - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38323}

0 tuxcare-ubuntu18.04-els linux-buildinfo-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb 1dbc479c057fffc35a30a96e1adfe4b3eb46eaa8 linux-buildinfo-4.15.0-254-tuxcare.els42-lowlatency_4.15.0-254.265_amd64.deb 6b49985c4c663a26e6eff97502199845b249d3cc linux-cloud-tools-4.15.0-254-tuxcare.els42_4.15.0-254.265_amd64.deb bf77075cc1cc49a8ef34cee8b4a572a43cac8d1c linux-cloud-tools-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb 38f32db18a2c2743f68f496ab7fec71a0363908a linux-cloud-tools-4.15.0-254-tuxcare.els42-lowlatency_4.15.0-254.265_amd64.deb 5227d6a9fa0ea9dca9b717c2be53bb7dc8338c67 linux-cloud-tools-common_4.15.0-254.265_all.deb 094489ff8dfc792609aa722e0e1722cb3a60f5f5 linux-doc_4.15.0-254.265_all.deb 6ae2c8224d6d81052040de7c5448fefa5df8a92f linux-headers-4.15.0-254-tuxcare.els42_4.15.0-254.265_all.deb 4b0054867682e9cd2e313d91e1d571ce4182603f linux-headers-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb 639342af828108b38cceba722a57369af2cbcc31 linux-headers-4.15.0-254-tuxcare.els42-lowlatency_4.15.0-254.265_amd64.deb af85d6f5cf2c63257505a7f0c2d68d0eedacd29f linux-image-unsigned-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb 65d210af271b4517dbe636f934755ad65e1ee343 linux-image-unsigned-4.15.0-254-tuxcare.els42-lowlatency_4.15.0-254.265_amd64.deb a7a17c5dc388c4d851adc31d00bf0f67199736f8 linux-libc-dev_4.15.0-254.265_amd64.deb efc617d6b053ce03548c9793a68aafd0abbd23dc linux-modules-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb f5154438b9d17ff19f19d9624b19b0c9ba6222d8 linux-modules-4.15.0-254-tuxcare.els42-lowlatency_4.15.0-254.265_amd64.deb 5f247b1b051102cdb1d237dd4ec5df0be42aee5e linux-modules-extra-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb e8c7076b40f3a89580cdabeb489df4a4b1b0307c linux-source-4.15.0_4.15.0-254.265_all.deb a21f925b7d5353467b3d8918badd55fc2622eff2 linux-tools-4.15.0-254-tuxcare.els42_4.15.0-254.265_amd64.deb 7e3db6d2fdda7269c3b21de8ba8011c99d6de93c linux-tools-4.15.0-254-tuxcare.els42-generic_4.15.0-254.265_amd64.deb 7bd1999b6f824713d40c4b744c6cc5e81f42bb6c linux-tools-4.15.0-254-tuxcare.els42-lowlatency_4.15.0-254.265_amd64.deb 5070e8cdca3c9a187013e0775fb5629c571651d5 linux-tools-common_4.15.0-254.265_all.deb 1da490f2abcbb15aa960274952874a45cec266bb linux-tools-host_4.15.0-254.265_all.deb 84d65afcb461219963e5deb3ef1046f1eedebe40 CLSA-2026:1773930717 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210

0 tuxcare-ubuntu18.04-els expat_2.2.5-3ubuntu0.9+tuxcare.els5_amd64.deb ca60450d6317fd828a7c7503bb5e5f03fac52e47 libexpat1_2.2.5-3ubuntu0.9+tuxcare.els5_amd64.deb 436f8db613693b079174c72034748ad197c49c34 libexpat1-dev_2.2.5-3ubuntu0.9+tuxcare.els5_amd64.deb 17d79cb6e772cda310ac527e1b390070498415de CLSA-2026:1773930007 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds read from manipulated SFTP extension index - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read in sftp extensions by replacing '>' with '>=' in index checks; cause: off-by-one error in index comparison allowing idx equal count. - CVE-2026-3731 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds read from manipulated SFTP extension index - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read in sftp extensions by replacing '>' with '>=' in index checks; cause: off-by-one error in index comparison allowing idx equal count. - CVE-2026-3731

0 tuxcare-ubuntu18.04-els libssh-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els3_amd64.deb e0ac5c633ae8f18c8a2a59df4cccf76d3331985f libssh-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els3_amd64.deb a3cd1288f6eec2b3c2e248f547f53313ab07bf70 libssh-doc_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els3_all.deb 3d49c6e9a79c0e23fc03feff8954525c73f1e6ba libssh-gcrypt-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els3_amd64.deb 3740f465bf66f6c7a2cd4db997d0df884ba48a9f libssh-gcrypt-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els3_amd64.deb 42bcd625f6c1a54546d80016055d13465a4aef93 CLSA-2026:1774000371 TuxCare License Agreement 0 * SECURITY UPDATE: stack buffer overflow in msl.c (attribute handling), path traversal bypass of security policy, XSS in HTML coder output, and MSL attribute overflow - debian/patches/CVE-2026-25797_CVE-2026-25965_CVE-2026-25968_CVE-2026-25982.patch: Fix memory leaks, stack overflows, integer overflows and out‑of‑bounds reads; add bounds checks, validate DCM entry sizes, sanitize PostScript filenames, canonicalize paths and free resources; escape user-controlled strings written as raw HTML in the HTML coder; cause was unsafe header and filename parsing, incorrect assumptions about byte counts, path resolution, unnormalized path matching allowing policy bypass, and unescaped HTML output enabling cross-site scripting. - CVE-2026-25797 - CVE-2026-25965 - CVE-2026-25968 - CVE-2026-25982 * SECURITY UPDATE: null pointer dereference in msl.c (repage/roll handlers) - debian/patches/CVE-2026-25983.patch: move image null‑checks before accessing image attributes in the repage and roll MSL tag handlers; cause was dereferencing the image pointer for page geometry and dimensions before verifying the image was defined. - CVE-2026-25983 * SECURITY UPDATE: infinite recursion via crafted MSL/SVG/MVG files - debian/patches/CVE-2026-25971.patch: add global Splay tree guards in MSL and SVG coders to detect and reject recursive image references; block dangerous protocols (ftp, http, mvg, vid) in DrawPrimitive; cause was unbounded recursion through nested image reads. - CVE-2026-25971 * SECURITY UPDATE: null pointer dereference in msl.c (comment/label handlers) - debian/patches/CVE-2026-23952.patch: add image null-checks before accessing image properties in the comment and label MSL end-element handlers; cause was dereferencing the image pointer for DeleteImageProperty before verifying the image was defined. - CVE-2026-23952 * SECURITY UPDATE: MSLPushImage return value not captured - debian/patches/CVE-2026-25988.patch: change MSLPushImage to return the new image index and capture the return value in the MSL image tag handler; cause was the local index variable not being updated after pushing a new image onto the stack. - CVE-2026-25988 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack buffer overflow in msl.c (attribute handling), path traversal bypass of security policy, XSS in HTML coder output, and MSL attribute overflow - debian/patches/CVE-2026-25797_CVE-2026-25965_CVE-2026-25968_CVE-2026-25982.patch: Fix memory leaks, stack overflows, integer overflows and out‑of‑bounds reads; add bounds checks, validate DCM entry sizes, sanitize PostScript filenames, canonicalize paths and free resources; escape user-controlled strings written as raw HTML in the HTML coder; cause was unsafe header and filename parsing, incorrect assumptions about byte counts, path resolution, unnormalized path matching allowing policy bypass, and unescaped HTML output enabling cross-site scripting. - CVE-2026-25797 - CVE-2026-25965 - CVE-2026-25968 - CVE-2026-25982 * SECURITY UPDATE: null pointer dereference in msl.c (repage/roll handlers) - debian/patches/CVE-2026-25983.patch: move image null‑checks before accessing image attributes in the repage and roll MSL tag handlers; cause was dereferencing the image pointer for page geometry and dimensions before verifying the image was defined. - CVE-2026-25983 * SECURITY UPDATE: infinite recursion via crafted MSL/SVG/MVG files - debian/patches/CVE-2026-25971.patch: add global Splay tree guards in MSL and SVG coders to detect and reject recursive image references; block dangerous protocols (ftp, http, mvg, vid) in DrawPrimitive; cause was unbounded recursion through nested image reads. - CVE-2026-25971 * SECURITY UPDATE: null pointer dereference in msl.c (comment/label handlers) - debian/patches/CVE-2026-23952.patch: add image null-checks before accessing image properties in the comment and label MSL end-element handlers; cause was dereferencing the image pointer for DeleteImageProperty before verifying the image was defined. - CVE-2026-23952 * SECURITY UPDATE: MSLPushImage return value not captured - debian/patches/CVE-2026-25988.patch: change MSLPushImage to return the new image index and capture the return value in the MSL image tag handler; cause was the local index variable not being updated after pushing a new image onto the stack. - CVE-2026-25988

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 9a3c0bc52451992cd632996192f47b435a8911cf imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb 4f67119d9f85b103d4a3f16f74dfd4153524c7eb imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb 3bd95232c3b5ffa1f078f92ace46f44517244e13 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 9c41694cd136795953ef91dc285dec3527eb160d imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb d2c7f11cd96fca615377b21775933c0b9ad7c6f8 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb db445435faec4fe15d69ddce4a32110eb9a276ef imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb 345f9ff9c524533c9bab821c71a0f3379fbfc751 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb f5b8365b7eabc83e5038adfdda32b70562f52737 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb c6977671e040a782ed1980f2ec12fb29bf131289 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 04e4c4d806a140d7c6331108946630a87b5d85fb libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb 459d7f2637ae3e371c28741d3a4912b73418374f libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb bcd0c60668d1820d69be8bc4b917c39907225e5f libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb b9db522350f46ace75fd78afdc37ad4f9bed7391 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 44b197de936ab8d65a331a4c270ec4fad274066a libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 09ba85b95dd19a655211fbe89389d1946a8939d3 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb 2d6c13deba8c32160a9d84ca065b7784f7e5022f libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 3a4abe12519ffcf488bcf1de109301951f379d0b libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb c5ffdb7276c17dd7f845482289a46e6883aa31e6 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 1146e54112958b68688814aa463f89315a8b1dce libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb c2b1dace91e79cd70f1e4290cf4509d457468d52 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 2d773069653e0aeaaeaa058cb1c44c8745fd2ed7 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb f592e3420739bbfe7381e9ca735f6f16aa9ef43e libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 6e997d041522ba6fc17c1f85aab53bd5471aa4e9 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb c12a51580912160e8188e5190ebe011206eb3d43 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb 8b0be2d4a40cfee25d5a0b72bec1f94655967576 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb f880c80b12dc7e70138ef1ea95ba9a13d6aea731 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 2b5071827c3654eb6b72df9b9494af75f6029bb9 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 5f7ac098ed898b1b6ca281eea7f523ef248519ab libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb 058500687874efb8923b2b6e35d28aba61dd581b libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_amd64.deb f1ce339202c1db192db282903b47ef817c8a7d78 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb a0c5ec811ede3061a914e8f520f99a7fac98ec08 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els23_all.deb c22c7164f32cf288d915d450c1fa7144d1615897 CLSA-2026:1774002757 TuxCare License Agreement 0 * SECURITY UPDATE: global buffer overflow read in UIL and XPM encoders. - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: global buffer overflow read in UIL and XPM encoders. - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb a0efbd98fb2c9bae9232995ba603cc85754d8801 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 81f3a508b5eb6473d08ef8dd14c220cc1b9336d0 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 521494bf5cc60326e7c1eb0e11ffcde79af51ef0 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb c7bda8be1fb3113a138889e275f18fcbed2fdcba imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 9d887d62d85beaee4997f74ccd7c543896f9fc9e imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 07fac9ea104f1269822eede1590cf2fcc76ed2d1 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 3830aff41a9b5c8ce72d32556cb082ab00f8ba6c libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb d8852cf5111ecfd0b432be9761dbfbfae78cd42e libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 9c07e7533739f9b1d9a512b68c9c4c6af8b10dc4 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 03b544127781bd82a7fd4a807fa6db178d6af775 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb a59aa1b6eb8df1b50cc807e92ee0d54ac357a037 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb dcf57e0b893874b3166c43b7ab4fab83c4d045df libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb d0d402f37ce934427e0826b629fdc05963638c81 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 39eac5c9be3ca76ecff52ac4acc8176b935aaeb5 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb ad99407b7f45fa041f992771fc83f2cc365e806d libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 0b5f5fd9ac31dded669a34da36ce97bb870eac91 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb bce1bc9f5c4138e1c034681852c01a1e7cf904c4 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 9929a5ec3225fd0ce205cce38ddbc99c7642bc3d libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 30d7223f91a7c53861c74716d37e0cc7f7bb4e5a libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 5ab7a5004adb6f874633d144dc6e578ab26408cf libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 3060511616827fe7dab1a91dc115cb26f1e3ab55 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 43ac10181d9af2aa256be64929035ad2c3d3e926 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb f8a89bd2bb0ca4fa1a9a28cd160d20110889595e libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 8ebff26b529c39531829d631728f70300fca03dc libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb c04ea34e510186300e90d0e067d9f210caac60a4 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb d5d58cddac8dfc5362a7158cc7e74d59da0f2795 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb abc36028c7e355b43261191c110bb8d39c966b37 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 0f05ab896d0e680a44b6deb58aec1b4734d319d3 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 146c26b9a7518c534c74406f890bfcb2e62af0ed libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_amd64.deb 06de7a77207e80c58d5607518a59752d6669317b libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb 73354835a65d96836e1e9b7e7f5519929619aab1 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els26_all.deb d2a27171318bd8c5321a0bd184600d878277b5e2 CLSA-2026:1774007111 TuxCare License Agreement 0 * SECURITY UPDATE: heap buffer over-read with wavelet-denoise operator - debian/patches/CVE-2026-27798.patch: use 4*columns instead of 3*columns for resource and memory allocation in WaveletDenoiseImage to prevent over-read when processing small-dimension images - CVE-2026-27798 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap buffer over-read with wavelet-denoise operator - debian/patches/CVE-2026-27798.patch: use 4*columns instead of 3*columns for resource and memory allocation in WaveletDenoiseImage to prevent over-read when processing small-dimension images - CVE-2026-27798

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 9f5c84f9e4712c13dbe6fa9f6744cbe783e21193 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb b7b7c53cba03b7ac93585d8874b0c24bdadf9dd2 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 47ee4cfb32f9109c55435efe12a98ce34940319f imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 1b38010e2e68e68e39947b58ef715d6e9efd885e imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 76a9ea6b4e1bd3044e93b54ac6571429b79672c2 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 6cb3ec41e7981f37a8f42792e6de2f052641b839 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 3f83981c0f6d0669124bd1a86b474e2ddba28955 libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb a4a1ae33a2d3726b7af682c2e49520c737f3b630 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb c218e20a38121db95982be7e866f6e8645bcd878 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 1401d3d94bcd0b4fec00ab5683e8f2b3d11ff492 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 171fe41ef6b27d5a7ce8f7603a793bc07274c3a7 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 980bb4abbf782fd0377574e86b8e4c711f96a5a8 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb be58be86cc698fc7f5f441a1d90a40c505954d26 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb fd06a1f8585b6f2df62493fad689e331a1793297 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 491efd47315bf0322b69eafa4d84bd8dbf31423c libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 92cc6135008e2098cec45d8734b444147eac8d86 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 9750725766737018f35ab7ccf9f41a8fefb94af6 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 85872bb3b54ce2a617148314a22899a12b7bb82b libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 60e621c21c9121f85da88eee6636526e384dc367 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb f90b10cb4d790dd33719035c734fe2c5f2ef7fb2 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb f354ff2967e5ea18bdb8635a1bbf9134e624aff4 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 45a87e3b3dca4e1b80882a4041938aa088012c91 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 7fef299cbce980f6d33b43bf675a6d2464f75766 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 5ea87f221eb66f31d3c73e5aaf1e75ee9f2e0d96 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 97be869cf0f8d39830e4b306da4ce3713941abb7 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 071398f4ff911f59bdf4ea5636b8db8f40195386 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 4be4591434f42508359d5206bf1a819a22e0b9c9 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 1b39e8f3ff1b6e5de5a28aa27c38425ca4bb6a50 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 45b44c501346f46b43647a04736100e92d6b9836 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_amd64.deb 7f18c9496593f947e179d1be0f5169903f0f97a3 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 31e9dc519bb89725d325aac1161b11e69e5b7cc2 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els27_all.deb 58c982ff413e76f6aa63aeb1bae23d7dec2498ad CLSA-2026:1774370188 TuxCare License Agreement 0 * SECURITY UPDATE: signed 32-bit integer overflow in SIXEL decoder; buffer reallocation overflow leading to memory corruption and denial of service - debian/patches/CVE-2026-25970.patch: Fix out-of-bounds write; Rename misnamed position variables and adjust index arithmetic and casts using signed sizes and correct bounds checks; cause: variable name typos and incorrect type/arithmetic causing improper offset validation. - CVE-2026-25970 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: signed 32-bit integer overflow in SIXEL decoder; buffer reallocation overflow leading to memory corruption and denial of service - debian/patches/CVE-2026-25970.patch: Fix out-of-bounds write; Rename misnamed position variables and adjust index arithmetic and casts using signed sizes and correct bounds checks; cause: variable name typos and incorrect type/arithmetic causing improper offset validation. - CVE-2026-25970

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb ff86b18d004d496053892404bdd8a364b66b3de4 imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb 7cfdc0093216cc3d52bca6208c83d5275b0b315c imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb 690dffcc3929f706cc4a4f08ba23b39bdcb31c64 imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 084734d81f59eabccd1f4b68f9796a4decc00a89 imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 1a65bf40483394bf0af31cb7514c7b6472e711b7 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb bc902d5f53d50f96243fd890fdcc0776359f4233 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb 652d4c2458bb77e31a3dee5342692e355c9f1c3f libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb a3a02964cf9f2514ac42b21d9c7e5012e99eda96 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 6b8c5ccfe67e819ff09ba8d2bf57c04853746c66 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 96d367b2765877daf60998df8f91a40597cb2d6a libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb d8d496a7c260705489697423488a04d4e52d01ae libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb b5cbd05cf61456c21c738e8dfbcdabd0a21fd8ca libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 9453c190341b3d96ed09709221fbc3d7572f19dc libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb cf010cba4faa77b7baa307027babb41bef13ffde libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 397d8172a97c2e7029ea82e5ebcc706a433b94db libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb ac1bf9b09a84d0a7be4c3bd37d760bdcb87398b6 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb d7bbcba47de0576dac73c62c16a8883b92ebdbb1 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb 0cb1d7225e96efd26847ad34c7a9e324982cc1df libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb ad2ab0515e5386fde8900ab80b16d63ad1cb52a1 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 2679330651b9bb891e31f4b4781ae74f4cbcf1f6 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb b3ebb98e1e6b2c3edcca52678d7184ea8697cec1 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb b4e3b848eee89010cb235b167a21a7e5dcf8f5c7 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 139a357d59c805685e7d19bb98493daa6a21b2b0 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 827f625837cecd3df5e1a80ed46176409a63b5af libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb 6315aa2ba00fdbfbbc4359b1bbf1a3dc4cb300f2 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb c839fd502f1690ed7f71618968c777c40ca09bbf libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 1f41981f025d0404c97749d3c5e22595964300e0 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb a2428e74c590faa639c438d6042a0a6b8937a232 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb ed9ce123b9db66b2f6fe5d43e952018d7b84fd46 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_amd64.deb 939381552ada5eab33d7f2455ddf096f88de1a23 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb ffa3ac481479ac959a915303a55934dd0dc9597d perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els28_all.deb c690a1dc3fceb2bdbd4e5a6b275b8795b35a04ca CLSA-2026:1774375498 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C);

0 tuxcare-ubuntu18.04-els amd64-microcode_3.20260221.1ubuntu0.18.04.1+tuxcare.els1_amd64.deb 7de1d4c3e8a2414267042f2fc7bc6738a557ee80 CLSA-2026:1774437406 TuxCare License Agreement 0 * SECURITY UPDATE: heap over-write in PNG raw profile writer - debian/patches/CVE-2026-30883.patch: add overflow check for allocated_length in Magick_png_write_raw_profile to prevent integer overflow leading to heap over-write - CVE-2026-30883 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap over-write in PNG raw profile writer - debian/patches/CVE-2026-30883.patch: add overflow check for allocated_length in Magick_png_write_raw_profile to prevent integer overflow leading to heap over-write - CVE-2026-30883

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb cfa42f4685ee907933cc51fe1ecace00f0bd7b8b imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 764dc8995ab6e4e7097019ddc51b0cb22a81dfed imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 13c93f05fbc1e11632d470448eb91c99fdf3ae5c imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb b454ed653653ae219851b5720a248da504108a0a imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb f0dd356abc4439d4e262e9c055501e9b9386218f imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb bf6d9bda8991725943896796f8be8f46134cb849 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 2f8b17c0af9e043729fd2fbd275ecaef4cb0487d libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 796f729fd41de4e0f471ecf1d9ce5d904a9c1e3c libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 2fbde6cfb94ece7c03574e5bbd9cc51eeb250b9f libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 6506086c8b2412aa007498f429c32d289ad52db9 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 1e13e7bfa2a83800fbfd506501d40eecd812423c libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 672c94de9208cc622fb75c23f3783bb9b4f93b21 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 66758b995571d7ba8c372dc4af8a7bdbcbeef9c0 libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 1d66188819bee7195aed99aaa7856d39ee8c3f5a libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb afda6ddea4c3d9725566b94e7e81bc19b09a1565 libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb e4ecb0e414627aa6ccaa68ee5693c139b5e19efb libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb bd613d629c2bbe9149e360e7406066d4e7d2407c libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 8f7b13c4b274da68b51852b252c467290935efe4 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb e18c0cf0e3a64c3dc3bf16a44a16b14512945480 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb dd6acac5e863e5a594a72a9c41c764eda3b9716b libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb f77a888fe61993ca7caa22cbb3a50fd294180500 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 182219d3f8f2cd3f433e9675c1fd21ff8dbc9926 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 59495127bdab25a0c43988b2438a6a3b2ea89c03 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 89fe3787b81fd322bcc094ded66ffbdc042832fe libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 1abacad15fe5f7cefa5a072398ac1bc860b9ce98 libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb c77e6ece80d78108ebe025e3272bbe32364290bc libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb ce627469fc483d0123d2d89dbd4691ed46cbd04d libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 667df4637d63cd575cbb7d5fa82fe6d052be3571 libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb d7cc3fbeea57ffa0af916ce2f50ff241d265b1b8 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_amd64.deb 762eae587aa462862aefa94bb6fd58b9909ceaf5 libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb 334c7399d915741dc64ed3613263e1500fd98cc3 perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els29_all.deb b33b53ac16ffdad8efaf8b755ffa12250d47e7f0 CLSA-2026:1774460133 TuxCare License Agreement 0 * SECURITY UPDATE: client certificate authentication bypass through mismatched SNI and HTTP Host header - debian/patches/CVE-2025-66614.patch: Add strictSNI connector attribute and implement SNI/protocol host name matching for NIO, NIO2, and APR connectors; prevent requests being served by mismatched SSLHostConfig when SNI host and HTTP Host header differ. - CVE-2025-66614 * Fix ObjectStreamClass cache clearing for JDK 11.0.16+ - debian/patches/fix-ObjectStreamClass-cache-clearing.patch: Use instanceof guard in WebappClassLoaderBase.clearCache() instead of direct cast to Map, fixing ClassCastException with newer JDK where ObjectStreamClass$Caches fields were changed from Map to ClassValue (JDK-8277072). * Regenerate expired test SSL certificates - debian/test_certs/: Regenerated ca.jks, localhost.jks, localhost-copy1.jks, user1.jks and PEM files. The user1 certificate expired on 2025-08-15, causing TestClientCert SSLHandshakeException failures. * Fix flaky test infrastructure on build farm - debian/patches/fix-test-hostname-resolution.patch: Skip TestStandardSessionIntegration, TestGroupChannelSenderConnections, TestGroupChannelStartStop, and TestGroupChannelOptionFlag when build node hostname cannot be resolved via DNS (UnknownHostException). - debian/patches/CVE-2025-66614.patch: Skip testSni on APR connector since it uses JSSE-style SSLHostConfig incompatible with OpenSSL backend. Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: client certificate authentication bypass through mismatched SNI and HTTP Host header - debian/patches/CVE-2025-66614.patch: Add strictSNI connector attribute and implement SNI/protocol host name matching for NIO, NIO2, and APR connectors; prevent requests being served by mismatched SSLHostConfig when SNI host and HTTP Host header differ. - CVE-2025-66614 * Fix ObjectStreamClass cache clearing for JDK 11.0.16+ - debian/patches/fix-ObjectStreamClass-cache-clearing.patch: Use instanceof guard in WebappClassLoaderBase.clearCache() instead of direct cast to Map, fixing ClassCastException with newer JDK where ObjectStreamClass$Caches fields were changed from Map to ClassValue (JDK-8277072). * Regenerate expired test SSL certificates - debian/test_certs/: Regenerated ca.jks, localhost.jks, localhost-copy1.jks, user1.jks and PEM files. The user1 certificate expired on 2025-08-15, causing TestClientCert SSLHandshakeException failures. * Fix flaky test infrastructure on build farm - debian/patches/fix-test-hostname-resolution.patch: Skip TestStandardSessionIntegration, TestGroupChannelSenderConnections, TestGroupChannelStartStop, and TestGroupChannelOptionFlag when build node hostname cannot be resolved via DNS (UnknownHostException). - debian/patches/CVE-2025-66614.patch: Skip testSni on APR connector since it uses JSSE-style SSLHostConfig incompatible with OpenSSL backend.

0 tuxcare-ubuntu18.04-els libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb 462bf56d0917234a7479b8eb6c39dc2f0cf78174 libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb b8cd5898c586ec6925cb301536a432866802759a tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb 93c9aa30358330ceebf4416ef75c7f0dc19d8c5c tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb d8637e9260591d377b372634df3ece0e0ba865a5 tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb 629bd307b9b9a502863f24114ca164e37c5a1b26 tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb 2441851216f327f1bd8aedb776b54f2d1688386b tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb 544445708ba5b8abbd17e36e10eee50f73ecb08b tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els14_all.deb ba4ba36d314c566b797a7bbb5c81d13737c85e3c CLSA-2026:1775033286 TuxCare License Agreement 0 * OpenJDK 11.0.30 release, build 7. - CVE-2026-21925: Improve JMX connections - CVE-2026-21932: Enhance handling of URIs (AWT/JavaFX) - CVE-2026-21933: Improve HttpServer request handling - CVE-2026-21945: Enhance certificate checking - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2026-January/051739.html Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* OpenJDK 11.0.30 release, build 7. - CVE-2026-21925: Improve JMX connections - CVE-2026-21932: Enhance handling of URIs (AWT/JavaFX) - CVE-2026-21933: Improve HttpServer request handling - CVE-2026-21945: Enhance certificate checking - Release notes: https://mail.openjdk.org/pipermail/jdk-updates-dev/2026-January/051739.html

0 tuxcare-ubuntu18.04-els openjdk-11-demo_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 2364739ee1e44803ce8975581dc514a6c15ffda1 openjdk-11-doc_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_all.deb 3860f0a5b35b62999b535e9de25eb61e6a77e117 openjdk-11-jdk_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb a23b19d2e7e01408862132ab42ab24f07bb40f26 openjdk-11-jdk-headless_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 43a5428e88836bf4c3b7342e6512843752fa5e69 openjdk-11-jre_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 502dcd0ae35d68622d0bcc83b305f082b85b7430 openjdk-11-jre-headless_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb 883450471786693c14b8ca32944c6ef68c9ff10f openjdk-11-jre-zero_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_amd64.deb ce6119c57d81c7c7b75787a8c9878ae1254ca7ed openjdk-11-source_11.0.30+7-0ubuntu1~18.04.1+tuxcare.els1_all.deb cdde5eb581e5093b2e566782bca49ec5f171de0c CLSA-2026:1775652408 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service from multi-layer nested MVG to SVG conversion - debian/patches/CVE-2026-24484.patch: Add recursion-depth check for graphic-context and prevent excessive nested vector graphics that cause crashes or resource exhaustion due to unbounded recursion. - debian/patches/CVE-2026-24484-1.patch: Add recursion-depth check in vector-graphics parser and throw exception when nesting exceeds MagickMaxRecursionDepth; fix crashes caused by excessive nesting of vector graphics. - CVE-2026-24484 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service from multi-layer nested MVG to SVG conversion - debian/patches/CVE-2026-24484.patch: Add recursion-depth check for graphic-context and prevent excessive nested vector graphics that cause crashes or resource exhaustion due to unbounded recursion. - debian/patches/CVE-2026-24484-1.patch: Add recursion-depth check in vector-graphics parser and throw exception when nesting exceeds MagickMaxRecursionDepth; fix crashes caused by excessive nesting of vector graphics. - CVE-2026-24484

0 tuxcare-ubuntu18.04-els imagemagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb c22cd0190c322d4f0dee3ab21a0370b7ed48963f imagemagick-6-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb c63bf8196ce4493ba46b813f549862f01180dac9 imagemagick-6-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 842c898db185e970834f25e8d041a641f420fe3c imagemagick-6.q16_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 9b72555775eae783ff2da0d9ad62056e4f41089d imagemagick-6.q16hdri_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 6dc8b4cc7c002ee508e49d67c001d79b270f98e4 imagemagick-common_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 984eeb4771150c587cefdc01ad8e10f5b65aa557 imagemagick-doc_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 2c40e7bc142930fe67d4d9247ce02159a4137b6a libimage-magick-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 1e2028d3d741eb83f3730773d0675ea8e8a4a6e7 libimage-magick-q16-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 38263721a2f8c85a31abd9d4c51cdee0385d7e46 libimage-magick-q16hdri-perl_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb f5176bfd6cd042a41da1d4df905f8da8324f11f3 libmagick++-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 21926ab4a391152d539d37dc11ae8ae4a5d7a2e1 libmagick++-6.q16-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb e027f5240874b2b0cd72b5cc4016003757aed1a6 libmagick++-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 332949c451292707e120706c50849fe6bb8281ce libmagick++-6.q16hdri-7_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb e6a4ecb14126e0c06b5185869c475183a0dcd1d4 libmagick++-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb ca2d49bcc8437d4bec5517301f1019192c013e2b libmagick++-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 5dae62dfae08d0919014fbdbc843c1501d79bc91 libmagickcore-6-arch-config_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 9d1bad2e68a25594df7ad44dc89e26ae33cf6ab1 libmagickcore-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 21138127f1a9c42500f9797edc6ba68b925eb421 libmagickcore-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 66989b32079f498646e37095011d811b53b962d6 libmagickcore-6.q16-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 025eef515cc608a009ab84bf76e1c535115d3a70 libmagickcore-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb b37362381bb7fac6dd34abc928f3ca22d8728044 libmagickcore-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 61d2b9d5492d849e67ec505ee0d00acba4c744d6 libmagickcore-6.q16hdri-3-extra_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 4b510acef5bccf7ff39d33ad262aea8487a1f5e9 libmagickcore-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 28f4f69732da8776e25c7b6ffead6e067d74bb30 libmagickcore-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb ff5f73b629830b70b44e21c6b7987c1c05cfe49e libmagickwand-6-headers_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 26f912019e7580202f5d3360322d6f68eb7349d8 libmagickwand-6.q16-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 72116a8b06ad6038fcd045e275db2a96916d5229 libmagickwand-6.q16-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 0e3db686dd3e15c4a46493cf170b2049e3fa668d libmagickwand-6.q16hdri-3_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 037df62a1bc4c664ca9d35a0dbe8b4e996dc67b9 libmagickwand-6.q16hdri-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_amd64.deb 510d07b52f6f3ece50963593ee07e3ffd3e4d13d libmagickwand-dev_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 689d5d1384828ecbdc11ef860ed86d756fdbbf5b perlmagick_6.9.7.4+dfsg-16ubuntu6.15+tuxcare.els30_all.deb 66d9b92964a0cfcc411ca1654317f4ebab36996a CLSA-2026:1775688811 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738_escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 * SECURITY UPDATE: denial of service via use-after-free in ICP request handling - debian/patches/CVE-2026-32748.patch: return HttpRequestPointer and move icpAccessAllowed into icpGetRequest to fix HttpRequest lifetime for ICP v3 queries - CVE-2026-32748 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738_escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 * SECURITY UPDATE: denial of service via use-after-free in ICP request handling - debian/patches/CVE-2026-32748.patch: return HttpRequestPointer and move icpAccessAllowed into icpGetRequest to fix HttpRequest lifetime for ICP v3 queries - CVE-2026-32748

0 tuxcare-ubuntu18.04-els squid_3.5.27-1ubuntu1.14+tuxcare.els11_amd64.deb 3be25b1cbd9fdaf156de6bed83d1b8ba7cab9252 squid-cgi_3.5.27-1ubuntu1.14+tuxcare.els11_amd64.deb 515f4eb73aad6d0351484d0c35ca72a21324bec8 squid-common_3.5.27-1ubuntu1.14+tuxcare.els11_all.deb cef351c62f0a150b4d63c20d9e24e8b65e425d5c squid-purge_3.5.27-1ubuntu1.14+tuxcare.els11_amd64.deb 20a0b244e4c5cd576f7fe361b8364e9e4fd064c1 squid3_3.5.27-1ubuntu1.14+tuxcare.els11_all.deb 82ab3390cd419e0344cf584529df2c3e1069f197 squidclient_3.5.27-1ubuntu1.14+tuxcare.els11_amd64.deb 2dbd53f6b9c2b49f1b1938448cf71f5866382f99 CLSA-2026:1776362968 TuxCare License Agreement 0 * SECURITY UPDATE: heap read past bounds in sftp_parse_longname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longname_field; bound string walks at NUL; fail if field not found - CVE-2026-0968 ('Low', ['ELSCVE-89211']) Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap read past bounds in sftp_parse_longname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longname_field; bound string walks at NUL; fail if field not found - CVE-2026-0968

0 tuxcare-ubuntu18.04-els libssh-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els4_amd64.deb 04f54d4acb858e9add55438fa2fee2bfd898f821 libssh-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els4_amd64.deb 57c755e325fe4bf60d84ce59d7fd91c7a0d43cca libssh-doc_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els4_all.deb baf078d58e2de7eb990218999ff75d9ff3486217 libssh-gcrypt-4_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els4_amd64.deb 0dbbe6bcfc4d0a26e29cb94ef1e3c4fe18a71dbe libssh-gcrypt-dev_0.8.0~20170825.94fa1e38-1ubuntu0.7+tuxcare.els4_amd64.deb 01b98756172767e941d4da968a6f7b3bdaa6bbb0