summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* libppd: patch CVE-2024-47175walnascarAnkur Tyagi2025-10-132-1/+604
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2024-47175 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* hdf5: patch CVE-2025-6269Ankur Tyagi2025-10-132-0/+295
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2025-6269 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* hdf5: patch CVE-2025-2925Ankur Tyagi2025-10-132-0/+54
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2025-2925 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* hdf5: patch CVE-2025-2924Ankur Tyagi2025-10-132-0/+40
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2025-2924 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* hdf5: patch CVE-2025-2923Ankur Tyagi2025-10-132-0/+68
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2025-2923 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* tinyproxy: patch CVE-2023-49606Ankur Tyagi2025-10-132-0/+60
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2023-49606 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libraw: patch CVE-2025-43964Ankur Tyagi2025-10-132-0/+30
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2025-43964 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libraw: patch CVE-2025-43963Ankur Tyagi2025-10-132-0/+41
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2025-43963 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libraw: patch CVE-2025-43961 CVE-2025-43962Ankur Tyagi2025-10-132-1/+112
| | | | | | | | | Details - https://nvd.nist.gov/vuln/detail/CVE-2025-43961 - https://nvd.nist.gov/vuln/detail/CVE-2025-43962 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libcupsfilters: patch CVE-2024-47076Ankur Tyagi2025-10-132-0/+39
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2024-47076 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libavif: patch CVE-2025-48174Gyorgy Sarvari2025-10-132-1/+30
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-48174 Backport the pull request mentioned in the details of the CVE. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* jasper: patch CVE-2025-8837Gyorgy Sarvari2025-10-132-0/+64
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8837 Pick the patch from the details of the above link. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* jasper: patch CVE-2025-8836Gyorgy Sarvari2025-10-132-0/+81
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8836 Pick the patch mentioned in the details of the above link. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* jasper: patch CVE-2025-8835Gyorgy Sarvari2025-10-132-1/+176
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8835 Pick the patch from the details of the above link. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* iperf2: ignore irrelevant CVEsGyorgy Sarvari2025-10-131-0/+3
| | | | | | | | | | | These CVEs are for iperf3 - which is a similar application in its goals (and name), but an independent project from this, and the projects are independent implementations also, they share no common code. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit aedf74e08230f60c270032e8b937d1ab9bd2fc9c) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libiec61850: patch CVE-2024-45970Ankur Tyagi2025-10-132-0/+74
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2024-45970 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libiec61850: patch CVE-2024-45971Ankur Tyagi2025-10-132-0/+219
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2024-45971 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* libiec61850: patch CVE-2024-26529Ankur Tyagi2025-10-134-7/+40
| | | | | | | Details https://nvd.nist.gov/vuln/detail/CVE-2024-26529 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-57807Gyorgy Sarvari2025-10-132-0/+47
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57807 Pick the commit mentioned in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-57803Gyorgy Sarvari2025-10-132-0/+62
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57803 Pick the commit mentioned in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-55212Gyorgy Sarvari2025-10-132-0/+57
| | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55212 Pick the patch that mentions the related github advisory in its commit message. Also backport the missing function that the fix uses. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-55160Gyorgy Sarvari2025-10-132-0/+162
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55160 Pick the commit that mentions the related github advisory in its commit message. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-55154Gyorgy Sarvari2025-10-132-0/+81
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55154 Pick the commit that mentions the related github advisory in its commit message. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-55005Gyorgy Sarvari2025-10-132-0/+37
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55005 Pick the patch that mentions the relevant github advisory in its commit message. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-55004Gyorgy Sarvari2025-10-132-0/+65
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55004 Pick the patch that mentions the relevant github advisory in its commit message. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-53101Gyorgy Sarvari2025-10-132-0/+53
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53101 Pick the patch mentioned in the details of the above link. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-53019Gyorgy Sarvari2025-10-132-0/+27
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53019 Pick the patch mentioned in the related github advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-53015Gyorgy Sarvari2025-10-133-0/+74
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53015 Pick the patches that are mentioned in the relevant github advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* imagemagick: patch CVE-2025-53014Gyorgy Sarvari2025-10-132-1/+28
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53014 Pick the patch mentioned in the related Github advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* open-vm-tools: upgrade 12.5.0 -> 12.5.4Rajeshkumar Ramasamy2025-10-132-380/+1
| | | | | | | | | | | | this release addressed below CVEs: CVE-2025-22247 CVE-2025-41244 Changelog: https://github.com/vmware/open-vm-tools/releases Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* gimp: patch CVE-2025-5473Gyorgy Sarvari2025-10-132-0/+39
| | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5473 Pick the patch that resolved the relevant upstream bugreport: https://gitlab.gnome.org/GNOME/gimp/-/issues/13910 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* gimp: ignore CVE-2025-8672Gyorgy Sarvari2025-10-131-1/+1
| | | | | | | | | | | | The vulnerability only affects MacOS: https://nvd.nist.gov/vuln/detail/CVE-2025-8672 While touching it, also remove an outdated CVE_STATUS, which has been reported against a very old version of the application. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f516be2c45664c5c03b2245c02995a948e8d2e48) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* exiv2: patch CVE-2025-55304Gyorgy Sarvari2025-10-132-0/+97
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55304 Backport patch mentioned in the details of the vulnerability. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* exiv2: patch CVE-2025-54080Gyorgy Sarvari2025-10-132-0/+78
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-54080 Backport the patch mentioned in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* exiv2: patch CVE-2025-26623Gyorgy Sarvari2025-10-132-1/+85
| | | | | | | | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26623 Apply the first to PRs from the relevant issue. (The second PR adds a test, and the 3rd PR tries to reimplement correctly the feature that introduced the vulnerability: it is switching some raw pointers to smart pointers. It was not picked because the 1. In the original issue it is stated that the first PR itself fixes the vulnerability 2. The patch doesn't apply clean due to the time gap between our and their version 3. The behavior of the application does not change ) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* python3-django: ignore CVE-2025-27556Gyorgy Sarvari2025-10-131-0/+2
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556 Vulnerability affects only Windows - ignore it. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* redis: patch CVE-2025-48367Gyorgy Sarvari2025-10-134-0/+226
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-48367 Backport the patch mentioned in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* redis: patch CVE-2025-32023Gyorgy Sarvari2025-10-134-0/+432
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-32023 Backport the patch mentioned in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* redis: patch CVE-2025-27151Gyorgy Sarvari2025-10-134-0/+67
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27151 Backport the patch mentioned in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* redis: ignore CVE-2025-21605Gyorgy Sarvari2025-10-132-0/+3
| | | | | | | | | | The vulnerability has been fixed in the used versions already, upstream has backported it. 6.2.18: https://github.com/redis/redis/commit/5e93f9cb9dbc3e7ac9bce36f2838156cbc5c9e62 7.2.8: https://github.com/redis/redis/commit/42fb340ce426364d64f5dccc9c2549e58f48ac6f Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* wireshark: patch CVE-2025-5601Gyorgy Sarvari2025-10-132-0/+62
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-5601 Backport the patch from the Gitlab issue linked in the details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* emacs: patch CVE-2024-39331Gyorgy Sarvari2025-10-132-0/+72
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2024-39331 Pick the patch that's mentioned in thee details. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* emacs: patch CVE-2024-30205Gyorgy Sarvari2025-10-132-0/+39
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30205 Pick the patch that's in the description. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* emacs: patch CVE-2024-30204Gyorgy Sarvari2025-10-132-0/+61
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30204 Pick the patch that's mentioned in the description. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* emacs: patch CVE-2024-30203Gyorgy Sarvari2025-10-132-0/+28
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30203 Pick the patch mentioned in the description. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* emacs: patch CVE-2024-30202Gyorgy Sarvari2025-10-132-0/+48
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2024-30202 Backport the patch mentioned in the details of the link. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* dovecot: patch CVE-2022-30550Gyorgy Sarvari2025-10-132-0/+137
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2022-30550 Pick the commit referenced in https://www.openwall.com/lists/oss-security/2022/07/08/1 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* civetweb: patch CVE-2025-55763Gyorgy Sarvari2025-10-132-0/+58
| | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55763 Pick the relevant commit from https://github.com/civetweb/civetweb/pull/1347/ Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* apache2: patch CVE-2025-54090Gyorgy Sarvari2025-10-132-0/+41
| | | | | | | | https://nvd.nist.gov/vuln/detail/CVE-2025-54090 A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
* zlog: fix CVE-2024-22857Ankur Tyagi2025-10-132-1/+34
| | | | | | | | Backport a fix from upstream https://github.com/HardySimpson/zlog/commit/c47f781a9f1e9604f5201e27d046d925d0d48ac4 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-12-28 20:04:51 +0000