Several security issues were fixed in Open VM Tools.
Comment
Archive for August, 2025
139 results.
CVE-2025-8067 Out-Of-Bounds Read in UDisks Daemon
CVE-2025-8010: Type Confusion in V8 CVE-2025-8011: Type Confusion in V8 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome
Update to release v0.27.0 Resolves: rhvz#2388453, rhbz#2384137, rhbz#2384154 Upstream new features and fixes
Remove prebuild libffts.a library
Update to 139.0.7258.154 CVE-2025-9478: Use after free in ANGLE
Two vulnerabilities were discovered in the Firebird database, which may result in denial of service or authentication bypass. For the stable distribution (trixie), these problems have been fixed in
A full house of attendees gathered in Portland, Oregon, for WordCamp US 2025, with thousands more tuning in online. Over four days, the flagship WordPress event brought together contributors, innovators, and community members for collaboration, inspiration, and discovery. WordPress is so unique because we’re not just a product; we’re a movement. Matt Mullenweg, WordPress Cofounder […]
Update to latest upstream (142.0.1) Updated to new upstream release (142.0)
Multiple vulnerabilities were discovered in Node.js, which could result in denial of service, HTTP request smuggling, privilege escalation, a side channel attack against PKCS#1 1.5 or a bypass of network import restrictions.
Several security issues were fixed in Python.
A flaw was found in libxslt, the XSLT 1.0 processing library, where the attribute type, atype, flags are modified in a way that corrupts internal memory management. This is addressed by adding guards in libxml2, the GNOME XML library, preventing the heap use-after-free from happening.
Several security issues were fixed in OpenLDAP.
Updated to 139.0.7258.138 CVE-2025-9132: Out of bounds write in V8
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Michael Imfeld discovered an out-of-bounds read vulnerability in udisks2, a D-Bus service to access and manipulate storage devices, which may result in denial of service (daemon process crash), or in mapping an internal file descriptor from the daemon process onto a loop device,
A security issues was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Rebase to new version resolves CVE-2025-31492
Multiple security issues were discovered in Unbound, a validating, recursive, caching DNS resolver, which may result in denial of service or cache poisoning via the “rebirthday attack”.
Several security issues were fixed in the Linux kernel.
Update to upstream version 0.2.8 Update idna dependency to a version not affected by CVE-2024-12224
fix CVE-2025-9165: memory leak in tiffcmp (rhbz#2389608)
fix CVE-2025-8534: null pointer dereference in tiff2ps (rhbz#2386494) fix CVE-2024-13978: null pointer dereference in tiff2pdf (rhbz#2386201)
Several security issues were fixed in the Linux kernel.
Nikita Skorovoda discovered that Node cipher-base, an abstract base class for crypto-streams, performed incomplete type checks. For the oldstable distribution (bookworm), this problem has been fixed
GNU binutils could be made to crash if it received a specially crafted input.