Security fix for CVE-2025-47273
Comment
Fixes CVE-2025-32873: Denial-of-service possibility in strip_tags() Fixes CVE-2025-48432: Potential log injection via unescaped request path
New version 2.6.3 (rhbz#2368989) Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 kea.conf: Remove /tmp/ from socket-name for existing configurations kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention
Fixes CVE-2025-32873: Denial-of-service possibility in strip_tags() Fixes CVE-2025-48432: Potential log injection via unescaped request path
libblockdev could be made to run programs as an administrator.