Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

oss-security mailing list - 2026/06/29

• Symlink Traversal Privilege Escalation via getfattr/setfattr, getfacl/setfacl/chacl, libacl (Andreas Gruenbacher <agruenba@...hat.com>)
• Re: Symlink Traversal Privilege Escalation via getfattr/setfattr, getfacl/setfacl/chacl, libacl (Michael Orlitzky <michael@...itzky.com>)
• CVE-2023-0645: libjxl/cjxl out-of-bounds read in EXIF metadata parsing ("Alexander A. Shvedov" <shvedov@....fr>)
• CVE-2025-70099: lwext4 NULL pointer dereference in ext4_dir_en_get_name_len (shvedov@....com)
• CVE-2025-70100: lwext4 divide-by-zero in ext4_block_set_lb_size (shvedov@....com)
• CVE-2025-70101: lwext4 out-of-bounds read in ext4_ext_binsearch_idx (shvedov@....com)
• CVE-2026-49432: Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables deni… ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-49434: Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied … ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-49877: Apache ActiveMQ: Authenticated web users retain admin access by default in the Web Console ("Christopher L. Shannon" <cshannon@...che.org>)
• CVE-2026-50734: Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-alloca… ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-50750: Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following… ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-52760: Apache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web Console ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-53916: Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec… ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-53917: Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory … ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-54475: Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover ("Christopher L. Shannon" <cshannon@...c…)
• CVE-2026-56017: JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the firs… (Robert Rothenberg <rrwo@...nsec.org>)
• CVE-2026-56018: JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unb… (Robert Rothenberg <rrwo@...nsec.org>)
• CVE-2026-13593: CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified aw… (Robert Rothenberg <rrwo@...nsec.org>)
• CVE-2026-13758: CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming … (Stig Palmquist <stig@...g.io>)
• CVE-2026-50229: Apache Tomcat: XSS in number guess example (Mark Thomas <markt@...che.org>)
• CVE-2026-53404: Apache Tomcat: Bad ornext processing in RewriteValve (Mark Thomas <markt@...che.org>)
• CVE-2026-53434: Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector (Mark Thomas <markt@...che.org>)
• CVE-2026-55276: Apache Tomcat: Logged effective web.xml is incomplete (Mark Thomas <markt@...che.org>)
• CVE-2026-55955: Apache Tomcat: EncryptInterceptor not protected against replay attacks (Mark Thomas <markt@...che.org>)
• CVE-2026-55956: Apache Tomcat: Security constraints for default servlet ignored method (Mark Thomas <markt@...che.org>)
• CVE-2026-55957: Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind (Mark Thomas <markt@...che.org>)

26 messages

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.