Re: [oss-security] 3 new CVE's in old branch of GNU mailman

We at cPanel have investigated these claimed vulnerabilities, both internally and via third-party subject-matter experts. We are unable to reproduce the claims using the information provided by the reporter. We do not consider these vulnerabilities to be valid, and we’re in the process of disput

Re: [oss-security] Fwd: Node.js security updates for all active release lines, May 2025

On Thu, May 08, 2025 at 11:44:07AM -0700, Rafael Gonzaga wrote: > The Node.js project will release new versions of all supported release > lines on or shortly after May 14th, 2025 > > For more information, see: > https://nodejs.org/en/blog/vulnerability/may-2025-security-releases Thanks. Attac

[oss-security] Fwd: Node.js security updates for all active release lines, May 2025

-- Mensagem encaminhada - De: Rafael Gonzaga Data: quinta-feira, 8 de maio de 2025 às 15:42:50 UTC-3 Assunto: Node.js security updates for all active release lines, May 2025 Para: nodejs-sec The Node.js project will release new versions of all supported release lines on or sh

[oss-security] OSSA-2025-001 / CVE-2025-44021: OpenStack Ironic fails to restrict paths used for file:// image URLs

= OSSA-2025-001: Ironic fails to restrict paths used forfile:// image URLs = :Date: May 08, 2024 :CVE: CVE-2025-44021 Affects ~~~ - Ironic: <24.1.3