VYPR

rpm package

suse/update-alternatives&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/update-alternatives&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (2)

  • CVE-2026-2219HigMar 7, 2026
    affected < 1.22.0-3.1fixed 1.22.0-3.1

    It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).

  • CVE-2025-6297Jul 1, 2025
    affected < 1.22.0-2.1fixed 1.22.0-2.1

    It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given