Release date:
2026-02-13 16:22:12 UTC
Description:
* SECURITY UPDATE: File descriptor metadata bypass in permission model
- debian/patches/CVE-2025-55132.patch: disable futimes, fdatasync, and
fsync APIs when permission model is enabled to prevent metadata updates
via read-only file descriptors
- CVE-2025-55132
Updated packages:
-
alt-nodejs23-docs_23.11.1-5_amd64.deb
sha:87231545340c0132d8204b0695834f5db2dbfa7c
-
alt-nodejs23-nodejs_23.11.1-5_amd64.deb
sha:7586ed04861d4cbeee36ea8dc49afbd75afc1d17
-
alt-nodejs23-nodejs-devel_23.11.1-5_amd64.deb
sha:8aaa9cdb40bc7b14b85a9866ad9d68e2b259163a
-
alt-nodejs23-npm_10.9.2-23.11.1.5_amd64.deb
sha:4d9fb4ce79de808458a2af0961cb4a0cf2d7a79e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
