Release date:
2026-02-13 16:19:48 UTC
Description:
* SECURITY UPDATE: File descriptor metadata bypass in permission model
- debian/patches/CVE-2025-55132.patch: disable futimes, fdatasync, and
fsync APIs when permission model is enabled to prevent metadata updates
via read-only file descriptors
- CVE-2025-55132
Updated packages:
-
alt-nodejs23-docs_23.11.1-5_amd64.deb
sha:87231545340c0132d8204b0695834f5db2dbfa7c
-
alt-nodejs23-nodejs_23.11.1-5_amd64.deb
sha:fca0005add6a4acd6028bfdbf657d25036a2a848
-
alt-nodejs23-nodejs-devel_23.11.1-5_amd64.deb
sha:1928de3d030291c16c7f01d44b1659474a476a72
-
alt-nodejs23-npm_10.9.2-23.11.1.5_amd64.deb
sha:4d9fb4ce79de808458a2af0961cb4a0cf2d7a79e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
