Explore top 10 tips to secure your open-source projects now. Read More
×
Security update. Publication date: 18 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0265.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-29518, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232 Description: The updated package fixes security vulnerabilities: Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write. (CVE-2026-29518) Rsync < 3.4.3 Authorization Bypass via Hostname Resolution. (CVE-2026-43617) Rsync < 3.4.3 Integer Overflow Information Disclosure. (CVE-2026-43618) Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls. (CVE-2026-43619) Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files(). (CVE-2026-43620) Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy. (CVE-2026-45232) References: - https://bugs.mageia.org/show_bug.cgi?id=35562 - https://www.openwall.com/lists/oss-security/2026/05/20/6 - https://lists.debian.org/debian-security-announce/2026/msg00193.html - https://lists.opensuse.org/archives/list/
Security update. Publication date: 18 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0264.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-8829 Description: HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. (CVE-2026-8829) References: - https://bugs.mageia.org/show_bug.cgi?id=35632 - https://www.openwall.com/lists/oss-security/2026/06/04/2 - https://lists.opensuse.org/archives/list/
Security update. Publication date: 18 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0263.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-11527 Description: The updated package fixes a security vulnerability: Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle. (CVE-2026-11527) References: - https://bugs.mageia.org/show_bug.cgi?id=35701 - https://www.openwall.com/lists/oss-security/2026/06/14/5 - https://metacpan.org/release/SHLOMIF/Config-IniFiles-3.001000/changes - https://ubuntu.com/security/notices/USN-8445-1 - https://lists.debian.org/debian-security-announce/2026/msg00265.html - https://lists.fedoraproject.org/archives/list/
Security update. Publication date: 18 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0262.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-57053 Description: GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2. (CVE-2026-57053) References: - https://bugs.mageia.org/show_bug.cgi?id=35726 - http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.355846 - https://lists.gnu.org/archive/html/help-libidn/2026-05/msg00000.html - https://lists.gnu.org/archive/html/help-libidn/2025-06/msg00000.html - https://ubuntu.com/security/notices/USN-8521-1 - https://www.cve.org/CVERecord?id=CVE-2026-57053 SRPMS: - 10/core/libidn-1.43-2.1.mga10 - 9/core/libidn-1.41-2.1.mga9 . Security update for Mageia addressing out-of-bounds reads in libidn. Prompt action recommended to mitigate risks.. Mageia update, libidn security, out-of-bounds, security risk. . Severity: Important. LinuxSecurity.com Team
An update that solves 3 vulnerabilities can now be installed.. # nginx-1.31.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:11295-1 Rating: moderate Cross-References: * CVE-2026-42533 * CVE-2026-56434 * CVE-2026-60005 CVSS scores: * CVE-2026-42533 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42533 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-56434 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-56434 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-60005 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-60005 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the nginx-1.31.3-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * nginx 1.31.3-1.1 * nginx-source 1.31.3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42533.html * https://www.suse.com/security/cve/CVE-2026-56434.html * https://www.suse.com/security/cve/CVE-2026-60005.html . An update for openSUSE addresses three security issues in nginx-1.31.3-1.1 with moderate severity ratings.. openSUSE security update, nginx issues, security vulnerabilities, software patching. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # oras-1.3.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:11297-1 Rating: moderate Cross-References: * CVE-2026-50163 CVSS scores: * CVE-2026-50163 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the oras-1.3.3-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * oras 1.3.3-2.1 * oras-bash-completion 1.3.3-2.1 * oras-fish-completion 1.3.3-2.1 * oras-zsh-completion 1.3.3-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-50163.html . An important update for openSUSE Tumbleweed resolves a moderate security issue in the oras package. Learn more here.. openSUSE security update, oras package, moderate risk advisory, CVE-2026-50163, threat guidance. . Severity: moderate. LinuxSecurity.com Team
An update that solves 3 vulnerabilities can now be installed.. # blender-5.2-5.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11288-1 Rating: moderate Cross-References: * CVE-2022-0544 * CVE-2022-0545 * CVE-2022-0546 Affected Products: * openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the blender-5.2-5.2.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * blender-5.2 5.2.0-1.1 * blender-5.2-demo 5.2.0-1.1 * blender-5.2-lang 5.2.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2022-0544.html * https://www.suse.com/security/cve/CVE-2022-0545.html * https://www.suse.com/security/cve/CVE-2022-0546.html . An update for openSUSE addresses three security issues in Blender, enhancing system protection and stability.. Blender security update, openSUSE vulnerabilities, software patch, package management. . Severity: moderate. LinuxSecurity.com Team
An update that solves 6 vulnerabilities can now be installed.. # gomuks-26.03+git.1780250926.564a8707-1.1 on GA media Announcement ID: openSUSE-SU-2026:11290-1 Rating: moderate Cross-References: * CVE-2026-25681 * CVE-2026-27136 * CVE-2026-33809 * CVE-2026-39821 * CVE-2026-42502 * CVE-2026-42506 CVSS scores: * CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-27136 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42502 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42506 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 6 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the gomuks-26.03+git.1780250926.564a8707-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * gomuks 26.03+git.1780250926.564a8707-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25681.html * https://www.suse.com/security/cve/CVE-2026-27136.html * https://www.suse.com/security/cve/CVE-2026-33809.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-42502.html * https://www.suse.com/security/cve/CVE-2026-42506.html . Explore the openSUSE update solving six vulnerabilities in the gomuks package for improved security management.. openSUSEUpdate, gomuks, security issues, software vulnerability, installation guidance. . Severity: moderate. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.