Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 4 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issueimportant

Mageia 9 perl-Net-CIDR-Lite Important IP ACL Bypass Fix MGASA-2026-0115

MGASA-2026-0115 - Updated perl-Net-CIDR-Lite packages fix security vulnerabilities. MGASA-2026-0115 - Updated perl-Net-CIDR-Lite packages fix security vulnerabilities Publication date: 07 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0115.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-40198, CVE-2026-40199 Description: Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. (CVE-2026-40198) Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. (CVE-2026-40199) References: - https://bugs.mageia.org/show_bug.cgi?id=35348 - https://www.openwall.com/lists/oss-security/2026/04/11/1 - https://www.openwall.com/lists/oss-security/2026/04/11/2 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/SKKSURTDDZIA5TCZ3QL5KFVFSKVVMRSQ/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40198 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40199 SRPMS: - 9/core/perl-Net-CIDR-Lite-0.230.0-1.mga9 . Mageia updates perl-Net-CIDR-Lite to fix IP ACL bypass issues in versions before 0.23 to enhance network security.. Mageia perl security perl-Net-CIDR-Lite ACL Bypass. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 07, 2026 Important Mageia
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian DSA-6235-1 dnsdist Critical Denial of Service Attack

Multiple security vulnerabilities were discovered in the dnsdist DNS loadbalancer, which could result in denial of service, information disclosure or ACL bypass. For the stable distribution (trixie), these problems have been fixed in version 1.9.14-0+deb13u1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6235-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dnsdist CVE ID : CVE-2026-0396 CVE-2026-0397 CVE-2026-24028 CVE-2026-24029 CVE-2026-24030 CVE-2026-27853 CVE-2026-27854 CVE-2026-33254 CVE-2026-33257 CVE-2026-33260 CVE-2026-33593 CVE-2026-33594 CVE-2026-33595 CVE-2026-33596 CVE-2026-33597 CVE-2026-33598 CVE-2026-33599 CVE-2026-33602 Multiple security vulnerabilities were discovered in the dnsdist DNS loadbalancer, which could result in denial of service, information disclosure or ACL bypass. For the stable distribution (trixie), these problems have been fixed in version 1.9.14-0+deb13u1. We recommend that you upgrade your dnsdist packages. For the detailed security status of dnsdist please refer to its security tracker page at: https://security-tracker.debian.org/tracker/dnsdist Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Explore security advisory DSA-6235-1 for Debian dnsdist with critical vulnerabilities fixed. Essential updates recommended.. Debian Security, dnsdist Update, ACL Bypass, Information Disclosure, Denial of Service. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 28, 2026 Critical Debian
Banner 1 1028x280 1708121660 1771599717
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issueimportant

Mageia 9 Coturn Important ACL Bypass Vulnerability Fix MGASA-2026-0051

MGASA-2026-0051 - Updated coturn packages fix security vulnerability. MGASA-2026-0051 - Updated coturn packages fix security vulnerability Publication date: 09 Mar 2026 URL: https://advisories.mageia.org/MGASA-2026-0051.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-27624 Description: IPv4-mapped IPv6 (::ffff:0:0/96) bypasses denied-peer-ip ACL. (CVE-2026-27624) References: - https://bugs.mageia.org/show_bug.cgi?id=35179 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/37LHFMZ3OPUJRL3DZ3WVCJ7FO62HMVUT/ - https://www.cve.org/CVERecord?id=CVE-2026-27624 SRPMS: - 9/core/coturn-4.6.2-1.1.mga9 . Updated Mageia coturn packages address an important vulnerability affecting version 9. Immediate action is necessary for users.. Mageia Coturn Security Advisory, Mageia Security Update, Coturn Vulnerability Fix, Mageia ACL Security Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 09, 2026 Important Mageia
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryupdatepatch

openSUSE Leap 15.5: SUSE-SU-2023:3711-1 Low: Redis7 ACL Bypass

This update for redis7 fixes the following issues: CVE-2023-41053: Fixed SORT_RO may bypass ACL configuration (bsc#1215094).. # Security update for redis7 Announcement ID: SUSE-SU-2023:3711-1 Rating: low References: * #1215094 Cross-References: * CVE-2023-41053 CVSS scores: * CVE-2023-41053 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-41053 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2023-41053: Fixed SORT_RO may bypass ACL configuration (bsc#1215094). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-3711=1 openSUSE-SLE-15.5-2023-3711=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-3711=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150500.3.6.1 * redis7-debugsource-7.0.8-150500.3.6.1 * redis7-7.0.8-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150500.3.6.1 * redis7-debugsource-7.0.8-150500.3.6.1 * redis7-7.0.8-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41053.html * https://bugzilla.suse.com/show_bug.cgi?id=1215094 . A crucial security patch for redis7 has been released, dealing with CVE-2023-41053, which fixes an ACL configuration oversight in openSUSE Leap15.5.. Redis Security Update, openSUSE Patch, Redis7 Fix, ACL Bypass Threat. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 20, 2023 Low OpenSUSE
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat 8 RHSA-2020:5487-01 Moderate: Pacemaker ACL Bypass

An update for pacemaker is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: pacemaker security update Advisory ID: RHSA-2020:5487-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5487 Issue date: 2020-12-15 CVE Names: CVE-2020-25654 ==================================================================== 1. Summary: An update for pacemaker is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux High Availability (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Resilient Storage (v. 8) - noarch, ppc64le, s390x, x86_64 3. Description: The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Security Fix(es): * pacemaker: ACL restrictions bypass (CVE-2020-25654) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1888191 - CVE-2020-25654 pacemaker: ACL restrictions bypass 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: pacemaker-2.0.4-6.el8_3.1.src.rpm aarch64: pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-cluster-libs-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-libs-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm noarch: pacemaker-schemas-2.0.4-6.el8_3.1.noarch.rpm ppc64le: pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cluster-libs-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-libs-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm s390x: pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cluster-libs-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.s390x.rpm pacemaker-libs-2.0.4-6.el8_3.1.s390x.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.s390x.rpm x86_64: pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cluster-libs-2.0.4-6.el8_3.1.i686.rpm pacemaker-cluster-libs-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.i686.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-libs-2.0.4-6.el8_3.1.i686.rpm pacemaker-libs-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm Red Hat Enterprise Linux High Availability (v.8): aarch64: pacemaker-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-cli-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-remote-2.0.4-6.el8_3.1.aarch64.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.aarch64.rpm noarch: pacemaker-cts-2.0.4-6.el8_3.1.noarch.rpm pacemaker-doc-2.0.4-6.el8_3.1.noarch.rpm pacemaker-nagios-plugins-metadata-2.0.4-6.el8_3.1.noarch.rpm ppc64le: pacemaker-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cli-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-remote-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm s390x: pacemaker-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cli-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.s390x.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.s390x.rpm pacemaker-remote-2.0.4-6.el8_3.1.s390x.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.s390x.rpm x86_64: pacemaker-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cli-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.i686.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.i686.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-remote-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm Red Hat Enterprise Linux Resilient Storage (v.8): noarch: pacemaker-cts-2.0.4-6.el8_3.1.noarch.rpm pacemaker-doc-2.0.4-6.el8_3.1.noarch.rpm pacemaker-nagios-plugins-metadata-2.0.4-6.el8_3.1.noarch.rpm ppc64le: pacemaker-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cli-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-remote-2.0.4-6.el8_3.1.ppc64le.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.ppc64le.rpm s390x: pacemaker-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cli-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.s390x.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.s390x.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.s390x.rpm pacemaker-remote-2.0.4-6.el8_3.1.s390x.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.s390x.rpm x86_64: pacemaker-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cli-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-cli-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-cluster-libs-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.i686.rpm pacemaker-debugsource-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-libs-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.i686.rpm pacemaker-libs-devel-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-remote-2.0.4-6.el8_3.1.x86_64.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.i686.rpm pacemaker-remote-debuginfo-2.0.4-6.el8_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our keyand details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25654 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX9jwX9zjgjWX9erEAQi08g/+NTtWmjZea+u5S4mSq3UigVjAjXhf0FyI yX8lDZOWp5YCvnmMTgk1mfDsOPwM9o+baBgaWXSy7+CAIR2Shgb+vtvu0J3zyrh0 RQP03sp5JHdo1tTShjgnFdLgCkweCT0fEUqlt9Kq/p0ISSaIo5HUpBFbTq3FLrIc tTapC0J5MRzehlpRn6I70vzQQ2nv+WAJFqulg+TabmrRkCJHVhOmnOGuyWu8mr9r 3lIVkT6LD5xJuJbkonOr8fV72qLidhWLyJCung99JQgrTxddBgg/wcHYVNjWshJ9 RAD8LoAw5P/AsFDtuGuf+fzR7MMyv2iDC3L2MtRn43eKoEYc88/dDgdmyPOB67U/ yGw5iOu4TXP7TnZmRUrTX1o3EOfGYu2+DxlWyDwbbsT2yUoEJZAeWVgtAxo84RIJ /vPLQj38GYY3U2kxoSs+ftS02wOfoUr+c+pdYAkYaN8k8aS13BKYKdx+b2MMs/mT cwMJOK4QEZnxbnVSGNColLzDCVMq7rf9Tk7KjonTQE8VPEwuwAUYoDtzaeTLt9du zPWv+EoGPWr6G+33S/zwuzy+RIat0+AYrl/a1okiW8vzHU5cCD9CtfvK5ZQnhl1d Nc4LKqV9t8N0yB9tR/MwQaZj2v8G/OK++IQ2xBSw3HIf+hLiVVJEKn+BeC4aKXfo LfvBBkQ82CY=NKPs -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat released a minor security patch for corosync on RHEL 8, fixing vulnerabilities related to privilege escalation. Discover additional details.. Pacemaker Update, Red Hat Security, Linux Application Security. . LinuxSecurity.com Team

Calendar 2 Dec 15, 2020 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatered hat

Red Hat Enterprise Linux 7: RHSA-2020-5453 Moderate: pacemaker ACL Bypass

An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: pacemaker security update Advisory ID: RHSA-2020:5453-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:5453 Issue date: 2020-12-15 CVE Names: CVE-2020-25654 ==================================================================== 1. Summary: An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server High Availability (v. 7) - ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64 3. Description: The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Security Fix(es): * pacemaker: ACL restrictions bypass (CVE-2020-25654) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1888191 -CVE-2020-25654 pacemaker: ACL restrictions bypass 6. Package List: Red Hat Enterprise Linux Server High Availability (v. 7): Source: pacemaker-1.1.23-1.el7_9.1.src.rpm ppc64le: pacemaker-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-cli-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-cts-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-doc-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-libs-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-remote-1.1.23-1.el7_9.1.ppc64le.rpm s390x: pacemaker-1.1.23-1.el7_9.1.s390x.rpm pacemaker-cli-1.1.23-1.el7_9.1.s390x.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.s390x.rpm pacemaker-cts-1.1.23-1.el7_9.1.s390x.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.s390x.rpm pacemaker-doc-1.1.23-1.el7_9.1.s390x.rpm pacemaker-libs-1.1.23-1.el7_9.1.s390x.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.s390x.rpm pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.s390x.rpm pacemaker-remote-1.1.23-1.el7_9.1.s390x.rpm x86_64: pacemaker-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cli-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.i686.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cts-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.i686.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-doc-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-libs-1.1.23-1.el7_9.1.i686.rpm pacemaker-libs-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.i686.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-remote-1.1.23-1.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server Resilient Storage (v.7): Source: pacemaker-1.1.23-1.el7_9.1.src.rpm ppc64le: pacemaker-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-cli-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-cts-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-doc-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-libs-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.ppc64le.rpm pacemaker-remote-1.1.23-1.el7_9.1.ppc64le.rpm s390x: pacemaker-1.1.23-1.el7_9.1.s390x.rpm pacemaker-cli-1.1.23-1.el7_9.1.s390x.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.s390x.rpm pacemaker-cts-1.1.23-1.el7_9.1.s390x.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.s390x.rpm pacemaker-doc-1.1.23-1.el7_9.1.s390x.rpm pacemaker-libs-1.1.23-1.el7_9.1.s390x.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.s390x.rpm pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.s390x.rpm pacemaker-remote-1.1.23-1.el7_9.1.s390x.rpm x86_64: pacemaker-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cli-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.i686.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cts-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.i686.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-doc-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-libs-1.1.23-1.el7_9.1.i686.rpm pacemaker-libs-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.i686.rpm pacemaker-libs-devel-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-remote-1.1.23-1.el7_9.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25654 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX9id+tzjgjWX9erEAQho0g//btdR7IBSyArF+uxo7rBjJ0Y6a/un0ZZL HBhhDG9ZB6zW9O9lXHa4NCU83PoMFixqso+2grl1OehtfbXhsWw7r3YUu1pTFWtr csr4ezbkRIYZup5o8p/Rp1hv4ZDPtXxeoQM9q5H8PHK8XUXtbcVXN60UtQTnSnY6 TR2hvWRzz5VqDHk9dxNxjyZixUrCxEZ6ZAFqJkkO3/5wxMx6wcKuyp0n0cndI2zT F8TevW6PSZ/jvKTq0g0GUmLvMmMyL60J9fgENr6jAydSyiu6XdPEBIBcWfZQVAAn soBunS2yIc1VKSWIIv0/CVrJrclvPVxVKqLe8ijuxGXeCJDH09NgSvChkyCHztyh zkMzI7334W6kEMyFakGnnrfrTRJFxoJYQoD8CaNQnmjFAuhqG9pRSnlwHCtrO/Rl wtpa308WPEeRzmkET+RSCr6DC1V06ekVVpqBRjWtSudQ7RVWLtkdSJqBu7tVZH6l FWOz3UcXb33bAqDMPDMkNJpOcVYkhoon5+ckn2TtINvBI91kEAgG5r0b08TE5XzX 0erCW/O2ZI66qmNrnHNsR6UcLPK4Nn+CB0MPBg1vPV0JaKFGLW78aOBNyrMgjDya FxEZw9Ai0u8lbgAe2yiMRvLSyh6Vjos6xcsOY3e6xW4It1dTAlhHw65Dg5sd3JXO gKtV9O+JnaU=1seN -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A moderate patch has been released for pacemaker in Red Hat Enterprise Linux, resolving an issue with ACL access control bypass.. Red Hat Security, ACL Bypass Fix, Pacemaker Update, Linux Enterprise Update. . LinuxSecurity.com Team

Calendar 2 Dec 15, 2020 Red Hat
Banner 1 1028x280 1708121660 1771599717
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity updatecritical

Mageia 7: MGASA-2020-0409 Critical: Pacemaker ACL Bypass

ACL restrictions bypass. (CVE-2020-25654) References: - https://bugs.mageia.org/show_bug.cgi?id=27472 - https://www.openwall.com/lists/oss-security/2020/10/27/1 . MGASA-2020-0409 - Updated pacemaker packages fix a security vulnerability Publication date: 10 Nov 2020 URL: https://advisories.mageia.org/MGASA-2020-0409.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-25654 ACL restrictions bypass. (CVE-2020-25654) References: - https://bugs.mageia.org/show_bug.cgi?id=27472 - https://www.openwall.com/lists/oss-security/2020/10/27/1 - https://bugzilla.redhat.com/show_bug.cgi?id=1888191 - - https://www.cve.org/CVERecord?id=CVE-2020-25654 SRPMS: - 7/core/pacemaker-1.1.19-2.2.mga7 . Revised pacemaker software addresses a significant ACL bypass security flaw released in accordance with Mageia advisory MGASA-2020-0409.. Mageia Security Update, Pacemaker Vulnerability, ACL Bypass Fix, MGASA-2020-0409. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 10, 2020 Critical Mageia
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA-4590-1 Critical: cyrus-imapd ACL Bypass Flaw

It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4590-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cyrus-imapd CVE ID : CVE-2019-19783 It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks. For the oldstable distribution (stretch), this problem has been fixed in version 2.5.10-3+deb9u2. For the stable distribution (buster), this problem has been fixed in version 3.0.8-6+deb10u3. We recommend that you upgrade your cyrus-imapd packages. For the detailed security status of cyrus-imapd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cyrus-imapd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The DSA-4590-2 bulletin addresses a vulnerability found in dovecot, which permits privilege escalation, impacting accounts with superuser permissions.. Cyrus IMAP, Debian Security, Mail Server Exploits, Admin Rights, Access Control. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 19, 2019 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here