Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity issuedebian

Debian 11: DLA-4222-1 critical: activemq Out Of Memory issue

It was discovered that an Out Of Memory error may occur when attempting to initialize a huge byte array, even when maxFrameSize is set. For Debian 11 bullseye, this problem has been fixed in version . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4222-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Emmanuel Arias June 19, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : activemq Version : 5.16.1-1+deb11u2 CVE ID : CVE-2025-27533 Debian Bug : 1104933 It was discovered that an Out Of Memory error may occur when attempting to initialize a huge byte array, even when maxFrameSize is set. For Debian 11 bullseye, this problem has been fixed in version 5.16.1-1+deb11u2. We recommend that you upgrade your activemq packages. For the detailed security status of activemq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/activemq Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . This notice outlines a memory exhaustion problem identified in ActiveMQ for Debian 11 bullseye, urging essential updates to enhance security measures.. ActiveMQ security, Debian 11 update, Out Of Memory error. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 19, 2025 Critical Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysoftware updateremote code execution

Ubuntu 22.04 LTS USN-7268-1 Critical: Apache ActiveMQ Authentication Flaws

Several security issues were fixed in Apache ActiveMQ.. ========================================================================== Ubuntu Security Notice USN-7268-1 February 14, 2025 activemq vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Apache ActiveMQ. Software Description: - activemq: Java message broker - server Details: It was discovered that Apache ActiveMQ incorrectly handled authentication. A remote attacker could possibly use this issue to run arbitrary code. (CVE-2022-41678) It was discovered that Apache ActiveMQ incorrectly handled deserialization. A remote attacker could possibly use this issue to run arbitrary shell commands. (CVE-2023-46604) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS activemq 5.16.1-1ubuntu0.1 libactivemq-java 5.16.1-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7268-1 CVE-2022-41678, CVE-2023-46604 Package Information: https://launchpad.net/ubuntu/+source/activemq/5.16.1-1ubuntu0.1 . Mitigations for Apache ActiveMQ vulnerabilities impacting Ubuntu 22.04 LTS, addressing severe authentication weaknesses.. Apache ActiveMQ Security, Ubuntu Security Updates, Code Execution Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 14, 2025 Critical Ubuntu
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 9 Stretch DLA-2583-1 Critical: ActiveMQ Threats and Updates

Multiple security issues were discovered in activemq, a message broker built around Java Message Service. CVE-2017-15709 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2583-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Abhijith PA March 05, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : activemq Version : 5.14.3-3+deb9u2 CVE ID : CVE-2017-15709 CVE-2018-11775 CVE-2019-0222 CVE-2021-26117 Debian Bug : 890352 908950 982590 Multiple security issues were discovered in activemq, a message broker built around Java Message Service. CVE-2017-15709 When using the OpenWire protocol in activemq, it was found that certain system details (such as the OS and kernel version) are exposed as plain text. CVE-2018-11775 TLS hostname verification when using the Apache ActiveMQ Client was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default. CVE-2019-0222 Unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive CVE-2021-26117 The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. The anonymous context is used to verify a valid users password in error, resulting in no check on the password. For Debian 9 stretch, these problems have been fixed in version 5.14.3-3+deb9u2. We recommend that you upgrade your activemq packages. For the detailed security status of activemq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/activemq Further information about Debian LTS security advisories, how to apply these updates to your system and frequentlyasked questions can be found at: https://wiki.debian.org/LTS . Enhance your ActiveMQ installations to resolve various security vulnerabilities highlighted in the recent Debian LTS notice DLA-2583-1.. ActiveMQ Security Update, Debian LTS Advisory, Critical Security Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 05, 2021 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianauthentication issue

Debian 9: DLA-2400-1 Moderate: ActiveMQ Man-In-The-Middle Risk

Apache ActiveMQ, a Java message broker, uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2400-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany October 07, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : activemq Version : 5.14.3-3+deb9u1 CVE ID : CVE-2020-13920 Apache ActiveMQ, a Java message broker, uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to proxy the original, and bound that, he effectively becomes a man in the middle and is able to intercept the credentials when an user connects. For Debian 9 stretch, this problem has been fixed in version 5.14.3-3+deb9u1. We recommend that you upgrade your activemq packages. For the detailed security status of activemq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/activemq Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance the security of Apache ActiveMQ by upgrading to address vulnerabilities linked to unauthorized access to the JMX RMI registry. Discover further details here.. ActiveMQ Security, Debian Advisory, Man-In-The-Middle Attacks, Java Message Broker. . LinuxSecurity.com Team

Calendar 2 Oct 07, 2020 Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian 7 Wheezy: DLA-913-2 Crucial ActiveMQ Vulnerability Mitigation

It was found that Apache ActiveMQ exposed a remote shutdown command in the ActiveMQConnection class. An attacker could use this flaw to achieve denial of service on a client. . Hash: SHA512 Package : activemq Version : 5.6.0+dfsg-1+deb7u3 CVE ID : CVE-2015-7559 Debian Bug : 860866 It was found that Apache ActiveMQ exposed a remote shutdown command in the ActiveMQConnection class. An attacker could use this flaw to achieve denial of service on a client. For Debian 7 "Wheezy", these problems have been fixed in version 5.6.0+dfsg-1+deb7u3. We recommend that you upgrade your activemq packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Hash: SHA512 Package : activemq Version : 5.6.0+dfsg-1+deb7u3 CVE ID : CVE-2015-7559 Debian Bug : 86. found, apache, activemq, exposed, remote, shutdown, command, activemqconnection, class. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 24, 2017 Important Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalsoftware update

Debian DSA-3524-1 Critical: ActiveMQ Unsafe Deserialization Issue

It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at https://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3524-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : activemq CVE ID : CVE-2015-5254 It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at https://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt For the oldstable distribution (wheezy), this problem has been fixed in version 5.6.0+dfsg-1+deb7u2. For the stable distribution (jessie), this problem has been fixed in version 5.6.0+dfsg1-4+deb8u2. For the testing distribution (stretch), this problem has been fixed in version 5.13.2+dfsg-1. For the unstable distribution (sid), this problem has been fixed in version 5.13.2+dfsg-1. We recommend that you upgrade your activemq packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Uncover insights into DSA-3524-1 related to the vulnerabilities in ActiveMQ's deserialization process and the suggested patches.. ActiveMQ Security, Debian Advisory, Safe Deserialization, Security Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 20, 2016 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical fix

Fedora 22: Activemq Update Critical: Fix Unsafe Deserialization Error

fix for CVE-2015-5254 (rhbz#1291292,1291293). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-7ca4368b0c 2015-12-28 19:19:48.670695 -------------------------------------------------------------------------------- Name : activemq Product : Fedora 22 Version : 5.6.0 Release : 14.fc22 URL : https://activemq.apache.org/ Summary : Open source messaging and Integration Patterns server Description : The most popular and powerful open source messaging and Integration Patterns server. -------------------------------------------------------------------------------- Update Information: fix for CVE-2015-5254 (rhbz#1291292,1291293) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291292 - CVE-2015-5254 activemq: unsafe deserialization https://bugzilla.redhat.com/show_bug.cgi?id=1291292 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update activemq' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The patch for Ubuntu 20.04 addresses a critical vulnerability related to improper input validation in libxml2 as noted in CVE-2020-7590.. Fedora Security Update, activemq Deserialization Fix, open source messaging server. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 28, 2015 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical risk

Fedora 23 Activemq Security Advisory: CVE-2015-5254 Critical Risk

fix for CVE-2015-5254 (rhbz#1291292,1291293). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-eefc5a6762 2015-12-24 21:18:55.866983 -------------------------------------------------------------------------------- Name : activemq Product : Fedora 23 Version : 5.6.0 Release : 14.fc23 URL : https://activemq.apache.org/ Summary : Open source messaging and Integration Patterns server Description : The most popular and powerful open source messaging and Integration Patterns server. -------------------------------------------------------------------------------- Update Information: fix for CVE-2015-5254 (rhbz#1291292,1291293) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291292 - CVE-2015-5254 activemq: unsafe deserialization https://bugzilla.redhat.com/show_bug.cgi?id=1291292 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update activemq' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Keep informed about security vulnerabilities and resolutions for Fedora 23's ActiveMQ, particularly concerning severe threats such as insecure deserialization.. activemq security update, Fedora 23 software patch, critical risk fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 25, 2015 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here