Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity updatesoftware patch

SUSE: 2024:1508-1 Moderate: SUSE Manager Tools Security Fix

* bsc#1219912 * bsc#1221465 * bsc#1222155 * jsc#MSQA-760 * jsc#PED-7893 . # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:1508-1 Rating: moderate References: * bsc#1219912 * bsc#1221465 * bsc#1222155 * jsc#MSQA-760 * jsc#PED-7893 * jsc#PED-7928 Cross-References: * CVE-2023-6152 * CVE-2024-1313 CVSS scores: * CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves two vulnerabilities, contains three features and has one security fix can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-node_exporter: * Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpuvulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 * Update to 1.6.1: (no source code changes in this release) * BuildRequire go1.20 * Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 *[ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 * Change go_modules archive in _service to use obscpio file grafana: * Packaging improvements: * Changed deprecated `disabled` service mode to `manual` * Drop golang-packaging macros * Drop explicit mod=vendor as it is enabled automatically * Update to version 9.5.18: * [SECURITY] CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * Update to version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 * Require Go 1.20 * Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors * Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login * Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication * Updateto version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling mgr-daemon: * Version 4.3.9-0 * Update translation strings spacecmd: * Version 4.3.27-0 * Update translation strings spacewalk-client-tools: * Version 4.3.19-0 * Update translation strings spacewalk-koan: * Version 4.3.6-0 * Change Docker image location for test uyuni-common-libs: * Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-1508=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1508=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1508=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1508=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.14.0-1.18.1 * golang-github-prometheus-alertmanager-0.26.0-1.27.2 * golang-github-prometheus-node_exporter-1.7.0-1.30.2 * python2-uyuni-common-libs-4.3.10-1.39.1 * grafana-9.5.18-1.63.1 * SUSE Manager Client Tools for SLE 12 (noarch) * spacewalk-client-setup-4.3.19-52.98.1 * spacecmd-4.3.27-38.139.1 * python2-spacewalk-client-tools-4.3.19-52.98.1 * spacewalk-client-tools-4.3.19-52.98.1 * python2-spacewalk-check-4.3.19-52.98.1 * spacewalk-koan-4.3.6-24.36.1 * spacewalk-check-4.3.19-52.98.1 * mgr-daemon-4.3.9-1.47.1 *python2-spacewalk-koan-4.3.6-24.36.1 * python2-spacewalk-client-setup-4.3.19-52.98.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.7.0-1.30.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.7.0-1.30.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.7.0-1.30.2 ## References: * https://www.suse.com/security/cve/CVE-2023-6152.html * https://www.suse.com/security/cve/CVE-2024-1313.html * https://bugzilla.suse.com/show_bug.cgi?id=1219912 * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1222155 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FMSQA-760&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-7893&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-7928&page_caps=&user_role= . A safety revision for SUSE Manager Client Utilities covers various intermediate challenges and provides essential guidance for applying updates.. SUSE Manager Client Tools, Security Patch, System Administration. . LinuxSecurity.com Team

Calendar 2 May 06, 2024 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 25: Security Update for GLPI Critical SQL Injection Issues

--------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-2ec83f11c1 2017-08-02 14:20:05.491874 --------------------------------------------------------------------------------Name : glpi Product : Fedora 25 Version : 9.1.6 Release : 1.fc25 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. --------------------------------------------------------------------------------Update Information: * various security fixes (https://github.com/glpi-project/glpi/issues/2475, https://github.com/glpi-project/glpi/issues/2476, * fix regressions on self service portal: * self-service users should not be auto assigned as tech * type and category fields are not selectable --------------------------------------------------------------------------------References: [ 1 ] Bug #1473225 - CVE-2017-11474 CVE-2017-11475 glpi: SQL injection in ajax/common.tabs.php and front/rulesengine.test.php [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473225 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade glpi' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . * various security fixes (https://github.com/glpi-project/glpi/issues/2475, https://github.com/glpi-project/glpi/issues/2476, * fix regressions on self service portal: * self-service users should not be auto assigned as tech * type and category fields are not selectable. This Fedora patch enhances security by resolving flaws in glpi, particularly concerning SQL injection and portal weaknesses. Maintain your safety!. Fedora Update, GLPI Software, SQL Injection, Security Fixes, Administration Tools. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 02, 2017 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorycriticalprivilege escalation

Scientific Linux: Xen Security Advisory for SL5.x Critical Issue

Important: xen security update. Date: Wed, 5 Sep 2012 14:43:13 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: Security ERRATA Important: xen on SL5.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: xen security update Issue Date: 2012-09-05 CVE Numbers: CVE-2012-3515 The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu process on the host or, possibly, escalate their privileges on the host. (CVE-2012-3515) This flaw did not affect the default use of the Xen hypervisor implementation in Red Hat Enterprise Linux 5. This problem only affected fully-virtualized guests that have a serial or parallel device that uses a virtual console (vc) back-end. By default, the virtual console back-end is not used for such devices; only guests explicitly configured to use them in this way were affected. All users of xen are advised to upgrade to these updated packages, which correct this issue. After installing the updated packages, all fully-virtualized guests must be restarted for this update to take effect. SL5 x86_64 xen-libs-3.0.3-135.el5_8.5.i386.rpm xen-libs-3.0.3-135.el5_8.5.x86_64.rpm xen-3.0.3-135.el5_8.5.x86_64.rpm xen-devel-3.0.3-135.el5_8.5.i386.rpm xen-devel-3.0.3-135.el5_8.5.x86_64.rpm i386 xen-libs-3.0.3-135.el5_8.5.i386.rpm xen-3.0.3-135.el5_8.5.i386.rpm xen-devel-3.0.3-135.el5_8.5.i386.rpm - Scientific Linux Development Team . Discover key information about the significant Xen security patch for SL5.x, focusing on essential issues andrequired measures.. xen security update, Scientific Linux, privilege escalation, software update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 05, 2012 Critical Scientific Linux
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatexen

Scientific Linux SL5.x Moderate: Xen Security Update CVE-2012-2625

Moderate: xen security update. Date: Wed, 1 Aug 2012 10:09:32 -0500 Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it. Sender: Security Errata for Scientific Linux From: Patrick Riehecky Subject: Security ERRATA Moderate: xen on SL5.x i386/x86_64 Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Moderate: xen security update Issue Date: 2012-07-31 CVE Numbers: CVE-2012-2625 The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Scientific Linux. A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest (a DomU) could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain (the Dom0). (CVE-2012-2625) All users of xen are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the xend service must be restarted for this update to take effect. SL5: i386 xen-3.0.3-135.el5_8.4.i386.rpm xen-debuginfo-3.0.3-135.el5_8.4.i386.rpm xen-devel-3.0.3-135.el5_8.4.i386.rpm xen-libs-3.0.3-135.el5_8.4.i386.rpm x86_64 xen-3.0.3-135.el5_8.4.x86_64.rpm xen-debuginfo-3.0.3-135.el5_8.4.i386.rpm xen-debuginfo-3.0.3-135.el5_8.4.x86_64.rpm xen-devel-3.0.3-135.el5_8.4.i386.rpm xen-devel-3.0.3-135.el5_8.4.x86_64.rpm xen-libs-3.0.3-135.el5_8.4.i386.rpm xen-libs-3.0.3-135.el5_8.4.x86_64.rpm - Scientific Linux Development Team . A routine security enhancement for Xen impacting Scientific Linux SL5.x on i386/x86_64, rectifying a vulnerability in pyGrub.. Scientific Linux,xen security,administration tools,security update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 01, 2012 Important Scientific Linux
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here