Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryMageiaalgorithm confusion

Mageia: 2024-0238 Moderate: python-authlib Algorithm Confusion Issue

Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and CVE-2024-33663.) . MGASA-2024-0238 - Updated python-authlib packages fix security vulnerability Publication date: 25 Jun 2024 URL: https://advisories.mageia.org/MGASA-2024-0238.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-37568 Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and CVE-2024-33663.) References: - https://bugs.mageia.org/show_bug.cgi?id=33315 - https://lists.suse.com/pipermail/sle-updates/2024-June/035616.html - https://www.cve.org/CVERecord?id=CVE-2024-37568 SRPMS: - 9/core/python-authlib-1.3.1-1.mga9 . Revised python-authlib versions tackle algorithm ambiguity that posed security threats. Check internal details and potential repercussions.. python-authlib updates, Mageia security advisory, asymmetric keys, HMAC issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 25, 2024 Important Mageia
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryupdateimportant

openSUSE Leap 15.6: 2024:2064-1 Important: Authlib Algorithm Issue

* bsc#1226138 Cross-References: * CVE-2024-37568 . # Security update for python-Authlib Announcement ID: SUSE-SU-2024:2064-1 Rating: important References: * bsc#1226138 Cross-References: * CVE-2024-37568 CVSS scores: * CVE-2024-37568 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-37568 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Authlib fixes the following issues: * Update to version 1.3.1 * CVE-2024-37568: Fixed algorithm confusion with asymmetric public keys. (bsc#1226138) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2064=1 openSUSE-SLE-15.6-2024-2064=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2064=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Authlib-1.3.1-150600.3.3.1 * Python 3 Module 15-SP6 (noarch) * python311-Authlib-1.3.1-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37568.html * https://bugzilla.suse.com/show_bug.cgi?id=1226138 . Important patch for python-Authlib resolves significant ambiguity tied to CVE-2024-37568 within SUSE packages.. python authlib updates, SUSE security patches, algorithm security risks, asymmetric keys vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 18, 2024 Important SuSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updateimportant

openSUSE: 2024:0118-1 Important: python-python-jose Algorithm Issue

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for python-python-jose ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0118-1 Rating: important References: #1223417 Cross-References: CVE-2024-33663 CVSS scores: CVE-2024-33663 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-python-jose fixes the following issues: CVE-2024-33663: Fixed algorithm confusion with OpenSSH ECDSA keys and other key formats (boo#1223417). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-118=1 Package List: - openSUSE Backports SLE-15-SP5 (noarch): python3-python-jose-3.0.1-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-33663.html https://bugzilla.suse.com/1223417 . A security patch for python-python-jose resolves algorithm confusion vulnerabilities highlighted in openSUSE's most recent notification.. Python Jose Update, OpenSUSE Security, Important Security Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 07, 2024 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here