Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE: 2025:0030-1 moderate: dante access control security fix

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for dante ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0030-1 Rating: moderate References: #1234688 Cross-References: CVE-2024-54662 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for dante fixes the following issues: - Update to version 1.4.4 * Fixed incorrect access control for some sockd.conf configurations involving socksmethod (boo#1234688, CVE-2024-54662). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2025-30=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): dante-1.4.4-bp156.4.3.1 dante-devel-1.4.4-bp156.4.3.1 dante-server-1.4.4-bp156.4.3.1 libsocks0-1.4.4-bp156.4.3.1 - openSUSE Backports SLE-15-SP6 (aarch64_ilp32): dante-devel-64bit-1.4.4-bp156.4.3.1 libsocks0-64bit-1.4.4-bp156.4.3.1 References: https://www.suse.com/security/cve/CVE-2024-54662.html https://bugzilla.suse.com/1234688 . Debian Security Patch addresses vulnerabilities in nginx, improving overall safety and efficiency across the platform.. openSUSE security update,dante access control fix,openSUSE dante advisory,software security patch. . LinuxSecurity.com Team

Calendar 2 Jan 23, 2025 OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySUSEsecurity fixes

SUSE: 2009:008 Moderate Risk: Low Profile Security Updates Released

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2009:008 Date: Mon, 06 Apr 2009 15:00:00 +0000 Cross-References: CVE-2008-0928, CVE-2008-1945, CVE-2008-2025 CVE-2008-2382, CVE-2008-4311, CVE-2008-4539 CVE-2008-5498, CVE-2008-5557, CVE-2008-5714 CVE-2009-0021, CVE-2009-0115, CVE-2009-0186 CVE-2009-0754, CVE-2009-1148, CVE-2009-1149 CVE-2009-1150, CVE-2009-1151 Content of this advisory: 1) Solved Security Vulnerabilities: - multipath-tools - bluez - xntp - apache-mod_php4 - apache2-mod_php5 - struts - qemu - libsndfile - phpMyAdmin 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - multipath-tools Default permissions on the multipathd socket file were to generous and allowed any user to connect (CVE-2009-0115). Affected products: SLES9, OES, NLD9 - bluez The dbus package used a too permissive configuration. Therefore intended access control for some services was not applied (CVE-2008-4311). The new configuration denies access by default. Some dbus services may break due to this setting and need an updated configuration as well. Affected products: openSUSE 10.3 - xntp ntp didn't properly check the return value of the openssl function EVP_VerifyFinal (CVE-2009-0021). Additionally a problem where ntpd refused to use keys from /etc/ntp.keys has been fixed. Affected products: SLES10-SP2 - apache-mod_php4 Specially crafted strings could trigger a heap based buffer overflow in the php mbstring extension. Attackers could potenially exploit that to execute arbitrary code (CVE-2008-5557). Affected products: SLES9, OES - apache2-mod_php5 php 5.2.9 fixes among other things some security issues: + Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory (CVE-2008-5498). + the mbstring.func_overload in .htaccess was applied to other virtual hosts on th same machine (CVE-2009-0754) Affected products: openSUSE 10.3-11.1, SLES10, SLES11 - struts Insufficient quoting of parameters allowed attackers to conduct cross site scripting (XSS) attacks (CVE-2008-2025). Affected products: openSUSE 10.3-11.1, SLES10, SLES11 - qemu qemu update to version 0.10.1 fixes the following security issues: + CVE-2008-0928: problems with range checks of block devices + CVE-2008-1945: problems with removable media handling + CVE-2008-2382: vncserver DoS + CVE-2008-4539: fix a heap overflow in the cirrus VGA implementation + CVE-2008-5714: off by one error in vnc password handling Affected products: openSUSE 10.3-11.1, SLES10, SLES11 - libsndfile Specially crafted CAF files could cause an integer overflow in libsndfile (CVE-2009-0186). Affected products: openSUSE 10.3-11.1, SLES10, SLES11 - phpMyAdmin This update of phpMyAdmin fixes multiple vulnerabilities: + CVE-2009-1148: directory traversal + CVE-2009-1149: CRLF injection + CVE-2009-1150: cross-site scripting + CVE-2009-1151: static code injection Affected products: openSUSE 10.3-11.0 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from This email address is being protected from spambots. You need JavaScript enabled to view it. with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to . ==================================================================== SUSE's security contact is or . The public key is listed below. ==================================================================== . SUSE Security Summary Report ID:SUSE-SR:2023:045 outlines various minor updates and provides critical safety evaluations.. SUSE Security Advisory, Vulnerability Fixes, Weekly Summary Report. . LinuxSecurity.com Team

Calendar 2 Apr 06, 2009 SuSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here