Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 11 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severityfedora

Fedora 40: 2024-129d8ca6fc High: Ant Type Confusion and Java Update

Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-129d8ca6fc 2024-03-07 22:24:39.963937 -------------------------------------------------------------------------------- Name : ant Product : Fedora 40 Version : 1.10.14 Release : 10.fc40 URL : https://ant.apache.org/ Summary : Java build tool Description : Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks. -------------------------------------------------------------------------------- Update Information: Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires Automatic update for lucene-9.9.2-1.fc40. bump java source/target to 1.8, fixes 2266639 -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 2 2024 Jiri Vanek - 1.10.14-10 - Rebuilt for java-21-openjdk as system jdk * Fri Mar 1 2024 Jiri Vanek - 1.10.14-9 - bump of release for for java-21-openjdk as system jdk -------------------------------------------------------------------------------- References: [ 1 ] Bug #2123726 - consoleImageViewer crashes at start https://bugzilla.redhat.com/show_bug.cgi?id=2123726 [ 2 ] Bug #2261062 - directory-maven-plugin: FTBFS in Fedora rawhide/f40 https://bugzilla.redhat.com/show_bug.cgi?id=2261062 [ 3 ] Bug #2266639 - directory-maven-plugin fails to build with java-21-openjdk https://bugzilla.redhat.com/show_bug.cgi?id=2266639 [ 4 ] Bug #2266934 - CVE-2024-1938 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266934 [ 5 ] Bug #2266937 - CVE-2024-1939 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266937 [ 6 ] Bug #2267486 - Include Java 21 as system Java Change in Fedora 40 Beta https://bugzilla.redhat.com/show_bug.cgi?id=2267486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-129d8ca6fc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The Fedora update for Apache Ant resolves Type Confusion vulnerabilities and incorporates modifications to the system JDK, along with essential security updates and enhancements.. Apache Ant,Type Confusion, Fedora Update, Java Upgrade, Security Fix. . LinuxSecurity.com Team

Calendar 2 Mar 07, 2024 Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatepatch

SUSE: 2022:1417-1 Moderate: Ant Memory Allocation Risks Addressed

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for ant ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1417-1 Rating: moderate References: #1188468 #1188469 Cross-References: CVE-2021-36373 CVE-2021-36374 CVSS scores: CVE-2021-36373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-36373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-36374 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-36374 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for ant fixes the following issues: - CVE-2021-36373: Fixed an excessive memory allocation when reading a specially crafted TAR archive (bsc#1188468). - CVE-2021-36374: Fixed an excessive memory allocation when reading a specially crafted ZIP archive (bsc#1188469). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1417=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1417=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch): ant-1.9.4-3.9.1 ant-antlr-1.9.4-3.9.1 ant-apache-bcel-1.9.4-3.9.1 ant-apache-bsf-1.9.4-3.9.1 ant-apache-log4j-1.9.4-3.9.1 ant-apache-oro-1.9.4-3.9.1 ant-apache-regexp-1.9.4-3.9.1 ant-apache-resolver-1.9.4-3.9.1 ant-commons-logging-1.9.4-3.9.1 ant-javadoc-1.9.4-3.9.1 ant-javamail-1.9.4-3.9.1 ant-jdepend-1.9.4-3.9.1 ant-jmf-1.9.4-3.9.1 ant-junit-1.9.4-3.9.1 ant-manual-1.9.4-3.9.1 ant-scripts-1.9.4-3.9.1 ant-swing-1.9.4-3.9.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): ant-1.9.4-3.9.1 References: https://www.suse.com/security/cve/CVE-2021-36373.html https://www.suse.com/security/cve/CVE-2021-36374.html https://bugzilla.suse.com/1188468 https://bugzilla.suse.com/1188469 . A recent patch for ant addresses two moderate-level vulnerabilities associated with uncontrolled memory usage in specially crafted archive files.. SUSE Linux Enterprise ant update, memory allocation fix, ant security patch. . LinuxSecurity.com Team

Calendar 2 Apr 27, 2022 SuSE
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateupdate

Fedora 31: FEDORA-2020-3ce0f55bc5 Moderate: Ant Update CVE-2020-11979

Update to version 1.10.9. Addresses CVE-2020-11979. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-3ce0f55bc5 2020-10-25 01:05:43.167516 --------------------------------------------------------------------------------Name : ant Product : Fedora 31 Version : 1.10.9 Release : 1.fc31 URL : https://ant.apache.org/ Summary : Java build tool Description : Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks. --------------------------------------------------------------------------------Update Information: Update to version 1.10.9. Addresses CVE-2020-11979 --------------------------------------------------------------------------------ChangeLog: * Fri Oct 16 2020 Fabio Valentini - 0:1.10.9-1 - Update to version 1.10.9. - Addresses: CVE-2020-11979 --------------------------------------------------------------------------------References: [ 1 ] Bug #1883897 - ant-1.10.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1883897 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-3ce0f55bc5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Patch released for Fedora 31 resolves vulnerability in ant version 1.10.9 linked to CVE-2020-11979. Check for more information.. Fedora 31, ant, Java Security Update, CVE-2020-11979, build tool. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 24, 2020 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdatecritical

Fedora 33: FEDORA-2020-2640aa4e19 Critical: Ant Update for CVE-2020-11979

Update to version 1.10.9. Addresses CVE-2020-11979. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-2640aa4e19 2020-10-23 22:01:02.262501 --------------------------------------------------------------------------------Name : ant Product : Fedora 33 Version : 1.10.9 Release : 1.fc33 URL : https://ant.apache.org/ Summary : Java build tool Description : Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks. --------------------------------------------------------------------------------Update Information: Update to version 1.10.9. Addresses CVE-2020-11979 --------------------------------------------------------------------------------ChangeLog: * Fri Oct 16 2020 Fabio Valentini - 0:1.10.9-1 - Update to version 1.10.9. - Addresses: CVE-2020-11979 * Wed Sep 16 2020 Fabio Valentini - 0:1.10.8-6 - Remove workaround for jarsigner issues / RHBZ#1869017. * Wed Sep 9 2020 Fabio Valentini - 0:1.10.8-5 - Switch from log4j 1.2 compat package to log4j 1.2 API shim. --------------------------------------------------------------------------------References: [ 1 ] Bug #1883897 - ant-1.10.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1883897 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-2640aa4e19' at the command line. For moreinformation, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest Fedora release tackles critical vulnerabilities found in Apache Ant, improving overall security and performance for users.. Fedora updates, Apache Ant, security fixes, Fedora advisory, Java applications. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 23, 2020 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateinformation leak

openSUSE: 2020:1022-1 Moderate: Ant Temporary File Issue

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ant ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1022-1 Rating: moderate References: #1171696 Cross-References: CVE-2020-1945 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ant fixes the following issues: - CVE-2020-1945: Fixed an inseure temorary file vulnerability which could have potentially leaked sensitive information (bsc#1171696). This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1022=1 Package List: - openSUSE Leap 15.2 (noarch): ant-1.10.7-lp152.2.3.1 ant-antlr-1.10.7-lp152.2.3.1 ant-apache-bcel-1.10.7-lp152.2.3.1 ant-apache-bsf-1.10.7-lp152.2.3.1 ant-apache-log4j-1.10.7-lp152.2.3.1 ant-apache-oro-1.10.7-lp152.2.3.1 ant-apache-regexp-1.10.7-lp152.2.3.1 ant-apache-resolver-1.10.7-lp152.2.3.1 ant-apache-xalan2-1.10.7-lp152.2.3.1 ant-commons-logging-1.10.7-lp152.2.3.1 ant-commons-net-1.10.7-lp152.2.3.1 ant-imageio-1.10.7-lp152.2.3.1 ant-javamail-1.10.7-lp152.2.3.1 ant-jdepend-1.10.7-lp152.2.3.1 ant-jmf-1.10.7-lp152.2.3.1 ant-jsch-1.10.7-lp152.2.3.1 ant-junit-1.10.7-lp152.2.3.1 ant-junit5-1.10.7-lp152.2.3.1 ant-manual-1.10.7-lp152.2.3.1 ant-scripts-1.10.7-lp152.2.3.1 ant-swing-1.10.7-lp152.2.3.1 ant-testutil-1.10.7-lp152.2.3.1 ant-xz-1.10.7-lp152.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-1945.html https://bugzilla.suse.com/1171696 -- . This patch for Fedora tackles a medium-level security concern related to an exposed session log.. openSUSE Ant Update, Security Patch, Information Leak Fix. . LinuxSecurity.com Team

Calendar 2 Jul 20, 2020 OpenSUSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity issue

Fedora 32: FEDORA-2020-7f07da3fef Moderate: Ant Insecure File Issue

Update to version 1.10.8. Resolves: CVE-2020-1945. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-7f07da3fef 2020-06-02 03:52:30.199794 --------------------------------------------------------------------------------Name : ant Product : Fedora 32 Version : 1.10.8 Release : 1.fc32 URL : https://ant.apache.org/ Summary : Java build tool Description : Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks. --------------------------------------------------------------------------------Update Information: Update to version 1.10.8. Resolves: CVE-2020-1945 --------------------------------------------------------------------------------ChangeLog: * Sat May 16 2020 Fabio Valentini - 0:1.10.8-1 - Update to version 1.10.8. - Addresses: CVE-2020-1945 * Fri May 8 2020 Fabio Valentini - 0:1.10.7-1 - Update to version 1.10.7. --------------------------------------------------------------------------------References: [ 1 ] Bug #1835326 - ant-1.10.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1835326 [ 2 ] Bug #1837445 - CVE-2020-1945 ant: insecure temporary file vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1837445 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-7f07da3fef' at thecommand line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 32 has updated Apache Ant to fix a critical file vulnerability identified as CVE-2020-1945. It's crucial to upgrade immediately!. Apache Ant Update,Fedora 32 Security,Insecure File Vulnerability,Software Update Advisory. . LinuxSecurity.com Team

Calendar 2 Jun 01, 2020 Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 31: FEDORA-2020-52741b0a49 Moderate: Ant Insecure File

Update to version 1.10.8. Resolves: CVE-2020-1945. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-52741b0a49 2020-06-02 03:13:01.308763 --------------------------------------------------------------------------------Name : ant Product : Fedora 31 Version : 1.10.8 Release : 1.fc31 URL : https://ant.apache.org/ Summary : Java build tool Description : Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks. --------------------------------------------------------------------------------Update Information: Update to version 1.10.8. Resolves: CVE-2020-1945 --------------------------------------------------------------------------------ChangeLog: * Sat May 16 2020 Fabio Valentini - 0:1.10.8-1 - Update to version 1.10.8. - Addresses: CVE-2020-1945 * Fri May 8 2020 Fabio Valentini - 0:1.10.7-1 - Update to version 1.10.7. --------------------------------------------------------------------------------References: [ 1 ] Bug #1835326 - ant-1.10.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1835326 [ 2 ] Bug #1837445 - CVE-2020-1945 ant: insecure temporary file vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1837445 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-52741b0a49' at thecommand line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Ant 1.10.8 release addresses vulnerabilities in temporary file handling on Fedora, significantly improving security for Java software.. Fedora Update, Ant Tool, Java Security Patch, Software Update, Insecure File Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 01, 2020 Important Fedora
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryarbitrary command executionmedium

Arch Linux: 202005-15 Medium: Ant Vulnerable To Command Injection

The package ant before version 1.10.8-1 is vulnerable to arbitrary command execution. . Arch Linux Security Advisory ASA-202005-15 ========================================= Severity: Medium Date : 2020-05-20 CVE-ID : CVE-2020-1945 Package : ant Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-1159 Summary ====== The package ant before version 1.10.8-1 is vulnerable to arbitrary command execution. Resolution ========= Upgrade to 1.10.8-1. # pacman -Syu "ant> =1.10.8-1" The problem has been fixed upstream in version 1.10.8. Workaround ========= None. Description ========== Apache Ant uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. Impact ===== A local malicious user can inject code into the ant build process. References ========= https://lists.apache.org/thread/r8e592bbfc016a5dbe2a8c0e81ff99682b9c78c453621b82c14e7b75e@%3Cdev.ant.apache.org%3E https://security.archlinux.org/CVE-2020-1945 . Arch Linux Security Notice ASA-202305-12: Moderate risk of unauthorized command execution in ant software prior to version v1.10.8-1.. Arch Linux Advisory, Arbitrary Command Execution, Ant Package Security. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Jun 01, 2020 Medium ArchLinux
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here