Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 27 articles for you...
89

Fedora 43 perl-Archive-Tar Important Path Traversal CVE-2026-42496 Advisory

Fixed CVE-2026-42496 - Path traversal via crafted symlinks allows arbitrary file access Backported from 3.08. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6988e8f652 2026-06-19 01:08:57.989060+00:00 -------------------------------------------------------------------------------- Name : perl-Archive-Tar Product : Fedora 43 Version : 3.04 Release : 522.fc43 URL : https://metacpan.org/release/Archive-Tar Summary : A module for Perl manipulation of .tar files Description : Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compressed or gzipped tar files. -------------------------------------------------------------------------------- Update Information: Fixed CVE-2026-42496 - Path traversal via crafted symlinks allows arbitrary file access Backported from 3.08 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 3 2026 Jitka Plesnikova - 3.04-522 - Fix CVE-2026-42496 (rhbz#2484320) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2484320 - CVE-2026-42496 perl-Archive-Tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484320 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6988e8f652' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 update for perl-Archive-Tar addresses CVE-2026-42496 path traversal risk via crafted symlinks for arbitrary access.. Fedora Update, Path Traversal Fix, Perl Archive Tar Update, Security Advisory, CVE-2026-42496. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 18, 2026 Important Fedora
197

Debian git-lfs Moderate File Oversight Advisory DLA-4610-1 CVE-2025-26625

In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands could write to files visible outside the current Git working tree if symbolic or hard links existed which collided with the paths of files tracked by Git LFS.. Debian LTS Advisory DLA-4610-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Andrej Shadura May 31, 2026 https://wiki.debian.org/LTS Package : git-lfs Version : 2.13.2-1+deb11u2 CVE ID : CVE-2025-26625 In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands could write to files visible outside the current Git working tree if symbolic or hard links existed which collided with the paths of files tracked by Git LFS. The git lfs checkout and git lfs pull commands did not check for symbolic links before writing to files in the working tree, which allowed an attacker to craft a repository containing symbolic or hard links that caused Git LFS to write to arbitrary file system locations accessible to the user running these commands. Also, when the git lfs checkout and git lfs pull commands were run in a bare repository, they could write to files visible outside the repository. The complete fix to this issue, specifically the behaviour of git lfs pull, requires a newer Git version, 2.42.0 or newer. As a workaround, support for symlinks in Git may be disabled by setting the core.symlinks configuration option to false, after which further clones and fetches will not create symbolic links. However, any symbolic or hard links in existing repositories will still provide the opportunity for Git LFS to write to their targets. For Debian 11 bullseye, this problem has been partially fixed in version 2.13.2-1+deb11u2. For a complete fix, Git 2.42.0 or newer is also required. We recommend that you upgrade yourgit-lfs packages. For the detailed security status of git-lfs please refer to its security tracker page at: https://security-tracker.debian.org/tracker/git-lfs Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-4610-1 addresses file access issues in git-lfs impacting Git repositories.. Debian git-lfs security fix, file system vulnerability, symbolic links risk. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 May 31, 2026 moderate Debian LTS
89

Fedora 43 rust-nix Arbitrary Permission Vulnerability Fix 2026-d18cf572b8

Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-d18cf572b8 2026-03-28 00:45:01.877972+00:00 -------------------------------------------------------------------------------- Name : rust-nix Product : Fedora 43 Version : 0.31.2 Release : 1.fc43 URL : https://crates.io/crates/nix Summary : Rust friendly bindings to *nix APIs Description : Rust friendly bindings to *nix APIs. -------------------------------------------------------------------------------- Update Information: Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar. Update to 0.9.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 17 2026 Benjamin A. Beasley - 0.31.2-1 - Update to verison 0.31.2; Fixes RHBZ#2443509 * Thu Feb 12 2026 Fabio Valentini - 0.31.1-2 - Skip one additional test that fails on RHEL 9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448054 - rust-astral-tokio-tar-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448054 [ 2 ] Bug #2449243 - uv-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449243 [ 3 ] Bug #2449274 - rust-tar-0.4.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449274 [ 4 ] Bug #2449338 - python-uv-build-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449338 [ 5 ] Bug #2449551 - CVE-2026-32766 python-uv-build: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2449551 [ 6 ] Bug #2449553 - CVE-2026-32766 uv: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2449553 [ 7 ] Bug #2449645 - python-fastar-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449645 [ 8 ] Bug #2449681 - CVE-2026-33056 maturin: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449681 [ 9 ] Bug #2449683 - CVE-2026-33056 python-fastar: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449683 [ 10 ] Bug #2449684 - CVE-2026-33056 python-uv-build: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449684 [ 11 ] Bug #2449694 - CVE-2026-33056 uv: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449694 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d18cf572b8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical updates for Fedora 43 addressing multiple security flaws in various software packages including rust-nix.. Rust Software Update, Fedora Security Advisory, Arbitrary Permission Exploit, Package Management Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 28, 2026 Important Fedora
89

Ubuntu 22 secret-nix Serious File Access Problems 2025-f11b6cde3e

Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e22a7dbf2d 2026-03-28 00:15:26.019772+00:00 -------------------------------------------------------------------------------- Name : rust-nix Product : Fedora 44 Version : 0.31.2 Release : 1.fc44 URL : https://crates.io/crates/nix Summary : Rust friendly bindings to *nix APIs Description : Rust friendly bindings to *nix APIs. -------------------------------------------------------------------------------- Update Information: Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 17 2026 Benjamin A. Beasley - 0.31.2-1 - Update to verison 0.31.2; Fixes RHBZ#2443509 * Thu Feb 12 2026 Fabio Valentini - 0.31.1-2 - Skip one additional test that fails on RHEL 9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448054 - rust-astral-tokio-tar-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448054 [ 2 ] Bug #2449243 - uv-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449243 [ 3 ] Bug #2449274 - rust-tar-0.4.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449274 [ 4 ] Bug #2449338 - python-uv-build-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449338 [ 5 ] Bug #2449645 - python-fastar-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449645 [ 6 ] Bug #2449681 - CVE-2026-33056 maturin: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449681 [ 7 ] Bug #2449683 - CVE-2026-33056 python-fastar: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449683 [ 8 ] Bug #2449684 - CVE-2026-33056 python-uv-build: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449684 [ 9 ] Bug #2449694 - CVE-2026-33056 uv: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449694 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e22a7dbf2d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical update for Fedora 44 addressing multiple security flaws in Rust packages. Immediate attention recommended.. Fedora 44, rust-nix, security improvement, package update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 28, 2026 Critical Fedora
100

SUSE 15 SP7 python313-wheel Important Permission Modification 2026-0425-1

An update that solves one vulnerability can now be installed.. # Security update for python313-wheel Announcement ID: SUSE-SU-2026:0425-1 Release Date: 2026-02-11T08:30:17Z Rating: important References: * bsc#1257100 Cross-References: * CVE-2026-24049 CVSS scores: * CVE-2026-24049 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-24049 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2026-24049 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python313-wheel fixes the following issues: * CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification (bsc#1257100). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-425=1 ## Package List: * Python 3 Module 15-SP7 (noarch) * python313-wheel-0.44.0-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24049.html * https://bugzilla.suse.com/show_bug.cgi?id=1257100 . A vital security update for python313-wheel is available, addressing an important vulnerability impacting SUSE systems.. SUSE Update, python313-wheel, Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 11, 2026 Important SuSE
89

Fedora 41: 2025-047d8f57ea critical: perl-File-Find-Rule code execution

Fix CVE-2011-10007. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-047d8f57ea 2025-06-21 02:10:24.663081+00:00 -------------------------------------------------------------------------------- Name : perl-File-Find-Rule Product : Fedora 41 Version : 0.35 Release : 1.fc41 URL : https://metacpan.org/dist/File-Find-Rule Summary : Perl module implementing an alternative interface to File::Find Description : File::Find::Rule is a friendlier interface to File::Find. It allows you to build rules which specify the desired files and directories. -------------------------------------------------------------------------------- Update Information: Fix CVE-2011-10007 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 11 2025 Jitka Plesnikova - 0.35-1 - 0.35 bump (rhbz#2371137) - fix CVE-2011-10007 - Updated BRs -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370473 - CVE-2011-10007 perl-File-Find-Rule: File::Find::Rule Arbitrary Code Execution [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370473 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-047d8f57ea' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Debian announces patch for python-Requests to address serious vulnerability concerning unauthorized code execution.. perl module, Fedora Update, code execution fix, security alert. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 21, 2025 Critical Fedora
89

Fedora 42: FEDORA-2025-e788608959 critical: yelp-xsl file access issue

Fix CVE-2025-3155 - arbitrary file-read.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-e788608959 2025-05-21 02:16:05.620124+00:00 -------------------------------------------------------------------------------- Name : yelp-xsl Product : Fedora 42 Version : 42.1 Release : 7.fc42 URL : https://download.gnome.org/sources/yelp-xsl Summary : XSL stylesheets for the yelp help browser Description : This package contains XSL stylesheets that are used by the yelp help browser. -------------------------------------------------------------------------------- Update Information: Fix CVE-2025-3155 - arbitrary file-read. -------------------------------------------------------------------------------- ChangeLog: * Thu May 15 2025 Jan Grulich - 42.1-7 - Fix CVE-2025-3155 - arbitrary file-read -------------------------------------------------------------------------------- References: [ 1 ] Bug #2357092 - CVE-2025-3155 yelp: Arbitrary file read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2357092 [ 2 ] Bug #2366258 - yelp-42.2-9.fc42 breaks rendering https://bugzilla.redhat.com/show_bug.cgi?id=2366258 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e788608959' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribesend an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Yelp-xsl has been upgraded to resolve CVE-2025-3155, implementing a solution for vulnerabilities allowing unrestricted file access.. yelp-xsl update, Fedora advisory, file-read fix, security notice, arbitrary file access. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 21, 2025 Critical Fedora
172

Ubuntu 7394-1: Doorkeeper Security Advisory Updates

Several security issues were fixed in ruby-doorkeeper.. ========================================================================== Ubuntu Security Notice USN-7394-1 March 31, 2025 ruby-doorkeeper vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in ruby-doorkeeper. Software Description: - ruby-doorkeeper: OAuth 2 provider for Rails and Grape Details: Jonathan Clem and Justin Bull discovered that Doorkeeper could allow arbitrary token revocation and replay attacks. An attacker could possibly use this issue to gain unauthorized access to a system. (CVE-2016-6582) It was discovered that Doorkeeper incorrectly handled storing client names. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. (CVE-2018-1000088) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS ruby-doorkeeper 2.2.1-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7394-1 CVE-2016-6582, CVE-2018-1000088 . Security fixes for ruby-doorkeeper vulnerabilities addressed in Ubuntu Security Notice USN-7394-1, March 31, 2025.. security, ruby-doorkeeper, =============================================. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 31, 2025 Critical Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200