Explore top 10 tips to secure your open-source projects now. Read More
×
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, these problems have been fixed in version 150.0.7871.114-1~deb12u1.. Debian LTS Advisory DLA-4677-1
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, this problem has been fixed in version 150.0.7871.100-1~deb12u1.. Debian LTS Advisory DLA-4674-1
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (trixie), this problem has been fixed in version 150.0.7871.100-1~deb13u1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6384-1
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, these problems have been fixed in version 150.0.7871.46-1~deb12u1.. Debian LTS Advisory DLA-4672-1
Several security issues were fixed in Vim.. ========================================================================== Ubuntu Security Notice USN-8500-1 July 02, 2026 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim incorrectly handled path traversal in the zip.vim plugin. An attacker could possibly use this issue to overwrite arbitrary files. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2026-35177) It was discovered that Vim incorrectly handled depth tracking when processing spell files. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-55693, CVE-2026-55892) It was discovered that Vim incorrectly handled filename escaping in the netrw plugin. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-55895) It was discovered that Vim incorrectly handled length calculations when opening encrypted files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-57452) Dhruv Vishesh Gupta discovered that Vim incorrectly handled quoting of archive entry names. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-57453) It was discovered that Vim incorrectly handled bounds checking when translating words through a byte map. Anattacker could possibly use this issue to cause a denial of service. (CVE-2026-57455) Chenyuan Mi discovered that Vim incorrectly handled docstring escaping during Python omni-completion. An attacker could possibly use this issue to execute arbitrary code. (CVE-2026-57456) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS vim 2:9.1.2141-1ubuntu4.6 vim-common 2:9.1.2141-1ubuntu4.6 vim-gtk3 2:9.1.2141-1ubuntu4.6 vim-gui-common 2:9.1.2141-1ubuntu4.6 vim-motif 2:9.1.2141-1ubuntu4.6 vim-nox 2:9.1.2141-1ubuntu4.6 vim-runtime 2:9.1.2141-1ubuntu4.6 vim-tiny 2:9.1.2141-1ubuntu4.6 xxd 2:9.1.2141-1ubuntu4.6 Ubuntu 25.10 vim 2:9.1.0967-1ubuntu6.8 vim-athena 2:9.1.0967-1ubuntu6.8 vim-common 2:9.1.0967-1ubuntu6.8 vim-gtk3 2:9.1.0967-1ubuntu6.8 vim-gui-common 2:9.1.0967-1ubuntu6.8 vim-motif 2:9.1.0967-1ubuntu6.8 vim-nox 2:9.1.0967-1ubuntu6.8 vim-runtime 2:9.1.0967-1ubuntu6.8 vim-tiny 2:9.1.0967-1ubuntu6.8 xxd 2:9.1.0967-1ubuntu6.8 Ubuntu 24.04 LTS vim 2:9.1.0016-1ubuntu7.17 vim-athena 2:9.1.0016-1ubuntu7.17 vim-common 2:9.1.0016-1ubuntu7.17 vim-gtk3 2:9.1.0016-1ubuntu7.17 vim-gui-common 2:9.1.0016-1ubuntu7.17 vim-motif 2:9.1.0016-1ubuntu7.17 vim-nox 2:9.1.0016-1ubuntu7.17 vim-runtime 2:9.1.0016-1ubuntu7.17 vim-tiny 2:9.1.0016-1ubuntu7.17 xxd 2:9.1.0016-1ubuntu7.17 Ubuntu 22.04 LTS vim 2:8.2.3995-1ubuntu2.33 vim-athena 2:8.2.3995-1ubuntu2.33 vim-common 2:8.2.3995-1ubuntu2.33 vim-gtk 2:8.2.3995-1ubuntu2.33 vim-gtk3 2:8.2.3995-1ubuntu2.33 vim-gui-common 2:8.2.3995-1ubuntu2.33 vim-nox 2:8.2.3995-1ubuntu2.33 vim-runtime 2:8.2.3995-1ubuntu2.33 vim-tiny 2:8.2.3995-1ubuntu2.33 xxd 2:8.2.3995-1ubuntu2.33 Ubuntu 20.04 LTS vim 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-athena 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-common 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-gtk 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-gtk3 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-gui-common 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-nox 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-runtime 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro vim-tiny 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro xxd 2:8.1.2269-1ubuntu5.32+esm9 Available with Ubuntu Pro Ubuntu 18.04 LTS vim 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-athena 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-common 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-gnome 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-gtk 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-gtk3 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-gui-common 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-nox 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-runtime 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro vim-tiny 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro xxd 2:8.0.1453-1ubuntu1.13+esm21 Available with Ubuntu Pro Ubuntu 16.04 LTS vim 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-athena 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-athena-py2 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-common 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gnome 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gnome-py2 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gtk 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gtk-py2 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gtk3 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gtk3-py2 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-gui-common 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-nox 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-nox-py2 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-runtime 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro vim-tiny 2:7.4.1689-3ubuntu1.5+esm36 Available with Ubuntu Pro Ubuntu 14.04 LTS vim 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-athena 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-common 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-gnome 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-gtk 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-gui-common 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-lesstif 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-nox 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-runtime 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro vim-tiny 2:7.4.052-1ubuntu3.1+esm30 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8500-1 CVE-2026-35177, CVE-2026-55693, CVE-2026-55892, CVE-2026-55895, CVE-2026-57452, CVE-2026-57453, CVE-2026-57455, CVE-2026-57456 Package Information: https://launchpad.net/ubuntu/+source/vim/2:9.1.2141-1ubuntu4.6 https://launchpad.net/ubuntu/+source/vim/2:9.1.0967-1ubuntu6.8 https://launchpad.net/ubuntu/+source/vim/2:9.1.0016-1ubuntu7.17 https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.33 . Multiple security issues fixed in Vim affect various Ubuntu LTS releases, critical updates recommended for users.. Vim security update, Ubuntu vulnerabilities, security patch, system risks. . Severity: Critical. LinuxSecurity.com Team
Update to 1.648; Fix CVE-2026-9698 and CVE-2026-10879. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-134fcb8549 2026-06-26 00:58:32.039514+00:00 -------------------------------------------------------------------------------- Name : perl-DBI Product : Fedora 44 Version : 1.648 Release : 1.fc44 URL : http://dbi.perl.org/ Summary : A database access API for perl Description : DBI is a database access Application Programming Interface (API) for the Perl Language. The DBI API Specification defines a set of functions, variables and conventions that provide a consistent database interface independent of the actual database being used. -------------------------------------------------------------------------------- Update Information: Update to 1.648; Fix CVE-2026-9698 and CVE-2026-10879 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 4 2026 Jitka Plesnikova - 1.648-1 - 1.648 bump (rhbz#2484824) - Fix CVE-2026-9698 and CVE-2026-10879 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2488910 - CVE-2026-9698 perl-DBI: DBI: Buffer overflow in error handling can lead to arbitrary code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488910 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-134fcb8549' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Several security issues were fixed in xrdp.. ========================================================================== Ubuntu Security Notice USN-8476-1 June 25, 2026 xrdp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in xrdp. Software Description: - xrdp: an open source RDP server Details: It was discovered that xrdp incorrectly handled bounds checking when processing user domain information during the connection sequence. An unauthenticated remote attacker could use this issue to cause xrdp to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-68670) It was discovered that xrdp did not correctly enforce the maximum number of login attempts configured by the MaxLoginRetry parameter. A remote attacker could use this issue to perform an unlimited number of login attempts. (CVE-2024-39917) It was discovered that xrdp did not perform bounds checking when accessing font glyphs. Since some of this data is controllable by the user, a remote attacker could use this issue to cause xrdp to read out of bounds. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-42822) It was discovered that xrdp did not properly handle session establishment errors. A remote attacker could use this issue to bypass OS-level session restrictions enforced by PAM, such as the maximum number of concurrent sessions per user. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-40184) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 xrdp 0.10.1-3.1+deb13u1build0.25.10.1 Ubuntu 24.04 LTS xrdp 0.9.24-4ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS xrdp 0.9.17-2ubuntu3+esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS xrdp 0.9.12-1ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS xorgxrdp 0.9.5-2ubuntu0.1~esm3 Available with Ubuntu Pro xrdp 0.9.5-2ubuntu0.1~esm3 Available with Ubuntu Pro xrdp-pulseaudio-installer 0.9.5-2ubuntu0.1~esm3 Available with Ubuntu Pro After a standard system update you need to restart xrdp to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8476-1 CVE-2023-40184, CVE-2023-42822, CVE-2024-39917, CVE-2025-68670 Package Information: https://launchpad.net/ubuntu/+source/xrdp/0.10.1-3.1+deb13u1build0.25.10.1 . Multiple security fixes for xrdp enhance protection against denial of service and session issues in Ubuntu. Keep systems secure!. xrdp security update, Ubuntu xrdp vulnerabilities, Denial of Service xrdp, security patches Ubuntu, xrdp session management. . Severity: Critical. LinuxSecurity.com Team
Multiple security vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For the stable distribution (trixie), these problems have been fixed in. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6362-1
Get the latest Linux and open source security news straight to your inbox.