Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatepath traversal

SUSE: 2024:415-1 Moderate: bci/nodejs Security Update for CVE-2023-7207

The container bci/nodejs was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/nodejs ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:415-1 Container Tags : bci/node:18 , bci/node:18-15.11 , bci/nodejs:18 , bci/nodejs:18-15.11 Container Release : 15.11 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/nodejs was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.77 updated . Limited security enhancement notice for bci/nodejs regarding CVE-2023-7207 aimed at strengthening security measures.. SUSE Container Update,bci/nodejs security update, security patch. . LinuxSecurity.com Team

Calendar 2 Jan 31, 2024 SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderate severitysuse

SUSE Container Update: 2024:370-1 Moderate Archive Extraction Risk

The container bci/dotnet-runtime was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-runtime ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:370-1 Container Tags : bci/dotnet-runtime:6.0 , bci/dotnet-runtime:6.0-20.10 , bci/dotnet-runtime:6.0.26 , bci/dotnet-runtime:6.0.26-20.10 Container Release : 20.10 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/dotnet-runtime was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.77 updated . SUSE improves bci/python-runtime container integrity through essential enhancements and highlights weaknesses addressed.. bci/dotnet-runtime,SUSE Container Update,security patch. . LinuxSecurity.com Team

Calendar 2 Jan 27, 2024 SuSE
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycode executionUbuntu

Ubuntu 20.10, 20.04, 18.04: USN-4733-2 Regression Fix for GNOME Autoar

USN-4733-1 introduced a regression in GNOME Autoar.. =========================================================================Ubuntu Security Notice USN-4733-2 March 08, 2021 gnome-autoar regression ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: USN-4733-1 introduced a regression in GNOME Autoar. Software Description: - gnome-autoar: Archive integration support for GNOME Details: USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Original advisory details: Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: libgnome-autoar-0-0 0.2.4-2ubuntu0.2 libgnome-autoar-gtk-0-0 0.2.4-2ubuntu0.2 Ubuntu 20.04 LTS: libgnome-autoar-0-0 0.2.3-2ubuntu0.2 libgnome-autoar-gtk-0-0 0.2.3-2ubuntu0.2 Ubuntu 18.04 LTS: libgnome-autoar-0-0 0.2.3-1ubuntu0.2 libgnome-autoar-gtk-0-0 0.2.3-1ubuntu0.2 After a standard system update you need to restart your session to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4733-1 https://bugs.launchpad.net/ubuntu/+source/gnome-autoar/+bug/1917812 Package Information: https://launchpad.net/ubuntu/+source/gnome-autoar/0.2.4-2ubuntu0.2 https://launchpad.net/ubuntu/+source/gnome-autoar/0.2.3-2ubuntu0.2 https://launchpad.net/ubuntu/+source/gnome-autoar/0.2.3-1ubuntu0.2 . Addresses USN-4733-2concerning GNOME Autoar, rectifying a regression problem that influences several Ubuntu versions while enhancing overall security.. Gnome Autoar Regression, Ubuntu Security Notice, Archive Extraction, System Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 08, 2021 Critical Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuedebian

Debian DSA-3643-1 Critical: kde4libs Remote File Overwrite Threat

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with "../" in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3643-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : kde4libs CVE ID : CVE-2016-6232 Debian Bug : 832620 Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with "../" in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricked into extracting a specially crafted archive. For the stable distribution (jessie), this problem has been fixed in version 4:4.14.2-5+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 4:4.14.22-2. We recommend that you upgrade your kde4libs packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-3745-1 addressing a vulnerability in libcurl allowing unauthorized access through manipulated URLs.. Debian Security Advisory,kde4libs Archive Issue,Remote Access Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 06, 2016 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowcritical

Debian DSA-3113-1 Critical: Unzip Buffer Overflow Threats

Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function (CVE-2014-8139), the test_compr_eb() function (CVE-2014-8140) and the . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3113-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Salvatore Bonaccorso December 28, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unzip CVE ID : CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Debian Bug : 773722 Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function (CVE-2014-8139), the test_compr_eb() function (CVE-2014-8140) and the getZip64Data() function (CVE-2014-8141), which may lead to the execution of arbitrary code. For the stable distribution (wheezy), these problems have been fixed in version 6.0-8+deb7u1. For the upcoming stable distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 6.0-13. We recommend that you upgrade your unzip packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-3220-2 highlights an urgent unzip security patch addressing archive extraction flaws on January 15.. Debian Security, Unzip Update, Archive Extraction, Heap Overflow. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 28, 2014 Critical Debian
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatesecurity update

Scientific Linux: CVE-2007-4134 Moderate: Star Path Traversal Threat

Moderate: star security update. Date: Wed, 5 Sep 2007 09:00:23 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for star on SL5.x, SL4.x, SL3,x i386/x86_64 Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Moderate: star security update Issue date: 2007-09-04 CVE Names: CVE-2007-4134 A path traversal flaw was discovered in the way star extracted archives. A malicious user could create a tar archive that would cause star to write to arbitrary files to which the user running star had write access. (CVE-2007-4134) As well, this update adds the command line argument "-.." to the Red Hat Enterprise Linux 3 version of star. This allows star to extract files containing "/../" in their pathname. SL 3.0.x SRPMS: star-1.5a08-5.src.rpm i386: star-1.5a08-5.i386.rpm x86_64: star-1.5a08-5.x86_64.rpm SL 4.x SRPMS: star-1.5a25-8.src.rpm i386: star-1.5a25-8.i386.rpm x86_64: star-1.5a25-8.x86_64.rpm SL 5.x SRPMS: star-1.5a75-2.src.rpm i386: star-1.5a75-2.i386.rpm x86_64: star-1.5a75-2.x86_64.rpm -Connie Sieh -Troy Dawson . Timely security patch for Scientific Linux tackling data retrieval vulnerability. Crucial remedy for directory traversal threat.. Scientific Linux, star security update, path traversal fix, archive extraction issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 05, 2007 Important Scientific Linux
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalfile overwrite

Ubuntu 6.06 LTS USN-507-1 Security: Archive File Damage Risk

Dmitry V. Levin discovered that tar did not correctly detect the ".." file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges. . =========================================================== Ubuntu Security Notice USN-506-1 August 28, 2007 tar vulnerability CVE-2007-4131 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: tar 1.15.1-2ubuntu2.2 Ubuntu 6.10: tar 1.15.91-2ubuntu0.4 Ubuntu 7.04: tar 1.16-2ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Dmitry V. Levin discovered that tar did not correctly detect the ".." file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 30265 942e8c377c23bbc46f47a8e306472135 Size/MD5: 574 6eefc042a8904f74897bec43aefcc5ce Size/MD5: 2204322 d87021366fe6488e9dc398fcdcb6ed7d amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 532120 4c4e01e4b1935b8536082d52e743eced i386 architecture (x86 compatible Intel/AMD): Size/MD5: 519474 4fc1e5062e85522e7ece4fc41348ffcc powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 534002 4d125cb2f9a70103406fcffc38fb7c72 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 523738 f35f05eda6af9c7c71309b30c5b67ade Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 17154 137870e841e8747620d21dcd74c53605 Size/MD5: 596 31b32f0fc8de2c1831c4fe5ee08605fe Size/MD5: 2016367 e2338a16b0464ec03826e000dae990a0 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 361714 9dd595cf3533c315bbb4077f9473fb95 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 346448 985e0744fda8c857c9934b0a6e4f4f1a powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 365564 da0213871f1b9f69998eb1dcf1e36d01 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 348146 cab05a5c0a0f44187f1797236027d52a Updated packages for Ubuntu 7.04: Source archives: Size/MD5: 30764 f9dbcc2a923a42bd50de51d85356a384 Size/MD5: 671 b82b0785568b2443a719ac8893c57a4f Size/MD5: 2199571 d971b9d6114ad0527ef89fab0d3167e0 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 364462 508888d63f0c6b469cabd7eb21ac665b i386 architecture (x86 compatible Intel/AMD): Size/MD5: 321504 e880472e46b23edf60f42ed033776c68 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 340228 11eeee2a3e1a8e0eea73eebf97402559 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 323288 1bfbbd1ff5c0a03db04e6af56300a9d8 . Learn effective strategies to tackle the Ubuntu tar security flaw USN-506-1 by implementing timely patches to avert file replacement complications.. Ubuntu Tar Vulnerability, File Overwrite, Critical Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 28, 2007 Critical Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here