Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (2)

Important (1)

Dovecot (141)

debian (8034)

denial of service (18299)

important (27751)

information leak (1384)

security advisory (114945)

critical (18622)

gsasl (5)

security update (9017)

SuSE (3977)

Fedora (3)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -6 articles for you...

security advisoryfedoracritical

Fedora 42 python-fastar Critical Update 2026-23bb71ea52 Alert

Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-23bb71ea52 2026-03-29 01:07:01.422539+00:00 -------------------------------------------------------------------------------- Name : python-fastar Product : Fedora 42 Version : 0.8.0 Release : 4.fc42 URL : https://github.com/DoctorJohn/fastar Summary : High-level bindings for the Rust tar crate Description : The fastar library wraps the Rust tar, flate2, and zstd crates, providing a high-performance way to work with compressed and uncompressed tar archives in Python. -------------------------------------------------------------------------------- Update Information: Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 21 2026 Benjamin A. Beasley - 0.8.0-4 - Rebuilt with rust-tar 0.4.45 for CVE-2026-33056 * Fri Mar 20 2026 Benjamin A. Beasley - 0.8.0-3 - Allow PyO3 0.28 * Sat Jan 17 2026 Fedora Release Engineering - 0.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448054 - rust-astral-tokio-tar-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448054 [ 2 ] Bug #2449243 - uv-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449243 [ 3 ] Bug #2449274 - rust-tar-0.4.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449274 [ 4 ] Bug #2449338 - python-uv-build-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449338 [ 5 ] Bug #2449547 - CVE-2026-32766 python-uv-build: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2449547 [ 6 ] Bug #2449549 - CVE-2026-32766 uv: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2449549 [ 7 ] Bug #2449645 - python-fastar-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449645 [ 8 ] Bug #2449681 - CVE-2026-33056 maturin: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449681 [ 9 ] Bug #2449683 - CVE-2026-33056 python-fastar: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449683 [ 10 ] Bug #2449684 - CVE-2026-33056 python-uv-build: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449684 [ 11 ] Bug #2449694 - CVE-2026-33056 uv: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449694 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-23bb71ea52' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . High-level python package python-fastar updated to fix critical security issues in Fedora 42 affecting archive processing.. Fedora python-fastar security archive CVE-2026-33056 CVE-2026-32766. . Severity: Critical. LinuxSecurity.com Team

Mar 29, 2026 •Critical Fedora

security advisoryfedoraimportant

CentOS 8 python-uv-maintenance Log Analysis Flaw 2026-45bb82ea64

Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-23bb71ea52 2026-03-29 01:07:01.422539+00:00 -------------------------------------------------------------------------------- Name : python-uv-build Product : Fedora 42 Version : 0.10.12 Release : 1.fc42 URL : https://pypi.org/project/uv-build Summary : The uv build backend Description : This package is a slimmed down version of uv containing only the build backend. -------------------------------------------------------------------------------- Update Information: Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 20 2026 Benjamin A. Beasley - 0.10.12-1 - Update to 0.10.12 (close RHBZ#2449338) * Tue Mar 17 2026 Benjamin A. Beasley - 0.10.11-1 - Update to 0.10.11 (close RHBZ#2448298) * Sun Mar 15 2026 Benjamin A. Beasley - 0.10.10-1 - Update to 0.10.10 (close RHBZ#2447539) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448054 - rust-astral-tokio-tar-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448054 [ 2 ] Bug #2449243 - uv-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449243 [ 3 ] Bug #2449274 - rust-tar-0.4.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449274 [ 4 ] Bug #2449338 - python-uv-build-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449338 [ 5 ] Bug #2449547 - CVE-2026-32766 python-uv-build: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2449547 [ 6 ] Bug #2449549 - CVE-2026-32766 uv: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2449549 [ 7 ] Bug #2449645 - python-fastar-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449645 [ 8 ] Bug #2449681 - CVE-2026-33056 maturin: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449681 [ 9 ] Bug #2449683 - CVE-2026-33056 python-fastar: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449683 [ 10 ] Bug #2449684 - CVE-2026-33056 python-uv-build: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449684 [ 11 ] Bug #2449694 - CVE-2026-33056 uv: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449694 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-23bb71ea52' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key.More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 42 update for python-uv-build addresses important issues like archive misinterpretation and directory modifications.. Fedora Updates, python-uv-build, archive security, directory permissions. . Severity: Important. LinuxSecurity.com Team

Mar 29, 2026 •Important Fedora

security advisoryfedoracritical

Fedora 43 Python Uv Build Critical Archive Misinterpretation Fix Update

Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-d18cf572b8 2026-03-28 00:45:01.877972+00:00 -------------------------------------------------------------------------------- Name : python-uv-build Product : Fedora 43 Version : 0.10.12 Release : 1.fc43 URL : https://pypi.org/project/uv-build Summary : The uv build backend Description : This package is a slimmed down version of uv containing only the build backend. -------------------------------------------------------------------------------- Update Information: Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv and python- uv-build to 0.10.2, rebuilding them with the latest rust-astral-tokio-tar and rust-tar. Update python-fastar to 0.9.0, rebuilding it with the lastest rust- tar. Rebuild maturin with the latest rust-tar. Update to 0.9.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 20 2026 Benjamin A. Beasley - 0.10.12-1 - Update to 0.10.12 (close RHBZ#2449338) * Tue Mar 17 2026 Benjamin A. Beasley - 0.10.11-1 - Update to 0.10.11 (close RHBZ#2448298) * Sun Mar 15 2026 Benjamin A. Beasley - 0.10.10-1 - Update to 0.10.10 (close RHBZ#2447539) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448054 - rust-astral-tokio-tar-0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2448054 [ 2 ] Bug #2449243 - uv-0.10.12 isavailable https://bugzilla.redhat.com/show_bug.cgi?id=2449243 [ 3 ] Bug #2449274 - rust-tar-0.4.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449274 [ 4 ] Bug #2449338 - python-uv-build-0.10.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449338 [ 5 ] Bug #2449551 - CVE-2026-32766 python-uv-build: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2449551 [ 6 ] Bug #2449553 - CVE-2026-32766 uv: astral-tokio-tar: Potential archive misinterpretation via malformed PAX extensions [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2449553 [ 7 ] Bug #2449645 - python-fastar-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2449645 [ 8 ] Bug #2449681 - CVE-2026-33056 maturin: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449681 [ 9 ] Bug #2449683 - CVE-2026-33056 python-fastar: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449683 [ 10 ] Bug #2449684 - CVE-2026-33056 python-uv-build: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449684 [ 11 ] Bug #2449694 - CVE-2026-33056 uv: tar-rs: Arbitrary directory permission modification via crafted tar archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2449694 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d18cf572b8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 python-uv-build security update addresses critical misinterpretation issues with archives in its recent release.. python security, archive integrity, Fedora updates, package management. . Severity: Critical. LinuxSecurity.com Team

Mar 28, 2026 •Critical Fedora

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 42 python-fastar Critical Update 2026-23bb71ea52 Alert

CentOS 8 python-uv-maintenance Log Analysis Flaw 2026-45bb82ea64

Fedora 43 Python Uv Build Critical Archive Misinterpretation Fix Update

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!