Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisoryfedoraupdateFedora 41: mod_http2 Update for Assertion Error CVE-2025-49630
version update. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-494d9f64cb 2025-10-22 01:31:30.739304+00:00 -------------------------------------------------------------------------------- Name : mod_http2 Product : Fedora 41 Version : 2.0.35 Release : 1.fc41 URL : https://icing.github.io/mod_h2/ Summary : module implementing HTTP/2 for Apache 2 Description : The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. -------------------------------------------------------------------------------- Update Information: version update -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 6 2025 Lubo\u0161 Uhliarik - 2.0.35-1 - new version 2.0.35 * Thu Jul 24 2025 Fedora Release Engineering - 2.0.32-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue Jun 3 2025 Lubo\u0161 Uhliarik - 2.0.32-1 - new version 2.0.32 * Fri Jan 17 2025 Fedora Release Engineering - 2.0.29-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2384234 - CVE-2025-49630 mod_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2384234 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-494d9f64cb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Discover the latest update for mod_http2 on Fedora 41 addressing client input errors and assertion failures.. mod_http2, Fedora 41, update information, client input error, assertion failure. . Severity: Important. LinuxSecurity.com Team
Oct 22, 2025
•Important
Fedora
202
security advisorymoderateupdateopenSUSE Leap 15.x: SUSE-SU-2023:4463-1 Moderate: libnbd Assertion Issue
This update for libnbd fixes the following issues: CVE-2023-5871: Fixed an assertion problem in ext-mode BLOCK_STATUS (bsc#1216769).. # Security update for libnbd Announcement ID: SUSE-SU-2023:4463-1 Rating: moderate References: * bsc#1216769 Cross-References: * CVE-2023-5871 CVSS scores: * CVE-2023-5871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for libnbd fixes the following issues: * CVE-2023-5871: Fixed an assertion problem in ext-mode BLOCK_STATUS (bsc#1216769). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4463=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4463=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2023-4463=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libnbd-devel-1.18.1-150300.8.18.1 * libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-1.18.1-150300.8.18.1 * libnbd0-1.18.1-150300.8.18.1 * libnbd0-debuginfo-1.18.1-150300.8.18.1 * nbdfuse-debuginfo-1.18.1-150300.8.18.1 * libnbd-debugsource-1.18.1-150300.8.18.1 * nbdfuse-1.18.1-150300.8.18.1 * openSUSE Leap 15.4 (noarch) * libnbd-bash-completion-1.18.1-150300.8.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libnbd-devel-1.18.1-150300.8.18.1 * python3-libnbd-1.18.1-150300.8.18.1 * python3-libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-1.18.1-150300.8.18.1 * libnbd0-1.18.1-150300.8.18.1 * libnbd0-debuginfo-1.18.1-150300.8.18.1 * nbdfuse-debuginfo-1.18.1-150300.8.18.1 *libnbd-debugsource-1.18.1-150300.8.18.1 * nbdfuse-1.18.1-150300.8.18.1 * openSUSE Leap 15.5 (noarch) * libnbd-bash-completion-1.18.1-150300.8.18.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libnbd-devel-1.18.1-150300.8.18.1 * python3-libnbd-1.18.1-150300.8.18.1 * python3-libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-1.18.1-150300.8.18.1 * libnbd0-1.18.1-150300.8.18.1 * libnbd0-debuginfo-1.18.1-150300.8.18.1 * nbdfuse-debuginfo-1.18.1-150300.8.18.1 * libnbd-debugsource-1.18.1-150300.8.18.1 * nbdfuse-1.18.1-150300.8.18.1 * openSUSE Leap 15.3 (noarch) * libnbd-bash-completion-1.18.1-150300.8.18.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5871.html * https://bugzilla.suse.com/show_bug.cgi?id=1216769 . Recent security advisory for libnbd provides updates on assertion vulnerabilities affecting various openSUSE releases, specifics included.. openSUSE Update, libnbd Security Fix, assertion issue resolution. . LinuxSecurity.com Team
Nov 16, 2023
OpenSUSE
100
security advisorymoderatesoftware fixopenSUSE: 2023:4463-1 Moderate: Libnbd Assertion Fix for CVE-2023-5871
* bsc#1216769 Cross-References: * CVE-2023-5871 . # Security update for libnbd Announcement ID: SUSE-SU-2023:4463-1 Rating: moderate References: * bsc#1216769 Cross-References: * CVE-2023-5871 CVSS scores: * CVE-2023-5871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for libnbd fixes the following issues: * CVE-2023-5871: Fixed an assertion problem in ext-mode BLOCK_STATUS (bsc#1216769). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4463=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4463=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2023-4463=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libnbd-devel-1.18.1-150300.8.18.1 * libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-1.18.1-150300.8.18.1 * libnbd0-1.18.1-150300.8.18.1 * libnbd0-debuginfo-1.18.1-150300.8.18.1 * nbdfuse-debuginfo-1.18.1-150300.8.18.1 * libnbd-debugsource-1.18.1-150300.8.18.1 * nbdfuse-1.18.1-150300.8.18.1 * openSUSE Leap 15.4 (noarch) * libnbd-bash-completion-1.18.1-150300.8.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libnbd-devel-1.18.1-150300.8.18.1 * python3-libnbd-1.18.1-150300.8.18.1 * python3-libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-1.18.1-150300.8.18.1 * libnbd0-1.18.1-150300.8.18.1 * libnbd0-debuginfo-1.18.1-150300.8.18.1 * nbdfuse-debuginfo-1.18.1-150300.8.18.1 * libnbd-debugsource-1.18.1-150300.8.18.1 * nbdfuse-1.18.1-150300.8.18.1 * openSUSE Leap 15.5 (noarch) * libnbd-bash-completion-1.18.1-150300.8.18.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libnbd-devel-1.18.1-150300.8.18.1 * python3-libnbd-1.18.1-150300.8.18.1 * python3-libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-debuginfo-1.18.1-150300.8.18.1 * libnbd-1.18.1-150300.8.18.1 * libnbd0-1.18.1-150300.8.18.1 * libnbd0-debuginfo-1.18.1-150300.8.18.1 * nbdfuse-debuginfo-1.18.1-150300.8.18.1 * libnbd-debugsource-1.18.1-150300.8.18.1 * nbdfuse-1.18.1-150300.8.18.1 * openSUSE Leap 15.3 (noarch) * libnbd-bash-completion-1.18.1-150300.8.18.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5871.html * https://bugzilla.suse.com/show_bug.cgi?id=1216769 . Timely SUSE security patch for libnbd tackling CVE-2023-5871 to fix assertion problems in extended mode BLOCK_STATUS.. libnbd,SUSE,security fix,moderate update,assertion issue. . Severity: Important. LinuxSecurity.com Team
Nov 16, 2023
•Important
SuSE
219
security advisorymoderatesoftware updateRocky Linux 8 RLSA-2023:4498 Moderate D-Bus Assertion Issue
Moderate: dbus security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:4498", "synopsis": "Moderate: dbus security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for dbus.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.\n\nSecurity Fix(es):\n\n* dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered (CVE-2023-34969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2213166", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2213166", "description": ""}], "cves": [{"name": "CVE-2023-34969", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-34969", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.2", "cwe": "CWE-617"}], "references": [], "publishedAt": "2023-08-24T04:20:17.019312Z", "rpms": {"Rocky Linux 8": {"nvras": ["dbus-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-1:1.12.8-24.el8_8.1.src.rpm", "dbus-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-common-1:1.12.8-24.el8_8.1.noarch.rpm", "dbus-daemon-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-daemon-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-daemon-debuginfo-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-daemon-debuginfo-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-debuginfo-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-debuginfo-1:1.12.8-24.el8_8.1.i686.rpm", "dbus-debuginfo-1:1.12.8-24.el8_8.1.x86_64.rpm","dbus-debugsource-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-debugsource-1:1.12.8-24.el8_8.1.i686.rpm", "dbus-debugsource-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-devel-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-devel-1:1.12.8-24.el8_8.1.i686.rpm", "dbus-devel-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-libs-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-libs-1:1.12.8-24.el8_8.1.i686.rpm", "dbus-libs-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-libs-debuginfo-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-libs-debuginfo-1:1.12.8-24.el8_8.1.i686.rpm", "dbus-libs-debuginfo-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-tools-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-tools-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-tools-debuginfo-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-tools-debuginfo-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-x11-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-x11-1:1.12.8-24.el8_8.1.x86_64.rpm", "dbus-x11-debuginfo-1:1.12.8-24.el8_8.1.aarch64.rpm", "dbus-x11-debuginfo-1:1.12.8-24.el8_8.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. The recent update for Rocky Linux addressing dbus has fixed a notable security vulnerability stemming from an assertion failure. It is advisable to upgrade for enhanced system stability.. Rocky Linux Security, Dbus Updates, Assertion Issue, System Services. . LinuxSecurity.com Team
Aug 24, 2023
Rocky Linux
217
security advisorymoderateupdateOracle Linux 7 ELSA-2021-3325 Moderate: Bind Assertion Issue
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2021-3325 https://linux.oracle.com/errata/ELSA-2021-3325.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: bind-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-chroot-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-libs-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-export-libs-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-license-9.11.4-26.P2.el7_9.7.noarch.rpm bind-pkcs11-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-utils-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-export-devel-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-devel-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-sdb-9.11.4-26.P2.el7_9.7.aarch64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.7.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/bind-9.11.4-26.P2.el7_9.7.src.rpm Related CVEs: CVE-2021-25214 Description of changes: [32:9.11.4-26.P2.7] - Apply again patch 172, got removed by mistake [32:9.11.4-26.P2.6] - Insufficient IXFR checks could lead to assertion failure (CVE-2021-25214) _______________________________________________ El-errata mailing list
Aug 31, 2021
Oracle
202
security advisoryupdateencryptionopenSUSE: 2019:0085-1 Important: krb5 Assertion Issue Fix
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for krb5 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0085-1 Rating: important References: #1120489 Cross-References: CVE-2018-20217 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for krb5 fixes the following security issue: - CVE-2018-20217: Fixed an assertion issue with older encryption types (bsc#1120489) This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-85=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): krb5-1.12.5-22.1 krb5-client-1.12.5-22.1 krb5-client-debuginfo-1.12.5-22.1 krb5-debuginfo-1.12.5-22.1 krb5-debugsource-1.12.5-22.1 krb5-devel-1.12.5-22.1 krb5-doc-1.12.5-22.1 krb5-mini-1.12.5-22.1 krb5-mini-debuginfo-1.12.5-22.1 krb5-mini-debugsource-1.12.5-22.1 krb5-mini-devel-1.12.5-22.1 krb5-plugin-kdb-ldap-1.12.5-22.1 krb5-plugin-kdb-ldap-debuginfo-1.12.5-22.1 krb5-plugin-preauth-otp-1.12.5-22.1 krb5-plugin-preauth-otp-debuginfo-1.12.5-22.1 krb5-plugin-preauth-pkinit-1.12.5-22.1 krb5-plugin-preauth-pkinit-debuginfo-1.12.5-22.1 krb5-server-1.12.5-22.1 krb5-server-debuginfo-1.12.5-22.1 - openSUSE Leap 42.3 (x86_64): krb5-32bit-1.12.5-22.1 krb5-debuginfo-32bit-1.12.5-22.1 krb5-devel-32bit-1.12.5-22.1 References: https://www.suse.com/security/cve/CVE-2018-20217.html https://bugzilla.suse.com/1120489 -- . Arch Linux issues a vital update for OpenSSL to fix severe vulnerabilities in cipher operations. Apply this patch to enhance system safety.. openSUSE krb5 update important security. . Severity: Important. LinuxSecurity.com Team
Jan 25, 2019
•Important
OpenSUSE
89
security advisorycriticalFedoraFedora 24: 2017-27099c270a Critical: bind DNS Assertion Issue
Security fix for CVE-2017-3135. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-27099c270a 2017-02-19 18:35:31.283474 -------------------------------------------------------------------------------- Name : bind Product : Fedora 24 Version : 9.10.4 Release : 3.P6.fc24 URL : Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-3135 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1420193 - CVE-2017-3135 bind: Assertion failure when using DNS64 and RPZ Can Lead to Crash https://bugzilla.redhat.com/show_bug.cgi?id=1420193 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade bind' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Feb 19, 2017
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!