Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
197
Ls Advisories Debianlts Esm H240
Price Tag 1security advisoryupdatedebian

Debian Bullseye atril Key Command Injection Patch DLA-4597-1 CVE-2026-46529

It was discovered that atril, a simple multi-page document viewer, is prone to a command injection vulnerability if a specially crafted PDF file is opened. For Debian 11 bullseye, this problem has been fixed in version 1.24.0-1+deb11u2.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4597-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Andreas Henriksson May 22, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : atril Version : 1.24.0-1+deb11u2 CVE ID : CVE-2026-46529 It was discovered that atril, a simple multi-page document viewer, is prone to a command injection vulnerability if a specially crafted PDF file is opened. For Debian 11 bullseye, this problem has been fixed in version 1.24.0-1+deb11u2. We recommend that you upgrade your atril packages. For the detailed security status of atril please refer to its security tracker page at: https://security-tracker.debian.org/tracker/atril Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Atril command injection in Debian allows exploit via crafted files. Update to 1.24.0-1+deb11u2 for security.. atril command injection, Debian LTS advisory, atril security update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 22, 2026 Important Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatedenial of service

Ubuntu 22.04 LTS USN-7274-1 Moderate: atril Denial of Service

Atril could be made to crash or run programs as your login if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-7274-1 February 18, 2025 atril vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Atril could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - atril: Official Document Viewer of the MATE Desktop Environment Details: It was discovered that Atril incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2019-1010006) Andy Nguyen discovered that Atril incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS. (CVE-2019-11459) Febin Mon Saji discovered that Atril incorrectly handled certain compressed files. A remote attacker could possibly use this issue to cause a denial of service or to execute arbitrary code. (CVE-2023-51698) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS atril 1.26.0-1ubuntu1.2 atril-common 1.26.0-1ubuntu1.2 libatrildocument3 1.26.0-1ubuntu1.2 Ubuntu 20.04 LTS atril 1.24.0-1ubuntu0.2 atril-common 1.24.0-1ubuntu0.2 libatrildocument3 1.24.0-1ubuntu0.2 Ubuntu 18.04 LTS atril 1.20.1-2ubuntu2+esm2 Available with Ubuntu Pro atril-common 1.20.1-2ubuntu2+esm2 Available with Ubuntu Pro libatrildocument3 1.20.1-2ubuntu2+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7274-1 CVE-2019-1010006, CVE-2019-11459, CVE-2023-51698 Package Information: https://launchpad.net/ubuntu/+source/atril/1.26.0-1ubuntu1.2 https://launchpad.net/ubuntu/+source/atril/1.24.0-1ubuntu0.2 . Keep up-to-date on Atril's security matters impacting Ubuntu through this advisory that outlines vulnerabilities and necessary updates.. Atril Security, Ubuntu Advisory, Software Update. . LinuxSecurity.com Team

Calendar 2 Feb 18, 2025 Ubuntu
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryremote command executionpath traversal

Mageia 9: MGASA-2024-0224 Critical: Atril Path Traversal Issue

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The . MGASA-2024-0224 - Updated atril packages fix security vulnerability Publication date: 15 Jun 2024 URL: https://advisories.mageia.org/MGASA-2024-0224.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-52076 Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. (CVE-2023-52076) References: - https://bugs.mageia.org/show_bug.cgi?id=33282 - https://ubuntu.com/security/notices/USN-6808-1 - https://www.cve.org/CVERecord?id=CVE-2023-52076 SRPMS: - 9/core/atril-1.26.1-1.1.mga9 . Atril Document Viewer on Mageia receives crucial updates addressing a file write vulnerability that could potentially allow for Remote Code Execution.. Atril Document Viewer,Mageia Security,Path Traversal Fix,Remote Command Execution,Document Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 15, 2024 Critical Mageia
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycode executiondebian

Debian 10 DLA-3828-1 Moderate: Atril Code Execution Threat

A vulnerability was discovered in Atril, a simple document viewer designed for the MATE desktop environment. CVE-2023-52076 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3828-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Santiago Ruano Rincón June 14, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : atril Version : 1.20.3-1+deb10u2 CVE ID : CVE-2023-52076 Debian Bug : 1061522 A vulnerability was discovered in Atril, a simple document viewer designed for the MATE desktop environment. CVE-2023-52076 A missing input sanitising could result in writing arbitrary files if a malformed epub document is opened, that could result in arbitrary code execution. For Debian 10 buster, these problems have been fixed in version 1.20.3-1+deb10u2. This update also disables support for comic book archives, mitigating CVE-2023-51698. We recommend that you upgrade your atril packages. For the detailed security status of atril please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/atril Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS DLA-3828-1 announcement addresses atril vulnerabilities associated with CVE-2023-52076; crucial upgrade details provided.. Atril Security Advisory, Debian LTS, Input Sanitization, Code Execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 15, 2024 Important Debian LTS
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryUbuntuuser privileges

Ubuntu 23.10 USN-6808-1 Moderate: Atril Path Traversal Issue

Atril could be made to create arbitrary files when opening a specially crafted EPUB file.. ========================================================================== Ubuntu Security Notice USN-6808-1 June 05, 2024 atril vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Atril could be made to create arbitrary files when opening a specially crafted EPUB file. Software Description: - atril: Official Document Viewer of the MATE Desktop Environment Details: It was discovered that Atril was vulnerable to a path traversal attack. An attacker could possibly use this vulnerability to create arbitrary files on the host filesystem with user privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10 atril 1.26.0-2ubuntu0.1 atril-common 1.26.0-2ubuntu0.1 libatrildocument3 1.26.0-2ubuntu0.1 Ubuntu 22.04 LTS atril 1.26.0-1ubuntu1.1 atril-common 1.26.0-1ubuntu1.1 libatrildocument3 1.26.0-1ubuntu1.1 Ubuntu 20.04 LTS atril 1.24.0-1ubuntu0.1 atril-common 1.24.0-1ubuntu0.1 libatrildocument3 1.24.0-1ubuntu0.1 Ubuntu 18.04 LTS atril 1.20.1-2ubuntu2+esm1 Available with Ubuntu Pro atril-common 1.20.1-2ubuntu2+esm1 Available with Ubuntu Pro libatrildocument3 1.20.1-2ubuntu2+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS atril 1.12.2-1ubuntu0.3+esm1 Available with Ubuntu Pro atril-common 1.12.2-1ubuntu0.3+esm1 Available with Ubuntu Pro libatrildocument3 1.12.2-1ubuntu0.3+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6808-1 CVE-2023-52076 Package Information: https://launchpad.net/ubuntu/+source/atril/1.26.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/atril/1.26.0-1ubuntu1.1 https://launchpad.net/ubuntu/+source/atril/1.24.0-1ubuntu0.1 . A critical flaw in Atril on Ubuntu enables unauthorized file generation through malicious EPUB files. Ensure you upgrade your packages promptly to safeguard your system.. Atril Security, Path Traversal, Ubuntu Advisory. . LinuxSecurity.com Team

Calendar 2 Jun 05, 2024 Ubuntu
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 38: 2024-59a7d96d84 Moderate: Atril Command Injection Fix

fix gcc14 build error and another epub crash use https://github.com/mate-desktop/atril/commit/479e927 use https://github.com/mate-desktop/atril/commit/d901a9d update to 1.26.2 fix security security advisory. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-59a7d96d84 2024-02-09 01:50:00.832060 -------------------------------------------------------------------------------- Name : atril Product : Fedora 38 Version : 1.26.2 Release : 2.fc38 URL : https://mate-desktop.org/ Summary : Document viewer Description : Mate-document-viewer is simple document viewer. It can display and print Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript (EPS), DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks and editing of forms. -------------------------------------------------------------------------------- Update Information: fix gcc14 build error and another epub crash use https://github.com/mate-desktop/atril/commit/479e927 use https://github.com/mate-desktop/atril/commit/d901a9d update to 1.26.2 fix security security advisory -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 31 2024 Wolfgang Ulbrich - 1.26.2-2 - fix gcc14 build error and another epub crash - use https://github.com/mate-desktop/atril/commit/479e927 - use https://github.com/mate-desktop/atril/commit/d901a9d * Wed Jan 24 2024 Wolfgang Ulbrich - 1.26.2-1 - update to 1.26.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2258392 - CVE-2023-51698 atril: vulnerable to Command Injection Vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258392 [ 2 ] Bug #2258393 - CVE-2023-51698 atril: vulnerable to CommandInjection Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258393 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-59a7d96d84' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Essential patch for atril document reader in Fedora 38 tackles command injection vulnerabilities and resolves compilation challenges proficiently.. Atril Document Viewer, Fedora Update, Command Injection Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 09, 2024 Important Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesoftware update

Fedora 39: 2024-3914113f25 moderate: atril command injection

- update to 1.26.2 - fix security security advisory. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-3914113f25 2024-01-27 01:27:37.234457 -------------------------------------------------------------------------------- Name : atril Product : Fedora 39 Version : 1.26.2 Release : 1.fc39 URL : https://mate-desktop.org/ Summary : Document viewer Description : Mate-document-viewer is simple document viewer. It can display and print Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript (EPS), DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks and editing of forms. -------------------------------------------------------------------------------- Update Information: - update to 1.26.2 - fix security security advisory -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 24 2024 Wolfgang Ulbrich - 1.26.2-1 - update to 1.26.2 * Mon Jan 22 2024 Fedora Release Engineering - 1.26.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 1.26.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2258392 - CVE-2023-51698 atril: vulnerable to Command Injection Vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258392 [ 2 ] Bug #2258393 - CVE-2023-51698 atril: vulnerable to Command Injection Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258393 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2024-3914113f25' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Upgrade atril to version 1.26.2 on Fedora 39 to fix a critical command injection vulnerability and enhance feature set.. Fedora Atril Update, Command Injection Fix, Software Upgrade Notification. . LinuxSecurity.com Team

Calendar 2 Jan 27, 2024 Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian 8: DLA-1882-1 Atril Critical Advisory for Command Injection

A few issues were found in Atril, the MATE document viewer. CVE-2017-1000159 . Package : atril Version : 1.8.1+dfsg1-4+deb8u2 CVE ID : CVE-2017-1000159 CVE-2019-11459 CVE-2019-1010006 A few issues were found in Atril, the MATE document viewer. CVE-2017-1000159 When printing from DVI to PDF, the dvipdfm tool was called without properly sanitizing the filename, which could lead to a command injection attack via the filename. CVE-2019-11459 The tiff_document_render() and tiff_document_get_thumbnail() did not check the status of TIFFReadRGBAImageOriented(), leading to uninitialized memory access if that funcion fails. CVE-2019-1010006 Some buffer overflow checks were not properly done, leading to application crash or possibly arbitrary code execution when opening maliciously crafted files. For Debian 8 "Jessie", these problems have been fixed in version 1.8.1+dfsg1-4+deb8u2. We recommend that you upgrade your atril packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Atril software has been upgraded to address severe problems such as command injection and buffer overflow threats.. Atril Document Viewer, Debian LTS, Security Update, Command Injection, Buffer Overflow. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 13, 2019 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here