Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
172
security advisorycriticalsystem integrityUbuntu 24.04 LTS System Kernel Security Vulnerability CUS-8299-3
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8258-1 May 07, 2026 linux-azure vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems Details: Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcode causing loss of integrity and confidentiality. (CVE-2024-36347) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Network block device driver; - Bluetooth drivers; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - GPU drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Input Device core drivers; - IOMMU subsystem; - IRQ chip drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - MediaTek network drivers; - NVME drivers; - PA-RISC drivers; - Chrome hardware platform drivers; - x86 platform drivers; - Voltage and Current Regulator drivers; - SCSI subsystem; - SPI subsystem; - Media Oriented Systems Transport (MOST)driver; - Realtek RTL8723BS SDIO drivers; - TCM subsystem; - USB Host Controller drivers; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Watchdog drivers; - BFS file system; - BTRFS file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - HFS+ file system; - File systems infrastructure; - Journaling layer for block devices (JBD2); - Network file system (NFS) client; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - BPF subsystem; - Ethernet bridge; - io_uring subsystem; - Locking primitives; - Scheduler infrastructure; - Shadow Call Stack mechanism; - Tracing infrastructure; - Memory management; - CAIF protocol; - Ceph Core library; - Networking core; - Ethtool driver; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Network sockets; - Sun RPC protocol; - Integrity Measurement Architecture(IMA) framework; - Key management; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - HD-audio driver; - Turtle Beach Wavefront ALSA driver; - STMicroelectronics SoC drivers; - USB sound devices; - KVM subsystem; (CVE-2024-57795, CVE-2025-22022, CVE-2025-22111, CVE-2025-38022, CVE-2025-38234, CVE-2025-40164, CVE-2025-40325, CVE-2025-68206, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68291, CVE-2025-68325, CVE-2025-68332, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68349, CVE-2025-68354, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366,CVE-2025-68367, CVE-2025-68369, CVE-2025-68371, CVE-2025-68372, CVE-2025-68374, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68727, CVE-2025-68728, CVE-2025-68732, CVE-2025-68733, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68744, CVE-2025-68746, CVE-2025-68753, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-68767, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771, CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775, CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780, CVE-2025-68782, CVE-2025-68783, CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788, CVE-2025-68794, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68804, CVE-2025-68806, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810, CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067, CVE-2025-71068, CVE-2025-71069, CVE-2025-71071, CVE-2025-71072, CVE-2025-71075, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71088, CVE-2025-71089, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71116, CVE-2025-71118, CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122, CVE-2025-71123, CVE-2025-71125, CVE-2025-71126, CVE-2025-71127, CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138, CVE-2025-71140, CVE-2025-71141,CVE-2025-71143, CVE-2025-71144, CVE-2025-71147, CVE-2025-71148, CVE-2025-71150, CVE-2025-71151, CVE-2025-71153, CVE-2025-71154, CVE-2026-23112, CVE-2026-23209, CVE-2026-23231) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1054-azure 6.8.0-1054.60 linux-image-azure-6.8 6.8.0-1054.60 linux-image-azure-lts-24.04 6.8.0-1054.60 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8258-1 CVE-2024-36347, CVE-2024-57795, CVE-2025-22022, CVE-2025-22111, CVE-2025-38022, CVE-2025-38234, CVE-2025-40164, CVE-2025-40325, CVE-2025-68206, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68291, CVE-2025-68325, CVE-2025-68332, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68349, CVE-2025-68354, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68369, CVE-2025-68371, CVE-2025-68372, CVE-2025-68374, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68727, CVE-2025-68728, CVE-2025-68732, CVE-2025-68733, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68744, CVE-2025-68746, CVE-2025-68753, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68763,CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-68767, CVE-2025-68769, CVE-2025-68770, CVE-2025-68771, CVE-2025-68772, CVE-2025-68773, CVE-2025-68774, CVE-2025-68775, CVE-2025-68776, CVE-2025-68777, CVE-2025-68778, CVE-2025-68780, CVE-2025-68782, CVE-2025-68783, CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788, CVE-2025-68794, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68804, CVE-2025-68806, CVE-2025-68808, CVE-2025-68809, CVE-2025-68810, CVE-2025-68811, CVE-2025-68813, CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68817, CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067, CVE-2025-71068, CVE-2025-71069, CVE-2025-71071, CVE-2025-71072, CVE-2025-71075, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71088, CVE-2025-71089, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094, CVE-2025-71095, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71116, CVE-2025-71118, CVE-2025-71119, CVE-2025-71120, CVE-2025-71121, CVE-2025-71122, CVE-2025-71123, CVE-2025-71125, CVE-2025-71126, CVE-2025-71127, CVE-2025-71130, CVE-2025-71131, CVE-2025-71132, CVE-2025-71133, CVE-2025-71135, CVE-2025-71136, CVE-2025-71137, CVE-2025-71138, CVE-2025-71140, CVE-2025-71141, CVE-2025-71143, CVE-2025-71144, CVE-2025-71147, CVE-2025-71148, CVE-2025-71149, CVE-2025-71150, CVE-2025-71151, CVE-2025-71153, CVE-2025-71154, CVE-2026-23112, CVE-2026-23209, CVE-2026-23231 Package Information: https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-1054.60 . Several security issues in Ubuntu 24.04 LTS Linux kernelrequire immediate patching for system integrity and confidentiality.. Linux Kernel, Ubuntu Security, Azure Kernel, System Updates. . Severity: Critical. LinuxSecurity.com Team
May 07, 2026 •Critical Ubuntu 172
security advisorydenial of servicefirefoxUbuntu 20.04: USN-6201-1 Critical: Firefox Denial Of Service Threat
Several security issues were fixed in Firefox.. =========================================================================Ubuntu Security Notice USN-6201-1 July 05, 2023 firefox vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Firefox. Software Description: - firefox: Mozilla Open Source web browser Details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-37201, CVE-2023-37202, CVE-2023-37205, CVE-2023-37207, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212) Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage. (CVE-2023-3482) Paul Nickerson discovered that Firefox did have insufficient validation in the Drag and Drop API. If a user were tricked into creating a shortcut to local system files, an attacker could execute arbitrary code. (CVE-2023-37203) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using an option element having an expensive computational function. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-37204) Ameen Basha M K discovered that Firefox did not properly validate symlinks in the FileSystem API. If a user were tricked into uploading a symlinked file to a malicious website, an attacker could obtain sensitive information. (CVE-2023-37206) Puf discovered that Firefox did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code.(CVE-2023-37208) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: firefox 115.0+build2-0ubuntu0.20.04.3 After a standard system update you need to restart Firefox to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6201-1 CVE-2023-3482, CVE-2023-37201, CVE-2023-37202, CVE-2023-37203, CVE-2023-37204, CVE-2023-37205, CVE-2023-37206, CVE-2023-37207, CVE-2023-37208, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212 Package Information: https://launchpad.net/ubuntu/+source/firefox/115.0+build2-0ubuntu0.20.04.3 . Explore the specifics of Ubuntu Security Notice USN-6201-1, addressing several vulnerabilities in Firefox. Learn about the impact of these issues and how to update your system. Ubuntu Firefox Update, Security Advisories, Firefox Exploits. . Severity: Critical. LinuxSecurity.com Team
Jul 05, 2023 •Critical Ubuntu 
203
security advisorymoderate severityattack vectorsMageia 8 MGASA-2021-0553 Moderate: runc Overflow Threat
It was discovered that there was an overflow issue in runc, the runtime for the Open Container Project, often used with Docker. The Netlink 'bytemsg' length field could have allowed an attacker to override Netlink-based container configurations. This vulnerability required the attacker to have some control over the configuration of the container, but . MGASA-2021-0553 - Updated opencontainers-runc packages fix security vulnerability Publication date: 10 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0553.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-43784 It was discovered that there was an overflow issue in runc, the runtime for the Open Container Project, often used with Docker. The Netlink 'bytemsg' length field could have allowed an attacker to override Netlink-based container configurations. This vulnerability required the attacker to have some control over the configuration of the container, but would have allowed the attacker to bypass the namespace restrictions of the container by simply adding their own Netlink payload which disables all namespaces. (CVE-2021-43784) References: - https://bugs.mageia.org/show_bug.cgi?id=29738 - https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html - https://www.cve.org/CVERecord?id=CVE-2021-43784 SRPMS: - 8/core/opencontainers-runc-1.0.3-1.mga8 . Tackling the overflow problem in runc by implementing critical security patches ensures the safeguarding of Mageia 8 container setups.. Mageia Update, runc Overflow, container runtime, security fix. . LinuxSecurity.com Team
Dec 10, 2021 Mageia 202
security advisorydenial of servicecritical updateopenSUSE Leap 15.3: 2021:2764-1 Critical: libsndfile Denial Of Service
An update that fixes four vulnerabilities is now available. . openSUSE Security Update: Security update for libsndfile ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:2764-1 Rating: critical References: #1100167 #1116993 #1117954 #1188540 Cross-References: CVE-2018-13139 CVE-2018-19432 CVE-2018-19758 CVE-2021-3246 CVSS scores: CVE-2018-13139 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-13139 (SUSE): 8.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-19432 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19432 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVE-2018-19758 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19758 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3246 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-3246 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libsndfile fixes the following issues: - CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167) - CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993) - CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540) - CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-2764=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libsndfile-debugsource-1.0.28-5.12.1 libsndfile-devel-1.0.28-5.12.1 libsndfile-progs-1.0.28-5.12.1 libsndfile-progs-debuginfo-1.0.28-5.12.1 libsndfile-progs-debugsource-1.0.28-5.12.1 libsndfile1-1.0.28-5.12.1 libsndfile1-debuginfo-1.0.28-5.12.1 - openSUSE Leap 15.3 (x86_64): libsndfile1-32bit-1.0.28-5.12.1 libsndfile1-32bit-debuginfo-1.0.28-5.12.1 References: https://www.suse.com/security/cve/CVE-2018-13139.html https://www.suse.com/security/cve/CVE-2018-19432.html https://www.suse.com/security/cve/CVE-2018-19758.html https://www.suse.com/security/cve/CVE-2021-3246.html https://bugzilla.suse.com/1100167 https://bugzilla.suse.com/1116993 https://bugzilla.suse.com/1117954 https://bugzilla.suse.com/1188540 . A crucial patch for libsndfile resolves several vulnerabilities affecting openSUSE Leap 15.3, posing significant risks.. openSUSE, libsndfile, critical fix, security issue, Denial of Service. . Severity: Critical. LinuxSecurity.com Team
Aug 17, 2021 •Critical OpenSUSE 202
security advisoryupdateimportantopenSUSE Leap 15.0: 2019:0098-1 Important: Systemd Fixes
An update that solves four vulnerabilities and has 7 fixes is now available.. openSUSE Security Update: Security update for systemd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0098-1 Rating: important References: #1005023 #1045723 #1076696 #1080919 #1093753 #1101591 #1111498 #1114933 #1117063 #1119971 #1120323 Cross-References: CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 CVE-2018-6954 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves four vulnerabilities and has 7 fixes is now available. Description: This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323) - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323) - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919) - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971) Non-security issues fixed: - pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498) - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933) - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723) - Fixed installation issue with /etc/machine-id during update (bsc#1117063) - btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753) - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591) - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023) - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3,80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-98=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libsystemd0-234-lp150.20.12.1 libsystemd0-debuginfo-234-lp150.20.12.1 libsystemd0-mini-234-lp150.20.12.1 libsystemd0-mini-debuginfo-234-lp150.20.12.1 libudev-devel-234-lp150.20.12.1 libudev-mini-devel-234-lp150.20.12.1 libudev-mini1-234-lp150.20.12.1 libudev-mini1-debuginfo-234-lp150.20.12.1 libudev1-234-lp150.20.12.1 libudev1-debuginfo-234-lp150.20.12.1 nss-myhostname-234-lp150.20.12.1 nss-myhostname-debuginfo-234-lp150.20.12.1 nss-mymachines-234-lp150.20.12.1 nss-mymachines-debuginfo-234-lp150.20.12.1 nss-systemd-234-lp150.20.12.1 nss-systemd-debuginfo-234-lp150.20.12.1 systemd-234-lp150.20.12.1 systemd-container-234-lp150.20.12.1 systemd-container-debuginfo-234-lp150.20.12.1 systemd-coredump-234-lp150.20.12.1 systemd-coredump-debuginfo-234-lp150.20.12.1 systemd-debuginfo-234-lp150.20.12.1 systemd-debugsource-234-lp150.20.12.1 systemd-devel-234-lp150.20.12.1 systemd-logger-234-lp150.20.12.1 systemd-mini-234-lp150.20.12.1 systemd-mini-container-mini-234-lp150.20.12.1 systemd-mini-container-mini-debuginfo-234-lp150.20.12.1 systemd-mini-coredump-mini-234-lp150.20.12.1 systemd-mini-coredump-mini-debuginfo-234-lp150.20.12.1 systemd-mini-debuginfo-234-lp150.20.12.1 systemd-mini-debugsource-234-lp150.20.12.1 systemd-mini-devel-234-lp150.20.12.1 systemd-mini-sysvinit-234-lp150.20.12.1 systemd-sysvinit-234-lp150.20.12.1 udev-234-lp150.20.12.1 udev-debuginfo-234-lp150.20.12.1 udev-mini-234-lp150.20.12.1 udev-mini-debuginfo-234-lp150.20.12.1 - openSUSE Leap 15.0 (x86_64): libsystemd0-32bit-234-lp150.20.12.1 libsystemd0-32bit-debuginfo-234-lp150.20.12.1 libudev-devel-32bit-234-lp150.20.12.1 libudev1-32bit-234-lp150.20.12.1 libudev1-32bit-debuginfo-234-lp150.20.12.1 nss-myhostname-32bit-234-lp150.20.12.1 nss-myhostname-32bit-debuginfo-234-lp150.20.12.1 nss-mymachines-32bit-234-lp150.20.12.1 nss-mymachines-32bit-debuginfo-234-lp150.20.12.1 systemd-32bit-234-lp150.20.12.1 systemd-32bit-debuginfo-234-lp150.20.12.1 - openSUSE Leap 15.0 (noarch): systemd-bash-completion-234-lp150.20.12.1 systemd-mini-bash-completion-234-lp150.20.12.1 References: https://www.suse.com/security/cve/CVE-2018-16864.html https://www.suse.com/security/cve/CVE-2018-16865.html https://www.suse.com/security/cve/CVE-2018-16866.html https://www.suse.com/security/cve/CVE-2018-6954.html https://bugzilla.suse.com/1005023 https://bugzilla.suse.com/1045723 https://bugzilla.suse.com/1076696 https://bugzilla.suse.com/1080919 https://bugzilla.suse.com/1093753 https://bugzilla.suse.com/1101591 https://bugzilla.suse.com/1111498 https://bugzilla.suse.com/1114933 https://bugzilla.suse.com/1117063 https://bugzilla.suse.com/1119971 https://bugzilla.suse.com/1120323 -- . This release targets critical vulnerabilities in systemd, such as data exposure and resource mismanagement, improving overall system integrity.. openSUSE Security Update, systemd vulnerability, system update. . Severity: Important. LinuxSecurity.com Team
Jan 29, 2019 •Important OpenSUSE 91
security advisoryGentoohigh severityGentoo: GLSA-202109-14 Critical: OpenSSL Security Flaws Identified
Multiple vulnerabilities have been found in mbed TLS, the worst of which could allow remote attackers to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201804-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: mbed TLS: Multiple vulnerabilites Date: April 22, 2018 Bugs: #647800 ID: 201804-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in mbed TLS, the worst of which could allow remote attackers to execute arbitrary code. Background ========= mbed TLS (previously PolarSSL) is an “easy to understand, use, integrate and expand” implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/mbedtls < 2.7.2 > = 2.7.2 Description ========== Multiple vulnerabilities have been discovered in mbed TLS. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker, through multiple vectors, could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All mbed TLS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-libs/mbedtls-2.7.2" References ========= [ 1 ] CVE-2017-18187 https://nvd.nist.gov/vuln/detail/CVE-2017-18187 [ 2 ]CVE-2018-0487 https://nvd.nist.gov/vuln/detail/CVE-2018-0487 [ 3 ] CVE-2018-0488 https://nvd.nist.gov/vuln/detail/CVE-2018-0488 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201804-19 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Apr 22, 2018 Gentoo 87
security advisorymoderatedenial of serviceDebian 7: DSA-3089-1 Moderate: Jasper Buffer Overflow DoS Threat
Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, a library for manipulating JPEG-2000 files, which could lead to denial of service (application crash) or the execution of arbitrary code. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3089-1
Dec 04, 2014 •Important Debian 98
security advisoryRed Hatremote code executionRed Hat RHSA-2014:0916-01 Critical Update for NSS and NSPR RCE Issues
Updated nss and nspr packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 7. The Red Hat Security Response Team has rated this update as having Critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: nss and nspr security update Advisory ID: RHSA-2014:0916-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:0916.html Issue date: 2014-07-22 CVE Names: CVE-2014-1544 ==================================================================== 1. Summary: Updated nss and nspr packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A racecondition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) Red Hat would like to thank the Mozilla project for reporting CVE-2014-1544. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters. Users of NSS and NSPR are advised to upgrade to these updated packages, which correct this issue. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1116198 - CVE-2014-1544 nss: Race-condition in certificate verification can lead to Remote code execution (MFSA 2014-63) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: nspr-4.10.6-1.el5_10.src.rpm nss-3.15.3-7.el5_10.src.rpm i386: nspr-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nss-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-tools-3.15.3-7.el5_10.i386.rpm x86_64: nspr-4.10.6-1.el5_10.i386.rpm nspr-4.10.6-1.el5_10.x86_64.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.x86_64.rpm nss-3.15.3-7.el5_10.i386.rpm nss-3.15.3-7.el5_10.x86_64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.x86_64.rpm nss-tools-3.15.3-7.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop Workstation (v. 5client): Source: nspr-4.10.6-1.el5_10.src.rpm nss-3.15.3-7.el5_10.src.rpm i386: nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm x86_64: nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.x86_64.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.x86_64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.x86_64.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.x86_64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: nspr-4.10.6-1.el5_10.src.rpm nss-3.15.3-7.el5_10.src.rpm i386: nspr-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nss-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm nss-tools-3.15.3-7.el5_10.i386.rpm ia64: nspr-4.10.6-1.el5_10.i386.rpm nspr-4.10.6-1.el5_10.ia64.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.ia64.rpm nspr-devel-4.10.6-1.el5_10.ia64.rpm nss-3.15.3-7.el5_10.i386.rpm nss-3.15.3-7.el5_10.ia64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.ia64.rpm nss-devel-3.15.3-7.el5_10.ia64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.ia64.rpm nss-tools-3.15.3-7.el5_10.ia64.rpm ppc: nspr-4.10.6-1.el5_10.ppc.rpm nspr-4.10.6-1.el5_10.ppc64.rpm nspr-debuginfo-4.10.6-1.el5_10.ppc.rpm nspr-debuginfo-4.10.6-1.el5_10.ppc64.rpm nspr-devel-4.10.6-1.el5_10.ppc.rpm nspr-devel-4.10.6-1.el5_10.ppc64.rpm nss-3.15.3-7.el5_10.ppc.rpm nss-3.15.3-7.el5_10.ppc64.rpm nss-debuginfo-3.15.3-7.el5_10.ppc.rpm nss-debuginfo-3.15.3-7.el5_10.ppc64.rpm nss-devel-3.15.3-7.el5_10.ppc.rpm nss-devel-3.15.3-7.el5_10.ppc64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.ppc.rpm nss-pkcs11-devel-3.15.3-7.el5_10.ppc64.rpm nss-tools-3.15.3-7.el5_10.ppc.rpm s390x: nspr-4.10.6-1.el5_10.s390.rpm nspr-4.10.6-1.el5_10.s390x.rpm nspr-debuginfo-4.10.6-1.el5_10.s390.rpm nspr-debuginfo-4.10.6-1.el5_10.s390x.rpm nspr-devel-4.10.6-1.el5_10.s390.rpm nspr-devel-4.10.6-1.el5_10.s390x.rpm nss-3.15.3-7.el5_10.s390.rpm nss-3.15.3-7.el5_10.s390x.rpm nss-debuginfo-3.15.3-7.el5_10.s390.rpm nss-debuginfo-3.15.3-7.el5_10.s390x.rpm nss-devel-3.15.3-7.el5_10.s390.rpm nss-devel-3.15.3-7.el5_10.s390x.rpm nss-pkcs11-devel-3.15.3-7.el5_10.s390.rpm nss-pkcs11-devel-3.15.3-7.el5_10.s390x.rpm nss-tools-3.15.3-7.el5_10.s390x.rpm x86_64: nspr-4.10.6-1.el5_10.i386.rpm nspr-4.10.6-1.el5_10.x86_64.rpm nspr-debuginfo-4.10.6-1.el5_10.i386.rpm nspr-debuginfo-4.10.6-1.el5_10.x86_64.rpm nspr-devel-4.10.6-1.el5_10.i386.rpm nspr-devel-4.10.6-1.el5_10.x86_64.rpm nss-3.15.3-7.el5_10.i386.rpm nss-3.15.3-7.el5_10.x86_64.rpm nss-debuginfo-3.15.3-7.el5_10.i386.rpm nss-debuginfo-3.15.3-7.el5_10.x86_64.rpm nss-devel-3.15.3-7.el5_10.i386.rpm nss-devel-3.15.3-7.el5_10.x86_64.rpm nss-pkcs11-devel-3.15.3-7.el5_10.i386.rpm nss-pkcs11-devel-3.15.3-7.el5_10.x86_64.rpm nss-tools-3.15.3-7.el5_10.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): x86_64: nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm ppc64: nspr-4.10.6-1.el7_0.ppc.rpm nspr-4.10.6-1.el7_0.ppc64.rpm nspr-debuginfo-4.10.6-1.el7_0.ppc.rpm nspr-debuginfo-4.10.6-1.el7_0.ppc64.rpm nspr-devel-4.10.6-1.el7_0.ppc.rpm nspr-devel-4.10.6-1.el7_0.ppc64.rpm nss-3.15.4-7.el7_0.ppc.rpm nss-3.15.4-7.el7_0.ppc64.rpm nss-debuginfo-3.15.4-7.el7_0.ppc.rpm nss-debuginfo-3.15.4-7.el7_0.ppc64.rpm nss-devel-3.15.4-7.el7_0.ppc.rpm nss-devel-3.15.4-7.el7_0.ppc64.rpm nss-sysinit-3.15.4-7.el7_0.ppc64.rpm nss-tools-3.15.4-7.el7_0.ppc64.rpm s390x: nspr-4.10.6-1.el7_0.s390.rpm nspr-4.10.6-1.el7_0.s390x.rpm nspr-debuginfo-4.10.6-1.el7_0.s390.rpm nspr-debuginfo-4.10.6-1.el7_0.s390x.rpm nspr-devel-4.10.6-1.el7_0.s390.rpm nspr-devel-4.10.6-1.el7_0.s390x.rpm nss-3.15.4-7.el7_0.s390.rpm nss-3.15.4-7.el7_0.s390x.rpm nss-debuginfo-3.15.4-7.el7_0.s390.rpm nss-debuginfo-3.15.4-7.el7_0.s390x.rpm nss-devel-3.15.4-7.el7_0.s390.rpm nss-devel-3.15.4-7.el7_0.s390x.rpm nss-sysinit-3.15.4-7.el7_0.s390x.rpm nss-tools-3.15.4-7.el7_0.s390x.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: nss-debuginfo-3.15.4-7.el7_0.ppc.rpm nss-debuginfo-3.15.4-7.el7_0.ppc64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.ppc.rpm nss-pkcs11-devel-3.15.4-7.el7_0.ppc64.rpm s390x: nss-debuginfo-3.15.4-7.el7_0.s390.rpm nss-debuginfo-3.15.4-7.el7_0.s390x.rpm nss-pkcs11-devel-3.15.4-7.el7_0.s390.rpm nss-pkcs11-devel-3.15.4-7.el7_0.s390x.rpm x86_64: nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: nspr-4.10.6-1.el7_0.src.rpm nss-3.15.4-7.el7_0.src.rpm x86_64: nspr-4.10.6-1.el7_0.i686.rpm nspr-4.10.6-1.el7_0.x86_64.rpm nspr-debuginfo-4.10.6-1.el7_0.i686.rpm nspr-debuginfo-4.10.6-1.el7_0.x86_64.rpm nspr-devel-4.10.6-1.el7_0.i686.rpm nspr-devel-4.10.6-1.el7_0.x86_64.rpm nss-3.15.4-7.el7_0.i686.rpm nss-3.15.4-7.el7_0.x86_64.rpm nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-devel-3.15.4-7.el7_0.i686.rpm nss-devel-3.15.4-7.el7_0.x86_64.rpm nss-sysinit-3.15.4-7.el7_0.x86_64.rpm nss-tools-3.15.4-7.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: nss-debuginfo-3.15.4-7.el7_0.i686.rpm nss-debuginfo-3.15.4-7.el7_0.x86_64.rpm nss-pkcs11-devel-3.15.4-7.el7_0.i686.rpm nss-pkcs11-devel-3.15.4-7.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2014-1544 https://access.redhat.com/security/updates/classification#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2014 Red Hat, Inc. . Essential patches released for nss and nspr packages in Fedora fix a significant vulnerability, guaranteeing improved protection and performance.. Red Hat Enterprise Linux,nss update,nspr security,critical advisory. . Severity:Critical. LinuxSecurity.com Team
Jul 22, 2014 •Critical Red Hat 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!