Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisoryintrusion detectioncriticalFedora 40: 2024-9cce1f4b49 Critical: Suricata Audit Update
This is a security and bug fix release.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-9cce1f4b49 2024-05-19 01:29:46.920838 -------------------------------------------------------------------------------- Name : suricata Product : Fedora 40 Version : 7.0.5 Release : 1.fc40 URL : / Summary : Intrusion Detection System Description : The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP Matching, and GeoIP identification. -------------------------------------------------------------------------------- Update Information: This is a security and bug fix release. -------------------------------------------------------------------------------- ChangeLog: * Tue May 7 2024 Steve Grubb 7.0.5-1 - New security and bugfix release -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-9cce1f4b49' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 19, 2024 •Critical Fedora 89
security advisorydenial of serviceFedoraFedora 38 - 2024-a15fe3f120 Moderate: Baresip Denial of Service Threat
Baresip v3.10.1 (2024-03-12) Security Release (possible Denial of Service): A wrong or manipulated incoming RTP Timestamp can cause the baresip process to hang forever, for details see: #2954 aureceiver: fix mtx_unlock on discard. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-a15fe3f120 2024-03-15 01:49:44.478283 -------------------------------------------------------------------------------- Name : baresip Product : Fedora 38 Version : 3.10.1 Release : 1.fc38 URL : https://github.com/baresip/baresip Summary : Modular SIP user-agent with audio and video support Description : A modular SIP user-agent with support for audio and video, and many IETF standards such as SIP, SDP, RTP/RTCP and STUN/TURN/ICE for both, IPv4 and IPv6. Additional modules provide support for audio codecs like Codec2, G.711, G.722, G.726, GSM, L16, MPA and Opus, audio drivers like ALSA, GStreamer, JACK Audio Connection Kit, Portaudio, and PulseAudio, video codecs like AV1, VP8 or VP9, video sources like Video4Linux, video outputs like SDL2 or X11, NAT traversal via STUN, TURN, ICE, and NAT-PMP, media encryption via TLS, SRTP or DTLS-SRTP, management features like embedded web-server with HTTP interface, command-line console and interface, and MQTT. -------------------------------------------------------------------------------- Update Information: Baresip v3.10.1 (2024-03-12) Security Release (possible Denial of Service): A wrong or manipulated incoming RTP Timestamp can cause the baresip process to hang forever, for details see: #2954 aureceiver: fix mtx_unlock on discard -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 12 2024 Robert Scheck 3.10.1-1 - Upgrade to 3.10.1 (#2269261) * Mon Mar 11 2024 Robert Scheck 3.10.0-2 - Added upstream patch to fix mtx_unlock on discard inaureceiver -------------------------------------------------------------------------------- References: [ 1 ] Bug #2269261 - baresip-3.10.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2269261 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a15fe3f120' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 15, 2024 •Important Fedora 
100
security advisorymoderatesecurity updateSUSE: CU-2023:2769-1 Moderate: OpenSSL DoS Fix Advisory
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2769-1 Container Tags : bci/bci-base:15.4 , bci/bci-base:15.4.27.14.90 , suse/sle15:15.4 , suse/sle15:15.4.27.14.90 Container Release : 27.14.90 Severity : moderate Type : security References : 1201519 1204844 1213517 1213853 CVE-2023-3817 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3397-1 Released: Wed Aug 23 18:35:56 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1213517,1213853,CVE-2023-3817 This update for openssl-1_1 fixes the following issues: - CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853) - Don't pass zero length input to EVP_Cipher because s390x assembler optimized AES cannot handle zero size. (bsc#1213517) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3410-1 Released: Thu Aug 24 06:56:32 2023 Summary: Recommended update for audit Type: recommended Severity: moderate References: 1201519,1204844 This update for audit fixes the following issues: - Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519) - Fix rules not loaded when restarting auditd.service (bsc#1204844) The following package changes have been done: - libaudit1-3.0.6-150400.4.13.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.53.1 updated - libopenssl1_1-1.1.1l-150400.7.53.1 updated - openssl-1_1-1.1.1l-150400.7.53.1 updated . Keep updated on SUSE Container Update Notification for suse/sle15, covering security updatesand corrections released in August 2023.. SUSE Container Update, OpenSSL Fix, Audit Update. . LinuxSecurity.com Team
Aug 30, 2023 SuSE 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!