Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 41: krb5 Update FEDORA-2025-3e5228ee23 Moderate: Buffer Overflow Fix

Prevent overflow when calculating ulog block size (CVE-2025-24528) Support PKCS11 EC client certs in PKINIT kdb5_util: fix DB entry flags on modification Add ECDH support for PKINIT (RFC5349). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-3e5228ee23 2025-02-14 01:35:06.429278+00:00 -------------------------------------------------------------------------------- Name : krb5 Product : Fedora 41 Version : 1.21.3 Release : 4.fc41 URL : https://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. -------------------------------------------------------------------------------- Update Information: Prevent overflow when calculating ulog block size (CVE-2025-24528) Support PKCS11 EC client certs in PKINIT kdb5_util: fix DB entry flags on modification Add ECDH support for PKINIT (RFC5349) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 11 2025 Julien Rische - 1.21.3-4 - Prevent overflow when calculating ulog block size (CVE-2025-24528) Resolves: rhbz#2342811 - Support PKCS11 EC client certs in PKINIT Resolves: rhbz#2341962 - kdb5_util: fix DB entry flags on modification Resolves: rhbz#2336555 - Add ECDH support for PKINIT (RFC5349) Resolves: rhbz#2214326 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2214326 - [RFE] Add ECDH support for PKINIT (RFC5349) [fedora] https://bugzilla.redhat.com/show_bug.cgi?id=2214326 [ 2 ] Bug #2336555 - kdb5_util: fix DB entry flags on modification [fedora] https://bugzilla.redhat.com/show_bug.cgi?id=2336555 [ 3 ] Bug #2341962 - Support PKCS11 EC clientcerts in PKINIT [fedora] https://bugzilla.redhat.com/show_bug.cgi?id=2341962 [ 4 ] Bug #2342811 - CVE-2025-24528 krb5: overflow when calculating ulog block size [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2342811 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3e5228ee23' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Fedora enhances krb5 to avert buffer overflow in ulog and improves PKINIT by incorporating support for EC certificates. Discover the specifics.. Fedora Update, krb5 Security, DoS Prevention, PKINIT Improvements. . LinuxSecurity.com Team

Calendar 2 Feb 14, 2025 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasecurity fix

Fedora 35: krb5 Security Advisory for Integer Overflow Issue

Security fix for CVE-2022-42898. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-88cefef88c 2022-11-22 01:23:39.130385 --------------------------------------------------------------------------------Name : krb5 Product : Fedora 35 Version : 1.19.2 Release : 9.fc35 URL : https://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2022-42898 --------------------------------------------------------------------------------ChangeLog: * Wed Nov 9 2022 Julien Rische - 1.19.2-9 - Fix integer overflows in PAC parsing (CVE-2022-42898) - Resolves: rhbz#2143009 --------------------------------------------------------------------------------References: [ 1 ] Bug #2140960 - CVE-2022-42898 krb5: integer overflow vulnerabilities in PAC parsing https://bugzilla.redhat.com/show_bug.cgi?id=2140960 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-88cefef88c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send anemail to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Critical security patch released for Fedora 35 fixing CVE-2022-42897 and buffer overflow vulnerability in krb5 PAC handling.. krb5 Update, Fedora 35, PAC Parsing, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 21, 2022 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 37 FreeIPA 2022-4555909843 Critical: Identity Management Update

Update to version 4.17.0. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-4555909843 2022-09-16 00:15:48.446101 --------------------------------------------------------------------------------Name : freeipa Product : Fedora 37 Version : 4.10.0 Release : 6.fc37 URL : https://www.freeipa.org/ Summary : The Identity, Policy and Audit system Description : IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). --------------------------------------------------------------------------------Update Information: Update to version 4.17.0 --------------------------------------------------------------------------------ChangeLog: * Wed Sep 14 2022 Alexander Bokovoy - 4.10.0-6 - Rebuild against final samba 4.17.0 release --------------------------------------------------------------------------------References: [ 1 ] Bug #2096405 - Manual configuration in root partition required before Samba shares can be created https://bugzilla.redhat.com/show_bug.cgi?id=2096405 [ 2 ] Bug #2118818 - samba-4.17.0rc5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2118818 [ 3 ] Bug #2121138 - CVE-2022-32743 samba: Validated dnsHostname write right needs to be implemented [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2121138 [ 4 ] Bug #2122650 - CVE-2022-1615 samba: GnuTLS gnutls_rnd() can fail and give predictable random values [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2122650 [ 5 ] Bug #2126548 - samba-4.17.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2126548 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-4555909843' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest FreeIPA release for Fedora 37 introduces improved identity management capabilities along with resolutions for previously identified bugs.. Fedora Update, FreeIPA Security, Identity Management, Software Fixes, Authentication System. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 15, 2022 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatesamba

Red Hat Enterprise Linux 8.2 RHSA-2022:0076 Moderate: Samba Security Threat

An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: idm:DL1 security update Advisory ID: RHSA-2022:0076-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0076 Issue date: 2022-01-11 CVE Names: CVE-2020-25719 ==================================================================== 1. Summary: An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets (CVE-2020-25719) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2019732 - CVE-2020-25719 samba: Samba AD DC did notalways rely on the SID and PAC in Kerberos tickets 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.2): Source: bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.src.rpm custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm ipa-4.8.4-12.module+el8.2.0+13684+242c9723.src.rpm ipa-healthcheck-0.4-4.module+el8.2.0+5489+95477d9f.src.rpm ipa-idoverride-memberof-0.0.4-6.module+el8.1.0+4098+f286395e.src.rpm opendnssec-1.4.14-1.module+el8.1.0+4098+f286395e.src.rpm python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm slapi-nis-0.56.3-3.module+el8.2.0+13684+242c9723.src.rpm softhsm-2.4.0-4.module+el8.2.0+5779+a38c524f.src.rpm aarch64: bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.aarch64.rpm bind-dyndb-ldap-debuginfo-11.2-3.module+el8.2.0+4921+923e30d5.aarch64.rpm bind-dyndb-ldap-debugsource-11.2-3.module+el8.2.0+4921+923e30d5.aarch64.rpm ipa-client-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-client-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-client-samba-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-debugsource-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.aarch64.rpm ipa-server-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-server-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-server-trust-ad-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm ipa-server-trust-ad-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.aarch64.rpm opendnssec-1.4.14-1.module+el8.1.0+4098+f286395e.aarch64.rpm opendnssec-debuginfo-1.4.14-1.module+el8.1.0+4098+f286395e.aarch64.rpm opendnssec-debugsource-1.4.14-1.module+el8.1.0+4098+f286395e.aarch64.rpm slapi-nis-0.56.3-3.module+el8.2.0+13684+242c9723.aarch64.rpm slapi-nis-debuginfo-0.56.3-3.module+el8.2.0+13684+242c9723.aarch64.rpm slapi-nis-debugsource-0.56.3-3.module+el8.2.0+13684+242c9723.aarch64.rpm softhsm-2.4.0-4.module+el8.2.0+5779+a38c524f.aarch64.rpm softhsm-debuginfo-2.4.0-4.module+el8.2.0+5779+a38c524f.aarch64.rpm softhsm-debugsource-2.4.0-4.module+el8.2.0+5779+a38c524f.aarch64.rpm softhsm-devel-2.4.0-4.module+el8.2.0+5779+a38c524f.aarch64.rpm noarch: custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm ipa-client-common-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm ipa-common-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm ipa-healthcheck-0.4-4.module+el8.2.0+5489+95477d9f.noarch.rpm ipa-healthcheck-core-0.4-4.module+el8.2.0+5489+95477d9f.noarch.rpm ipa-python-compat-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm ipa-server-common-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm ipa-server-dns-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm python3-ipaclient-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm python3-ipalib-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm python3-ipaserver-4.8.4-12.module+el8.2.0+13684+242c9723.noarch.rpm python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm ppc64le: bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.ppc64le.rpm bind-dyndb-ldap-debuginfo-11.2-3.module+el8.2.0+4921+923e30d5.ppc64le.rpm bind-dyndb-ldap-debugsource-11.2-3.module+el8.2.0+4921+923e30d5.ppc64le.rpm ipa-client-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-client-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-client-samba-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-debugsource-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.ppc64le.rpm ipa-server-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-server-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-server-trust-ad-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm ipa-server-trust-ad-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.ppc64le.rpm opendnssec-1.4.14-1.module+el8.1.0+4098+f286395e.ppc64le.rpm opendnssec-debuginfo-1.4.14-1.module+el8.1.0+4098+f286395e.ppc64le.rpm opendnssec-debugsource-1.4.14-1.module+el8.1.0+4098+f286395e.ppc64le.rpm slapi-nis-0.56.3-3.module+el8.2.0+13684+242c9723.ppc64le.rpm slapi-nis-debuginfo-0.56.3-3.module+el8.2.0+13684+242c9723.ppc64le.rpm slapi-nis-debugsource-0.56.3-3.module+el8.2.0+13684+242c9723.ppc64le.rpm softhsm-2.4.0-4.module+el8.2.0+5779+a38c524f.ppc64le.rpm softhsm-debuginfo-2.4.0-4.module+el8.2.0+5779+a38c524f.ppc64le.rpm softhsm-debugsource-2.4.0-4.module+el8.2.0+5779+a38c524f.ppc64le.rpm softhsm-devel-2.4.0-4.module+el8.2.0+5779+a38c524f.ppc64le.rpm s390x: bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.s390x.rpm bind-dyndb-ldap-debuginfo-11.2-3.module+el8.2.0+4921+923e30d5.s390x.rpm bind-dyndb-ldap-debugsource-11.2-3.module+el8.2.0+4921+923e30d5.s390x.rpm ipa-client-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-client-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-client-samba-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-debugsource-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.s390x.rpm ipa-server-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-server-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-server-trust-ad-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm ipa-server-trust-ad-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.s390x.rpm opendnssec-1.4.14-1.module+el8.1.0+4098+f286395e.s390x.rpm opendnssec-debuginfo-1.4.14-1.module+el8.1.0+4098+f286395e.s390x.rpm opendnssec-debugsource-1.4.14-1.module+el8.1.0+4098+f286395e.s390x.rpm slapi-nis-0.56.3-3.module+el8.2.0+13684+242c9723.s390x.rpm slapi-nis-debuginfo-0.56.3-3.module+el8.2.0+13684+242c9723.s390x.rpm slapi-nis-debugsource-0.56.3-3.module+el8.2.0+13684+242c9723.s390x.rpm softhsm-2.4.0-4.module+el8.2.0+5779+a38c524f.s390x.rpm softhsm-debuginfo-2.4.0-4.module+el8.2.0+5779+a38c524f.s390x.rpm softhsm-debugsource-2.4.0-4.module+el8.2.0+5779+a38c524f.s390x.rpm softhsm-devel-2.4.0-4.module+el8.2.0+5779+a38c524f.s390x.rpm x86_64: bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.x86_64.rpm bind-dyndb-ldap-debuginfo-11.2-3.module+el8.2.0+4921+923e30d5.x86_64.rpm bind-dyndb-ldap-debugsource-11.2-3.module+el8.2.0+4921+923e30d5.x86_64.rpm ipa-client-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-client-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-client-samba-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-debugsource-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.x86_64.rpm ipa-server-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-server-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-server-trust-ad-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm ipa-server-trust-ad-debuginfo-4.8.4-12.module+el8.2.0+13684+242c9723.x86_64.rpm opendnssec-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm opendnssec-debuginfo-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm opendnssec-debugsource-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm slapi-nis-0.56.3-3.module+el8.2.0+13684+242c9723.x86_64.rpm slapi-nis-debuginfo-0.56.3-3.module+el8.2.0+13684+242c9723.x86_64.rpm slapi-nis-debugsource-0.56.3-3.module+el8.2.0+13684+242c9723.x86_64.rpm softhsm-2.4.0-4.module+el8.2.0+5779+a38c524f.x86_64.rpm softhsm-debuginfo-2.4.0-4.module+el8.2.0+5779+a38c524f.x86_64.rpm softhsm-debugsource-2.4.0-4.module+el8.2.0+5779+a38c524f.x86_64.rpm softhsm-devel-2.4.0-4.module+el8.2.0+5779+a38c524f.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25719 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYd37yNzjgjWX9erEAQjnEBAAgWvj55vr/APzarU9kBan1yXAOc9zRjPn uy8d/03tdueqkQhIKa4mg4K6efwl+WteIGwfLPqB0WyTjhT11mpi4zXMORi0qpIW VMh5KBO5X+cWdcdbl9Q8JW9xkmjFzBRvQaYg7a/9osXGXzWjKFXR9ON2qBn6wWp/ Xv2VU0gC9nAlrURP5MiHfmqCPahjI2rpGMwAPF1nqYQu+veTD2qejPSuqnI4VG8e k9f7TImvL85Ge20DomEvfmMbgZqLmnRTPBVlKXJg2PLVx+DGcwiCCtsGJisXzUv4 kSgatYPgko1dBYUiCWGncM4UB3qZUC0ok1rncEi/VpyxbV+M/CcV6DjFLsCHZC4U Ww8pAp7KQazGjKGiqsxBlN7DhX4QuXcUYeZGlUGFI3F4Nx3qHDL91YATput/AU53 6BzxZIwlUzvx6eZrDgeNudr5L3UKwtjJ8tK11T7EYrhgIWbWuTNUAMLtDAySXmoh qJnQ1MiHrpHxHN3SowzjS4w9xVGiqsz7ym8TP8EqZUx6lc3HB2JX5IqdPrlmxOBd AN5x4+5ZcfRq7J01ESngqCJLuE+/6KAqA8WFSLeU78Ezm7JiuBnGIsfaj03v0ndc 43skXnMaULfEa9A5McZxl51s18bvimxo6VxsTM43sT0fpcq5mQLYY79Q4lYMYTyo 5gwieB+e0ew=T0sn -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Examine the implications of Red Hat's recent idm:DL1 update, focusing on the samba vulnerability rectification concerning Kerberos tokens and additional enhancements.. Red Hat Linux Security Update, IdM Module Advisory, Samba Security Threat. . LinuxSecurity.com Team

Calendar 2 Jan 11, 2022 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalkrb5

Fedora 34: FEDORA-2021-f3d8515f03 Urgent: libcurl Memory Leak Issue

- CVE-2021-37750 (explicit NULL deref on KDC). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-f2c8514f02 2021-08-27 18:55:25.463086 --------------------------------------------------------------------------------Name : krb5 Product : Fedora 33 Version : 1.18.2 Release : 31.fc33 URL : https://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. --------------------------------------------------------------------------------Update Information: - CVE-2021-37750 (explicit NULL deref on KDC) --------------------------------------------------------------------------------ChangeLog: * Thu Aug 19 2021 Robbie Harwood - 1.18.2-31 - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-f2c8514f02' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Important notice regarding Fedora 33 concerning CVE-2021-37751 which pertains to a null pointer dereference vulnerability in krb5.. Fedora Security Update, Kerberos Authentication, KDC Vulnerability Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 27, 2021 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity updateFedora

Fedora 26: FEDORA-2018-f97cb1c9b0 Low Impact: KRB5 Authentication Fix

Fix CVE-2018-5729, CVE-2018-5730. These are low-impact, requiring administrator access to exploit. ---- Fix leak in previous version. ---- Always read config snippets in alphabetical order per-directory.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-f97cb1c9b0 2018-03-01 15:57:44.337234 --------------------------------------------------------------------------------Name : krb5 Product : Fedora 26 Version : 1.15.2 Release : 7.fc26 URL : http://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. --------------------------------------------------------------------------------Update Information: Fix CVE-2018-5729, CVE-2018-5730. These are low-impact, requiring administrator access to exploit. ---- Fix leak in previous version. ----Always read config snippets in alphabetical order per-directory. --------------------------------------------------------------------------------References: [ 1 ] Bug #1535576 - CVE-2018-5729, CVE-2018-5730 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1535576 [ 2 ] Bug #1540939 - krb5-libs are leaking memory when parsing krb5 configuration https://bugzilla.redhat.com/show_bug.cgi?id=1540939 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade krb5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPGkeys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora has released a security patch for krb5, targeting two minor vulnerabilities that necessitate administrative privileges to exploit. Full information available here.. Fedora Security, Kerberos Update, Administrator Access, Memory Leak Fix. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Mar 01, 2018 Low Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramoderate severity

Fedora 21: 2015-11-24 Moderate: krb5 Multiple Security Fixes

krb5-1.13.2-13.fc23 - Patch CVE-2015-2698 krb5-1.12.2-19.fc21 - Patch CVE-2015-2698 krb5-1.13.2-10.fc22 - Patch CVE-2015-2698 ---- krb5-1.12.2-18.fc21 - Fix CVE-2015-2695, CVE-2015-2696, CVE-2015-2697 krb5-1.13.2-9.fc22 - Fix CVE-2015-2695, CVE-2015-2696, CVE-2015-2697 krb5-1.13.2-12.fc23 - Fix CVE-2015-2695, CVE-2015-2696, CVE-2015-2697. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-200d2dfd9f 2015-11-24 17:50:21.420090 -------------------------------------------------------------------------------- Name : krb5 Product : Fedora 21 Version : 1.12.2 Release : 19.fc21 URL : http://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. -------------------------------------------------------------------------------- Update Information: krb5-1.13.2-13.fc23 - Patch CVE-2015-2698 krb5-1.12.2-19.fc21 - Patch CVE-2015-2698 krb5-1.13.2-10.fc22 - Patch CVE-2015-2698 ---- krb5-1.12.2-18.fc21 - Fix CVE-2015-2695, CVE-2015-2696, CVE-2015-2697 krb5-1.13.2-9.fc22 - Fix CVE-2015-2695, CVE-2015-2696, CVE-2015-2697 krb5-1.13.2-12.fc23 - Fix CVE-2015-2695, CVE-2015-2696, CVE-2015-2697 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update krb5' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Important security release for Fedora 21's krb5 tackling several security vulnerabilities crucial for secure network communication.. krb5 Security,Fedora Update,Authentication System. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 24, 2015 Important Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateRed Hat

Red Hat 5 RHSA-2014-1255-01 Moderate: KRB5 Buffer Overflow Risk

Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: krb5 security update Advisory ID: RHSA-2014:1255-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:1255.html Issue date: 2014-09-17 CVE Names: CVE-2014-4345 ==================================================================== 1. Summary: Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically. 4. Solution: Beforeapplying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: krb5-1.6.1-80.el5_11.src.rpm i386: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-libs-1.6.1-80.el5_11.i386.rpm krb5-workstation-1.6.1-80.el5_11.i386.rpm x86_64: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-debuginfo-1.6.1-80.el5_11.x86_64.rpm krb5-libs-1.6.1-80.el5_11.i386.rpm krb5-libs-1.6.1-80.el5_11.x86_64.rpm krb5-workstation-1.6.1-80.el5_11.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: krb5-1.6.1-80.el5_11.src.rpm i386: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-devel-1.6.1-80.el5_11.i386.rpm krb5-server-1.6.1-80.el5_11.i386.rpm krb5-server-ldap-1.6.1-80.el5_11.i386.rpm x86_64: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-debuginfo-1.6.1-80.el5_11.x86_64.rpm krb5-devel-1.6.1-80.el5_11.i386.rpm krb5-devel-1.6.1-80.el5_11.x86_64.rpm krb5-server-1.6.1-80.el5_11.x86_64.rpm krb5-server-ldap-1.6.1-80.el5_11.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: krb5-1.6.1-80.el5_11.src.rpm i386: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-devel-1.6.1-80.el5_11.i386.rpm krb5-libs-1.6.1-80.el5_11.i386.rpm krb5-server-1.6.1-80.el5_11.i386.rpm krb5-server-ldap-1.6.1-80.el5_11.i386.rpm krb5-workstation-1.6.1-80.el5_11.i386.rpm ia64: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-debuginfo-1.6.1-80.el5_11.ia64.rpm krb5-devel-1.6.1-80.el5_11.ia64.rpm krb5-libs-1.6.1-80.el5_11.i386.rpm krb5-libs-1.6.1-80.el5_11.ia64.rpm krb5-server-1.6.1-80.el5_11.ia64.rpm krb5-server-ldap-1.6.1-80.el5_11.ia64.rpm krb5-workstation-1.6.1-80.el5_11.ia64.rpm ppc: krb5-debuginfo-1.6.1-80.el5_11.ppc.rpm krb5-debuginfo-1.6.1-80.el5_11.ppc64.rpm krb5-devel-1.6.1-80.el5_11.ppc.rpm krb5-devel-1.6.1-80.el5_11.ppc64.rpm krb5-libs-1.6.1-80.el5_11.ppc.rpm krb5-libs-1.6.1-80.el5_11.ppc64.rpm krb5-server-1.6.1-80.el5_11.ppc.rpm krb5-server-ldap-1.6.1-80.el5_11.ppc.rpm krb5-workstation-1.6.1-80.el5_11.ppc.rpm s390x: krb5-debuginfo-1.6.1-80.el5_11.s390.rpm krb5-debuginfo-1.6.1-80.el5_11.s390x.rpm krb5-devel-1.6.1-80.el5_11.s390.rpm krb5-devel-1.6.1-80.el5_11.s390x.rpm krb5-libs-1.6.1-80.el5_11.s390.rpm krb5-libs-1.6.1-80.el5_11.s390x.rpm krb5-server-1.6.1-80.el5_11.s390x.rpm krb5-server-ldap-1.6.1-80.el5_11.s390x.rpm krb5-workstation-1.6.1-80.el5_11.s390x.rpm x86_64: krb5-debuginfo-1.6.1-80.el5_11.i386.rpm krb5-debuginfo-1.6.1-80.el5_11.x86_64.rpm krb5-devel-1.6.1-80.el5_11.i386.rpm krb5-devel-1.6.1-80.el5_11.x86_64.rpm krb5-libs-1.6.1-80.el5_11.i386.rpm krb5-libs-1.6.1-80.el5_11.x86_64.rpm krb5-server-1.6.1-80.el5_11.x86_64.rpm krb5-server-ldap-1.6.1-80.el5_11.x86_64.rpm krb5-workstation-1.6.1-80.el5_11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . Morecontact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUGWeXXlSAg2UNWIIRAhtOAJ99LDt+IbeCT2iKtrv4tt6OHG9w9gCeMVpA 4Hc9P/F02r0n49qp5anOYQs=8PiH -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An essential patch for krb5 modules resolves a critical memory leak vulnerability in Fedora systems.. krb5 update, Red Hat security, buffer overflow, enterprise packages. . LinuxSecurity.com Team

Calendar 2 Sep 17, 2014 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here