Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisoryimportantudisks2

Rocky Linux 10 RLSA-2026-3476 udisks2 Important Authorization Check Threat

Important: udisks2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3476", "synopsis": "Important: udisks2 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for udisks2.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies.\n\nSecurity Fix(es):\n\n* udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API (CVE-2026-26104)\n\n* udisks: Missing Authorization Check Allows Unprivileged Users to Restore LUKS Headers via udisks D-Bus API (CVE-2026-26103)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2433719", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2433719", "description": ""}, {"ticket": "2433717", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2433717", "description": ""}], "cves": [{"name": "CVE-2026-26103", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-26103", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "cvss3BaseScore": "7.1", "cwe": "CWE-862"}, {"name": "CVE-2026-26104", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-26104", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-862"}], "references": [], "publishedAt": "2026-03-05T09:12:24.748134Z", "rpms": {"Rocky Linux 10": {"nvras": ["udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm","udisks2-lsm-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lsm-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lsm-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.x86_64.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-0:2.10.90-6.el10_1.1.src.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.aarch64.rpm", "libudisks2-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lsm-0:2.10.90-6.el10_1.1.aarch64.rpm", "libudisks2-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm","udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Applies to Rocky Linux 10: update for udisks2 addresses security risks from missing authorization checks.. udisks2 update, Rocky Linux advisory, security issues, authorization vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 05, 2026 Important Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisoryimportantudisks2

Rocky Linux 10 kernel Key Security Enhancements RLSA-2026-3490

Important: udisks2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3476", "synopsis": "Important: udisks2 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for udisks2.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies.\n\nSecurity Fix(es):\n\n* udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API (CVE-2026-26104)\n\n* udisks: Missing Authorization Check Allows Unprivileged Users to Restore LUKS Headers via udisks D-Bus API (CVE-2026-26103)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2433719", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2433719", "description": ""}, {"ticket": "2433717", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2433717", "description": ""}], "cves": [{"name": "CVE-2026-26103", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-26103", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "cvss3BaseScore": "7.1", "cwe": "CWE-862"}, {"name": "CVE-2026-26104", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-26104", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-862"}], "references": [], "publishedAt": "2026-03-05T09:12:24.748134Z", "rpms": {"Rocky Linux 10": {"nvras": ["udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm","udisks2-lsm-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lsm-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lsm-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.x86_64.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lvm2-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm", "libudisks2-devel-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-0:2.10.90-6.el10_1.1.src.rpm", "udisks2-iscsi-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.aarch64.rpm", "libudisks2-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-lsm-0:2.10.90-6.el10_1.1.aarch64.rpm", "libudisks2-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.s390x.rpm", "udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.s390x.rpm","udisks2-iscsi-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lvm2-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-lsm-debuginfo-0:2.10.90-6.el10_1.1.ppc64le.rpm", "libudisks2-0:2.10.90-6.el10_1.1.x86_64.rpm", "udisks2-debuginfo-0:2.10.90-6.el10_1.1.aarch64.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.ppc64le.rpm", "udisks2-debugsource-0:2.10.90-6.el10_1.1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update for udisks2 affects Rocky Linux 10 with important security fixes. Critical checks missing in authorization process.. udisks2 security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 05, 2026 Important Rocky Linux
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraremote access

Fedora 41: OpenIPMI 2025-ae55d50be2 Security Advisory Updates

Update to 2.0.36 Fixes CVE-2024-42934. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ae55d50be2 2025-03-25 01:22:46.359260+00:00 -------------------------------------------------------------------------------- Name : OpenIPMI Product : Fedora 41 Version : 2.0.36 Release : 1.fc41 URL : https://sourceforge.net/projects/openipmi/ Summary : IPMI (Intelligent Platform Management Interface) library and tools Description : The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface (IPMI). This package contains the tools of the OpenIPMI project. -------------------------------------------------------------------------------- Update Information: Update to 2.0.36 Fixes CVE-2024-42934 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2024 Fedora Release Monitoring - 2.0.36-1 - Update to 2.0.36 (#2302353) - Resolves CVE-2024-42934 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2308383 - CVE-2024-42934 OpenIPMI: missing check on the authorization type on incoming LAN messages in IPMI simulator [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2308383 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ae55d50be2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . OpenIPMI update in Fedora 41 addresses critical authorization issues for enhanced security.. update, fixes, cve-2024-42934, --------------------------------------------------------------. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 25, 2025 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorydata protectionremote code execution

Red Hat Data Grid 8.1.1 RHSA-2021:0433-01 Moderate Memory Leak Issue

A security update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Data Grid 8.1.1 security update Advisory ID: RHSA-2021:0433-01 Product: Red Hat JBoss Data Grid Advisory URL: https://access.redhat.com/errata/RHSA-2021:0433 Issue date: 2021-02-08 CVE Names: CVE-2020-25644 CVE-2020-25711 CVE-2020-26217 ==================================================================== 1. Summary: A security update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.1.1 serves as a replacement for Red Hat Data Grid 8.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644) * XStream: remote code execution due to insecure XML deserialization when relying on blocklists (CVE-2020-26217) * infinispan: authorization check missing for server management operations (CVE-2020-25711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Refer to the Data Grid 8.1 Upgrade Guide for instructions onupgrading to this version. The References section of this erratum contains a download link (you must log in to download the update). 4. Bugs fixed (https://bugzilla.redhat.com/): 1885485 - CVE-2020-25644 wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL 1897618 - CVE-2020-25711 infinispan: authorization check missing for server management operations 1898907 - CVE-2020-26217 XStream: remote code execution due to insecure XML deserialization when relying on blocklists 5. References: https://access.redhat.com/security/cve/CVE-2020-25644 https://access.redhat.com/security/cve/CVE-2020-25711 https://access.redhat.com/security/cve/CVE-2020-26217 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid&downloadType=securityPatches&version=8.1 https://docs.redhat.com/en/documentation/red_hat_data_grid/8.1/html/upgrading_data_grid/index 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYCE08tzjgjWX9erEAQiczA//cBXSGydb50uqm54n7mRr650w/tX/KeGy IFa++dkIoJP5aF+nkK46Z+WqSpO+TnPcq4QgOHT0z2211J8smOk1UwRzarogrR+I WkfzO4+r/2oAYJHF9vB8wlYbnFIqaOqCu3MwO+1a58A2ECOZXAKs4EivEMdcvp1+ 7VbnMU2GsgZUvVMsRPRitTJGkkL14UwYP/MZCHQRfdbrbOopjjSYCUt1hzpFmPIu 4tJCvkArKIHksXdBtbb+Y+PFop05hySRDp8ed1bJPcD8+6Lv8ezVh/i1YMdBFJ7F Nq6T7g3InpueJflvfLooZ6Nlf8T+Ar8Dsv6e+6kmSpUQPxgAZJEeNSZBdvbRwVIE O8YqK4nWxxi5R1YehjuR4ax42D3rv+ZWuL8pmr90uDMcmpCp4uM8SEfmEkbhyeVQ UMYmv9oJW2oayvGlKvCkdFoLcN6kdkLmHIAPqdh8QnyuG6GlAxozsJ+566k4gWgI HYLY62IOBHbsBE9dzCIqBSk3/+GvGmnzdEQd+R6a/xRmQ83In2J6BzGbZkzkOvUj 4rqS74Q2YV+hG4PRtlRO9EDolYOLARMW1qJQrWtbwdgXDt9mjPEPXw9FoHpUYitz c0wPDE5hbdp8uwarYP7SuHXLRrCBedHx0reGQyHzBtrJtfqRPWVKd43jeUkUt22R R/ZChTj5mZQ=m0Gn -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical patch release for Ubuntu Server 20.04.5 resolvessignificant vulnerabilities such as buffer overflow and potential data breach.. Red Hat Data Grid, security update, memory leak issues, remote code execution. . LinuxSecurity.com Team

Calendar 2 Feb 08, 2021 Red Hat
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesecurity update

SUSE: 2020:0752-1 Moderate: PostgreSQL10 Authorization Check Issue

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for postgresql10 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0752-1 Rating: moderate References: #1163985 Cross-References: CVE-2020-1720 Affected Products: SUSE Linux Enterprise Module for Server Applications 15-SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Basesystem 15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension (bsc#1163985). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15-SP1: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2020-752=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-752=1 - SUSE Linux Enterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-752=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15-SP1 (aarch64 ppc64le s390x x86_64): libecpg6-10.12-8.9.1 libecpg6-debuginfo-10.12-8.9.1 postgresql10-contrib-10.12-8.9.1 postgresql10-contrib-debuginfo-10.12-8.9.1 postgresql10-debuginfo-10.12-8.9.1 postgresql10-debugsource-10.12-8.9.1 postgresql10-devel-10.12-8.9.1 postgresql10-devel-debuginfo-10.12-8.9.1 postgresql10-plperl-10.12-8.9.1 postgresql10-plperl-debuginfo-10.12-8.9.1 postgresql10-plpython-10.12-8.9.1 postgresql10-plpython-debuginfo-10.12-8.9.1 postgresql10-pltcl-10.12-8.9.1 postgresql10-pltcl-debuginfo-10.12-8.9.1 postgresql10-server-10.12-8.9.1 postgresql10-server-debuginfo-10.12-8.9.1 - SUSE Linux Enterprise Module for Server Applications 15-SP1 (noarch): postgresql10-docs-10.12-8.9.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): postgresql10-debuginfo-10.12-8.9.1 postgresql10-debugsource-10.12-8.9.1 postgresql10-test-10.12-8.9.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (x86_64): libecpg6-32bit-10.12-8.9.1 libecpg6-32bit-debuginfo-10.12-8.9.1 libpq5-32bit-10.12-8.9.1 libpq5-32bit-debuginfo-10.12-8.9.1 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): libpq5-10.12-8.9.1 libpq5-debuginfo-10.12-8.9.1 postgresql10-10.12-8.9.1 postgresql10-debuginfo-10.12-8.9.1 postgresql10-debugsource-10.12-8.9.1 References: https://www.suse.com/security/cve/CVE-2020-1720.html https://bugzilla.suse.com/1163985 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Update for postgresql12 resolves a serious issue with guidance for impacted software.. SUSE Linux, postgresql, security update, authorization issue, server applications. . LinuxSecurity.com Team

Calendar 2 Mar 23, 2020 SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updatelow severity

SUSE: 2020:0715-1 Low: postgresql10 Missing Authorization Check

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for postgresql10 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0715-1 Rating: low References: #1163985 Cross-References: CVE-2020-1720 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Desktop 12-SP4 SUSE Enterprise Storage 5 HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension (bsc#1163985). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-715=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2020-715=1 - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-715=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-715=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-715=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-715=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-715=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2020-715=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-715=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-715=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-715=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-715=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-715=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-715=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2020-715=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2020-715=1 - SUSE Enterprise Storage 5: zypper in -t patch SUSE-Storage-5-2020-715=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2020-715=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE OpenStack Cloud 8 (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE OpenStack Cloud 8 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE OpenStack Cloud 7 (s390x x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE OpenStack Cloud 7 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): postgresql10-devel-10.12-1.18.1 postgresql10-devel-debuginfo-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): postgresql10-devel-10.12-1.18.1 postgresql10-devel-debuginfo-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux Enterprise Server forSAP 12-SP3 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP4 (s390x x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux EnterpriseServer 12-SP4 (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP3-BCL (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (s390x x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch): postgresql10-docs-10.12-1.18.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 - SUSE Enterprise Storage 5 (aarch64 x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 - SUSE Enterprise Storage 5 (x86_64): libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 - SUSE Enterprise Storage 5 (noarch): postgresql10-docs-10.12-1.18.1 - HPE Helion Openstack 8 (noarch): postgresql10-docs-10.12-1.18.1 - HPE Helion Openstack 8 (x86_64): libecpg6-10.12-1.18.1 libecpg6-debuginfo-10.12-1.18.1 libpq5-10.12-1.18.1 libpq5-32bit-10.12-1.18.1 libpq5-debuginfo-10.12-1.18.1 libpq5-debuginfo-32bit-10.12-1.18.1 postgresql10-10.12-1.18.1 postgresql10-contrib-10.12-1.18.1 postgresql10-contrib-debuginfo-10.12-1.18.1 postgresql10-debuginfo-10.12-1.18.1 postgresql10-debugsource-10.12-1.18.1 postgresql10-libs-debugsource-10.12-1.18.1 postgresql10-plperl-10.12-1.18.1 postgresql10-plperl-debuginfo-10.12-1.18.1 postgresql10-plpython-10.12-1.18.1 postgresql10-plpython-debuginfo-10.12-1.18.1 postgresql10-pltcl-10.12-1.18.1 postgresql10-pltcl-debuginfo-10.12-1.18.1 postgresql10-server-10.12-1.18.1 postgresql10-server-debuginfo-10.12-1.18.1 References: https://www.suse.com/security/cve/CVE-2020-1720.html https://bugzilla.suse.com/1163985 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Patch for postgresql12 resolves CVE-2021-XXXX with minimal risk, outlining procedures for software refresh.. SUSE Security Update, postgresql10 patch, software maintenance. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Mar 18, 2020 Low SuSE
Banner 4 1028x280 1708121825 1771600306
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryattack vectorpostgresql

Mageia: 2020-0095 Moderate: PostgreSQL Unauthorized Function Drop

Updated postgresql9.6 and postgresql11 packages fix security vulnerability: The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. This attack is . MGASA-2020-0095 - Updated postgresql packages fix security vulnerability Publication date: 21 Feb 2020 URL: https://advisories.mageia.org/MGASA-2020-0095.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-1720 Updated postgresql9.6 and postgresql11 packages fix security vulnerability: The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. This attack is possible if an administrator has installed an extension and an unprivileged user can CREATE, or an extension owner either executes DROP EXTENSION predictably or can be convinced to execute DROP EXTENSION (CVE-2020-1720). References: - https://bugs.mageia.org/show_bug.cgi?id=26196 - https://www.postgresql.org/about/news/postgresql-122-117-1012-9617-9521-and-9426-released-2011/ - https://www.cve.org/CVERecord?id=CVE-2020-1720 SRPMS: - 7/core/postgresql9.6-9.6.17-1.mga7 - 7/core/postgresql11-11.7-1.mga7 . Updates to the PostgreSQL package resolve a security flaw that allows unauthorized individuals to eliminate functions in specific scenarios.. PostgreSQL Security, Mageia Update, Security Advisory, Unprivileged User Exploit. . LinuxSecurity.com Team

Calendar 2 Feb 21, 2020 Mageia
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 8 Jessie: DLA-2105-1 Critical: PostgreSQL Access Control Fix

Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks. For Debian 8 "Jessie", this problem has been fixed in version . Package : postgresql-9.4 Version : 9.4.26-0+deb8u1 CVE ID : CVE-2020-1720 Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks. For Debian 8 "Jessie", this problem has been fixed in version 9.4.26-0+deb8u1. We recommend that you upgrade your postgresql-9.4_9.4.26-0+deb8u1 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . To enhance the security of your Debian 8 Jessie system, it is essential to update your postgresql-9.4 package to address significant authorization verification vulnerabilities.. Debian Security Update, PostgreSQL Authorization, Debian LTS Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 17, 2020 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here