Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (2)

Dovecot (141)

debian (8034)

denial of service (18299)

important (27751)

information leak (1384)

security advisory (114945)

critical (18622)

gsasl (5)

security update (9017)

SuSE (3977)

Debian LTS (1)

Fedora (4)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.51%)

78.51% votes

Formal training or courses (4.3%)

4.3% votes

A job that required it (4.87%)

4.87% votes

Other (12.32%)

12.32% votes

[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -4 articles for you...

security advisorycriticalFedora

Fedora 27: Critical Quagga Double Free Security Advisory

Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-9cd3ff3784 2018-03-06 17:17:51.856062 --------------------------------------------------------------------------------Name : quagga Product : Fedora 27 Version : 1.2.2 Release : 2.fc27 URL : Summary : Routing daemon Description : Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SSM and NHRP. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. --------------------------------------------------------------------------------Update Information: Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing --------------------------------------------------------------------------------References: [ 1 ] Bug #1546008 - CVE-2018-5379 quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546008 [ 2 ] Bug #1546006 - CVE-2018-5380 quagga: bgpd can overrun internal BGP code-to-string conversion tables potentially allowing crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546006 [ 3 ] Bug #1546004 - CVE-2018-5381 quagga: Infinite loop issue triggered by invalid OPEN message allows denial-of-service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546004 [ 4 ] Bug #1546009 - CVE-2018-5378 quagga: bgpd does not properly bounds check the data sent with aNOTIFY allowing leak of sensitive data or crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546009 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade quagga' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Quagga security patch for Fedora addresses a double free vulnerability in bgpd. Critical update for network stability and protection.. Quagga Security Update,Fedora Security Fix,Routing Daemon Patch. . Severity: Critical. LinuxSecurity.com Team

Mar 06, 2018 •Critical Fedora

security advisorycriticalFedora

Ubuntu 20.04: 2022-acbdef1234 Urgent: BIND Memory Leak Patch

Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-9cd3ff3784 2018-03-06 17:17:51.856062 --------------------------------------------------------------------------------Name : quagga Product : Fedora 27 Version : 1.2.2 Release : 2.fc27 URL : Summary : Routing daemon Description : Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SSM and NHRP. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. --------------------------------------------------------------------------------Update Information: Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing --------------------------------------------------------------------------------References: [ 1 ] Bug #1546008 - CVE-2018-5379 quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546008 [ 2 ] Bug #1546006 - CVE-2018-5380 quagga: bgpd can overrun internal BGP code-to-string conversion tables potentially allowing crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546006 [ 3 ] Bug #1546004 - CVE-2018-5381 quagga: Infinite loop issue triggered by invalid OPEN message allows denial-of-service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546004 [ 4 ] Bug #1546009 - CVE-2018-5378 quagga: bgpd does not properly bounds check the data sent with aNOTIFY allowing leak of sensitive data or crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546009 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade quagga' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . To resolve the double free problem in Quagga's bgpd on Fedora 27, analyze memory management for safe allocation and deallocation, ensuring security. Fedora Update, Quagga Security, BGP Protocol, Double Free Issue. . Severity: Critical. LinuxSecurity.com Team

Mar 06, 2018 •Critical Fedora

security advisoryFedoramoderate severity

Fedora 26: 2018-b3e985489b Moderate: Quagga Double Free, bgpd Crash

Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-b3e985489b 2018-03-06 17:26:39.510841 --------------------------------------------------------------------------------Name : quagga Product : Fedora 26 Version : 1.2.2 Release : 2.fc26 URL : Summary : Routing daemon Description : Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SSM and NHRP. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. --------------------------------------------------------------------------------Update Information: Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing --------------------------------------------------------------------------------References: [ 1 ] Bug #1546008 - CVE-2018-5379 quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546008 [ 2 ] Bug #1546006 - CVE-2018-5380 quagga: bgpd can overrun internal BGP code-to-string conversion tables potentially allowing crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546006 [ 3 ] Bug #1546004 - CVE-2018-5381 quagga: Infinite loop issue triggered by invalid OPEN message allows denial-of-service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546004 [ 4 ] Bug #1546009 - CVE-2018-5378 quagga: bgpd does not properly bounds check the data sent with aNOTIFY allowing leak of sensitive data or crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546009 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade quagga' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 26 has released a crucial security update for the Quagga routing daemon, resolving a critical double free vulnerability in bgpd, ensuring user safety.. Quagga Routing, Fedora 26 Update, Security Advisory, Double Free Issue, BGP Daemon. . LinuxSecurity.com Team

Mar 06, 2018 Fedora

security advisorymoderatesecurity issue

Fedora 26: 2020-a3c9d6e4c Moderate: Quagga Heap Overflow in bgpd

Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-b3e985489b 2018-03-06 17:26:39.510841 --------------------------------------------------------------------------------Name : quagga Product : Fedora 26 Version : 1.2.2 Release : 2.fc26 URL : Summary : Routing daemon Description : Quagga is free software that operates TCP/IP-based routing protocols. It takes a multi-server and multi-threaded approach to resolving the current complexity of the Internet. Quagga supports Babel, BGP4, BGP4+, BGP4-, IS-IS (experimental), OSPFv2, OSPFv3, RIPv1, RIPv2, RIPng, PIM-SSM and NHRP. Quagga is intended to be used as a Route Server and a Route Reflector. It is not a toolkit; it provides full routing power under a new architecture. Quagga by design has a process for each protocol. Quagga is a fork of GNU Zebra. --------------------------------------------------------------------------------Update Information: Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing --------------------------------------------------------------------------------References: [ 1 ] Bug #1546008 - CVE-2018-5379 quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546008 [ 2 ] Bug #1546006 - CVE-2018-5380 quagga: bgpd can overrun internal BGP code-to-string conversion tables potentially allowing crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546006 [ 3 ] Bug #1546004 - CVE-2018-5381 quagga: Infinite loop issue triggered by invalid OPEN message allows denial-of-service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546004 [ 4 ] Bug #1546009 - CVE-2018-5378 quagga: bgpd does not properly bounds check the data sent with aNOTIFY allowing leak of sensitive data or crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1546009 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade quagga' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant patch for Quagga in Fedora 26 addresses a severe vulnerability associated with double free errors in bgpd, linked to CVE-2018-5379.. quagga security,Fedora security,double free bug,bgpd update. . LinuxSecurity.com Team

Mar 06, 2018 Fedora

197

security advisorycritical issueDebian

Debian Jessie: DLA-1234-2 High: Exim Mail Server Vulnerability

It was discovered that the bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment AS_PATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity. . Hash: SHA512 Package : quagga Version : quagga_0.99.22.4-1+wheezy3+deb7u2 CVE ID : CVE-2017-16227 Debian Bug : 879474 It was discovered that the bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment AS_PATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity. For Debian 7 "Wheezy", these problems have been fixed in version quagga_0.99.22.4-1+wheezy3+deb7u2. We recommend that you upgrade your quagga packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Explore the latest quagga patch addressing network instability caused by bgpd connection failures and AS_PATH computation errors in Debian systems.. Quagga Security, Debian Update, bgpd Fix. . LinuxSecurity.com Team

Oct 31, 2017 Debian LTS

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.51%)

78.51% votes

Formal training or courses (4.3%)

4.3% votes

A job that required it (4.87%)

4.87% votes

Other (12.32%)

12.32% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 27: Critical Quagga Double Free Security Advisory

Ubuntu 20.04: 2022-acbdef1234 Urgent: BIND Memory Leak Patch

Fedora 26: 2018-b3e985489b Moderate: Quagga Double Free, bgpd Crash

Fedora 26: 2020-a3c9d6e4c Moderate: Quagga Heap Overflow in bgpd

Debian Jessie: DLA-1234-2 High: Exim Mail Server Vulnerability

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!