Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 11 rlottie Critical Boundary Check Issue DLA-4474-1 CVE-2025-0634

Several issues have been found in rlottie, a library for rendering vector based animations and art. Most of these CVEs have been already fixed by Fix-crash-on-invalid-data.patch in a previous upload. The remaining boundary check has now been fixed as well. For Debian 11 bullseye, these problems have been fixed in version. Debian LTS Advisory DLA-4474-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz February 09, 2026 https://wiki.debian.org/LTS Package : rlottie Version : 0.1+dfsg-2+deb11u1 CVE ID : CVE-2025-0634 CVE-2025-53074 CVE-2025-53075 Several issues have been found in rlottie, a library for rendering vector based animations and art. Most of these CVEs have been already fixed by Fix-crash-on-invalid-data.patch in a previous upload. The remaining boundary check has now been fixed as well. For Debian 11 bullseye, these problems have been fixed in version 0.1+dfsg-2+deb11u1. We recommend that you upgrade your rlottie packages. For the detailed security status of rlottie please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/rlottie Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Critical update for rlottie in Debian LTS resolves boundary check issues and improves security.. Debian LTS, rlottie, critical update, boundary check, security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 09, 2026 Critical Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorymoderatedebian

Debian Jessie DSA-3829-1: Moderate Bouncy Castle Info Leak Fix

Quan Nguyen discovered that a missing boundary check in the Galois/Counter mode implementation of Bouncy Castle (a Java implementation of cryptographic algorithms) may result in information disclosure. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3829-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 11, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bouncycastle CVE ID : CVE-2015-6644 Quan Nguyen discovered that a missing boundary check in the Galois/Counter mode implementation of Bouncy Castle (a Java implementation of cryptographic algorithms) may result in information disclosure. For the stable distribution (jessie), this problem has been fixed in version 1.49+dfsg-3+deb8u2. For the upcoming stable distribution (stretch), this problem has been fixed in version 1.54-1. For the unstable distribution (sid), this problem has been fixed in version 1.54-1. We recommend that you upgrade your bouncycastle packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-3850-1 pertains to a vulnerability in OpenSSL that could allow unauthorized access to sensitive information.. Debian Security Advisory,Bouncy Castle Update,Information Disclosure Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 11, 2017 Important Debian
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryhigh severityphp

Debian: DSA-2974-1 High Severity: Multiple PHP Boundary Issues

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: . - ------------------------------------------------------------------------- Debian Security Advisory DSA-2974-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Salvatore Bonaccorso July 08, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-4721 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0207 Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_read_short_sector() function. CVE-2014-3478 Francisco Alonso of the Red Hat Security Response Team discovered a flaw in the way the truncated pascal string size in the mconvert() function is computed. CVE-2014-3479 Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_check_stream_offset() function. CVE-2014-3480 Francisco Alonso of the Red Hat Security Response Team reported an insufficient boundary check in the cdf_count_chain() function. CVE-2014-3487 Francisco Alonso of the Red Hat Security Response Team discovered an incorrect boundary check in the cdf_read_property_info() funtion. CVE-2014-3515 Stefan Esser discovered that the ArrayObject and the SPLObjectStorage unserialize() handler do not verify the type of unserialized data before using it. A remote attacker could use this flaw to execute arbitrary code. CVE-2014-4721 StefanEsser discovered a type confusion issue affecting phpinfo(), which might allow an attacker to obtain sensitive information from process memory. For the stable distribution (wheezy), these problems have been fixed in version 5.4.4-14+deb7u12. In addition, this update contains several bugfixes originally targeted for the upcoming Wheezy point release. For the testing distribution (jessie), these problems have been fixed in version 5.6.0~rc2+dfsg-1. For the unstable distribution (sid), these problems have been fixed in version 5.6.0~rc2+dfsg-1. We recommend that you upgrade your php5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Update your php5 packages on Debian to improve security following the vulnerabilities identified in the scripting environment.. Debian PHP5 Security Update, Web Application Security, PHP Issues. . LinuxSecurity.com Team

Calendar 2 Jul 08, 2014 Debian
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 10 Ghostscript Update: Critical Buffer Overflow Remediation

This update fixes several security flaws: CVE-2009-0792 (multiple integer overflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing boundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in pdfwrite device).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-3709 2009-04-15 21:11:44 --------------------------------------------------------------------------------Name : ghostscript Product : Fedora 10 Version : 8.63 Release : 6.fc10 URL : https://www.ghostscript.com/ Summary : A PostScript(TM) interpreter and renderer. Description : Ghostscript is a set of software that provides a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. --------------------------------------------------------------------------------Update Information: This update fixes several security flaws: CVE-2009-0792 (multiple integer overflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing boundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in pdfwrite device). --------------------------------------------------------------------------------ChangeLog: * Wed Apr 15 2009 Tim Waugh 8.63-6 - Applied patch to fix CVE-2009-0792 (bug #491853). - Applied patch to fix CVE-2009-0196 (bug #493379). - Applied patch to fix CVE-2008-6679 (bug #493445). * FriMar 20 2009 Tim Waugh 8.63-5 - Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584 (bug #487744). --------------------------------------------------------------------------------References: [ 1 ] Bug #493445 - CVE-2008-6679 ghostscript: Buffer overflow in BaseFont writer module for pdfwrite defice https://bugzilla.redhat.com/show_bug.cgi?id=493445 [ 2 ] Bug #493379 - CVE-2009-0196 ghostscript: Missing boundary check in Ghostscript's jbig2dec library https://bugzilla.redhat.com/show_bug.cgi?id=493379 [ 3 ] Bug #491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583 https://bugzilla.redhat.com/show_bug.cgi?id=491853 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update ghostscript' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . This release fixes significant vulnerabilities in ImageMagick impacting Debian 9, improving security and performance.. Fedora Update, Ghostscript Security Fix, Critical Flaw Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 15, 2009 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian GNU/Linux 3.1 DSA 1142-1 Critical: Freeciv Remote Exec

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1142-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze August 4th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : freeciv Vulnerability : missing bouncary checks Problem type : remote Debian-specific: no CVE ID : CVE-2006-3913 BugTraq ID : 19117 Debian Bug : 381378 Luigi Auriemma discovered missing boundary checks in freeciv, a clone of the well known Civilisation game, which can be exploited by remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. For the stable distribution (sarge) these problems have been fixed in version 2.0.1-1sarge2. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your freeciv package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 997 18498d24b54250ab8af555d1d37a58f8 Size/MD5 checksum: 45177 f4ec2a9e5c535f8575f82da1acb31786 Size/MD5 checksum: 11086541 2deea98d258138325f590ec52d530a96 Architecture independent components: Size/MD5 checksum: 3843642 7549950e9a2603c30dea3996d90a501b Size/MD5 checksum: 11486 2eb9487aa46c184425c2ee753aeea408 Size/MD5 checksum: 11488 b76ae39e8da49198ea7b4f22fc4d4d61 Size/MD5 checksum: 11476 313b69df56d17e4b4ce355828a4931bc Alpha architecture: Size/MD5 checksum: 590380 3a46c7102fb7720c6b22c9260bd6e0e0 Size/MD5 checksum: 514700 a61852b93a19a6081529c52592a2c01d Size/MD5 checksum: 591250 6489e88abf589ae4c551197f00ed2a76 AMD64 architecture: Size/MD5 checksum: 476452 88e8b7db6194537fa688d17942bcdae2 Size/MD5 checksum: 409102 c0f9a3698267f94f2549844c039cb28e Size/MD5 checksum: 465952 17f7e28d44dd3e92419fd3c7b421581c ARM architecture: Size/MD5 checksum: 423188 b18cb6fa46ab087b9f40192262864d6a Size/MD5 checksum: 361720 38d5539132b1353c9936a8712ff02a52 Size/MD5 checksum: 419792 7c93feca1fe53d90b021322c7682d111 Intel IA-32 architecture: Size/MD5 checksum: 440948 3702e9ac054ba9ec5a92447622bc01ac Size/MD5 checksum: 366832 7a3ec68f830307fb2cba056fa32e370b Size/MD5 checksum: 430298 981b279b36cabff252e6a91d22573bb4 Intel IA-64 architecture: Size/MD5 checksum: 659204 c74609605998269044046cbf22542a15 Size/MD5 checksum: 582314 0dc7ef5486694446014b99950c1dca4e Size/MD5 checksum: 684488 ff9b193af4be8186cb15e6baba922b59 HP Precision architecture: Size/MD5 checksum: 497434 9f26b32389fa0202d95e8deae0af5684 Size/MD5 checksum: 430048 5bb2ab51d5df4d835c153dedd37d141e Size/MD5 checksum: 491856 bea4c5a866f2c438a02ff0e31cfaf4ae Motorola 680x0 architecture: Size/MD5 checksum: 373434 c09262a7902569f53880ea08f33a8676 Size/MD5 checksum: 306794 8889d4409be406bbbd12fec876f9b363 Size/MD5 checksum: 355074 c2cb934868408d9e65abf96d8545f943 Big endian MIPS architecture: Size/MD5 checksum: 454590 bea2a98c3167d1edf978dce16d21201d Size/MD5 checksum: 42581257f82500284148e5339f9c356b801bb2 Size/MD5 checksum: 479602 4adeaeeda8106e690a5ff98139f756a6 Little endian MIPS architecture: Size/MD5 checksum: 453720 6c3b76369a22f49b72e7c137391cc6ac Size/MD5 checksum: 424618 c5ddd9950387d3df225781e161c26e6d Size/MD5 checksum: 481472 9a016d4dbaa24ff2de7413450da9e4cc PowerPC architecture: Size/MD5 checksum: 456204 50e3f85bdda583cf075555a833c06ad6 Size/MD5 checksum: 393738 7bb561e2df36d0435f392168a100d64d Size/MD5 checksum: 460074 8a5c403853f1a953249430b8a09e40ed IBM S/390 architecture: Size/MD5 checksum: 460912 de810a4e95df7e151c14fee404a8450c Size/MD5 checksum: 395748 ee388ca83a3ff6e97e13e605983eea8b Size/MD5 checksum: 448188 3e104b06fe2de82396bb7e0148a10e78 Sun Sparc architecture: Size/MD5 checksum: 423448 332e72e600c0dd5b8c2278b239654a6f Size/MD5 checksum: 360112 2ea0092164c79b2eb235fa26ee93dadd Size/MD5 checksum: 421234 1f0355398a7737cb6b04a07978417415 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance security by updating Freeciv packages on your Debian system. Follow the steps to ensure you're protected against vulnerabilities.. Debian Security, Freeciv Update, Remote Execution Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 04, 2006 Critical Debian
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatcritical

Red Hat 7: RHSA-2001:092-02 xinetd Important Buffer Overflow Threat

A boundary checking case in xinetd's string handling was fixed in the 2.3.0 release of xinetd.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated xinetd package available for Red Hat Linux 7 and 7.1 Advisory ID: RHSA-2001:092-02 Issue date: 2001-07-03 Updated on: 2001-07-06 Product: Red Hat Linux Keywords: xinetd umask 2.4 kernel identd Cross references: Obsoletes: RHSA-2001:075 --------------------------------------------------------------------- 1. Topic: A vulnerability has been found in xinetd's string handling. 2. Relevant releases/architectures: Red Hat Linux 7.0 - alpha, i386 Red Hat Linux 7.1 - alpha, i386 3. Problem description: A boundary checking case in xinetd's string handling was fixed in the 2.3.0 release of xinetd. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 6. RPMs required: Red Hat Linux 7.0: SRPMS: alpha: i386: Red Hat Linux 7.1: SRPMS: alpha: i386: 7. Verification: MD5 sum PackageName -------------------------------------------------------------------------- cf2d969d79d7061ef0cf539f9a846de6 7.0/en/os/SRPMS/xinetd-2.3.0-1.71.src.rpm bf759f5eebb7aa1ff571ef1867c65f70 7.0/en/os/alpha/xinetd-2.3.0-1.71.alpha.rpm af532d612480937736f76b6fbeb8218d 7.0/en/os/i386/xinetd-2.3.0-1.71.i386.rpm cf2d969d79d7061ef0cf539f9a846de6 7.1/en/os/SRPMS/xinetd-2.3.0-1.71.src.rpm bf759f5eebb7aa1ff571ef1867c65f70 7.1/en/os/alpha/xinetd-2.3.0-1.71.alpha.rpm af532d612480937736f76b6fbeb8218d 7.1/en/os/i386/xinetd-2.3.0-1.71.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000, 2001 Red Hat, Inc. `. A recent patch for the sshd service addresses a critical memory leak issue in Fedora OS, enhancing the overall integrity of the system's security framework.. Red Hat Linux,xinetd Patch,System Security Improvement. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 07, 2001 Important Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here