Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorypatchimportant

OpenSUSE 15.6: SUSE-SU-2024:2905-1 Important: WebKit2GTK3 Issues

* bsc#1228613 * bsc#1228693 * bsc#1228694 * bsc#1228695 . # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:2905-1 Rating: important References: * bsc#1228613 * bsc#1228693 * bsc#1228694 * bsc#1228695 Cross-References: * CVE-2024-40776 * CVE-2024-40779 * CVE-2024-40780 * CVE-2024-40782 CVSS scores: * CVE-2024-40776 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-40776 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2024-40779 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40780 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40782 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2024-40776: Fixed a use-after-free issue with improved memory management (bsc#1228613). * CVE-2024-40779: Fixed a out-of-bounds read with improved bounds checking (bsc#1228693). * CVE-2024-40780: Fixed another out-of-bounds read with improved bounds checking (bsc#1228694). * CVE-2024-40782: Fixed a second use-after-free issue with improved memory management (bsc#1228695). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2905=1 openSUSE-SLE-15.6-2024-2905=1 * Basesystem Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP6-2024-2905=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2905=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2905=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.0-lang-2.44.2-150600.12.6.1 * WebKitGTK-6.0-lang-2.44.2-150600.12.6.1 * WebKitGTK-4.1-lang-2.44.2-150600.12.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * webkit2gtk3-soup2-minibrowser-2.44.2-150600.12.6.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.2-150600.12.6.1 * typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.6.1 * webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.6.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.2-150600.12.6.1 * webkit2gtk3-minibrowser-2.44.2-150600.12.6.1 * webkitgtk-6_0-injected-bundles-2.44.2-150600.12.6.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-2.44.2-150600.12.6.1 * typelib-1_0-WebKit-6_0-2.44.2-150600.12.6.1 * webkit2gtk4-devel-2.44.2-150600.12.6.1 * webkit2gtk3-soup2-devel-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-2.44.2-150600.12.6.1 * webkit-jsc-4-debuginfo-2.44.2-150600.12.6.1 * libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1 * libwebkitgtk-6_0-4-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.2-150600.12.6.1 * webkit2gtk4-minibrowser-2.44.2-150600.12.6.1 * typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.6.1 * webkit2gtk4-debugsource-2.44.2-150600.12.6.1 * webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.6.1 * webkit2gtk3-debugsource-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-2.44.2-150600.12.6.1 * webkit2gtk3-minibrowser-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.2-150600.12.6.1 *webkit2gtk4-minibrowser-debuginfo-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2-4_0-2.44.2-150600.12.6.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.2-150600.12.6.1 * webkit-jsc-4.1-2.44.2-150600.12.6.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.6.1 * typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.6.1 * webkit2gtk3-soup2-debugsource-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.6.1 * webkit-jsc-4.1-debuginfo-2.44.2-150600.12.6.1 * webkit-jsc-6.0-2.44.2-150600.12.6.1 * webkit-jsc-6.0-debuginfo-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.2-150600.12.6.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1 * webkit-jsc-4-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.6.1 * libwebkitgtk-6_0-4-debuginfo-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2-4_1-2.44.2-150600.12.6.1 * webkit2gtk3-devel-2.44.2-150600.12.6.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-32bit-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-32bit-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-32bit-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.2-150600.12.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-64bit-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-64bit-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-64bit-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_0-18-64bit-2.44.2-150600.12.6.1 *libwebkit2gtk-4_0-37-64bit-debuginfo-2.44.2-150600.12.6.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-4.0-lang-2.44.2-150600.12.6.1 * WebKitGTK-6.0-lang-2.44.2-150600.12.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.6.1 * typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.6.1 * webkit2gtk3-soup2-devel-2.44.2-150600.12.6.1 * webkit2gtk4-debugsource-2.44.2-150600.12.6.1 * libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-2.44.2-150600.12.6.1 * libwebkitgtk-6_0-4-debuginfo-2.44.2-150600.12.6.1 * webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1 * libwebkitgtk-6_0-4-2.44.2-150600.12.6.1 * webkitgtk-6_0-injected-bundles-2.44.2-150600.12.6.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.2-150600.12.6.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2-4_0-2.44.2-150600.12.6.1 * webkit2gtk3-soup2-debugsource-2.44.2-150600.12.6.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.44.2-150600.12.6.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_1-0-2.44.2-150600.12.6.1 * typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-2.44.2-150600.12.6.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.2-150600.12.6.1 * webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.6.1 * webkit2gtk3-debugsource-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.6.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.2-150600.12.6.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.2-150600.12.6.1 * typelib-1_0-WebKit2-4_1-2.44.2-150600.12.6.1 *webkit2gtk3-devel-2.44.2-150600.12.6.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit-6_0-2.44.2-150600.12.6.1 * typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.6.1 * webkit2gtk4-devel-2.44.2-150600.12.6.1 * webkit2gtk4-debugsource-2.44.2-150600.12.6.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40776.html * https://www.suse.com/security/cve/CVE-2024-40779.html * https://www.suse.com/security/cve/CVE-2024-40780.html * https://www.suse.com/security/cve/CVE-2024-40782.html * https://bugzilla.suse.com/show_bug.cgi?id=1228613 * https://bugzilla.suse.com/show_bug.cgi?id=1228693 * https://bugzilla.suse.com/show_bug.cgi?id=1228694 * https://bugzilla.suse.com/show_bug.cgi?id=1228695 . SUSE releases a security patch for webkit2gtk3, resolving significant vulnerabilities related to memory handling issues.. Security Advisories, SUSE Update, Webkit2GTK3 Security Issues, Important Security Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 14, 2024 Important SuSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicekernel

Ubuntu 20.04 LTS: Important Kernel Updates for USN-4389-1 Released

Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-4389-1 June 09, 2020 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems Details: It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067) It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543) Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114) It was discovered that the USB susbsystem's scatter-gather implementation in the Linux kernel did not properly take data references in some situations, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12464) Bui Quang Minh discovered that the XDP socket implementation inthe Linux kernel did not properly validate meta-data passed from user space, leading to an out-of-bounds write vulnerability. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12659) Dmitry Vyukov discovered that the SELinux netlink security hook in the Linux kernel did not validate messages in some situations. A privileged attacker could use this to bypass SELinux netlink restrictions. (CVE-2020-10751) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1015-aws 5.4.0-1015.15 linux-image-5.4.0-1015-gcp 5.4.0-1015.15 linux-image-5.4.0-1015-kvm 5.4.0-1015.15 linux-image-5.4.0-1015-oracle 5.4.0-1015.15 linux-image-5.4.0-1016-azure 5.4.0-1016.16 linux-image-5.4.0-37-generic 5.4.0-37.41 linux-image-5.4.0-37-generic-lpae 5.4.0-37.41 linux-image-5.4.0-37-lowlatency 5.4.0-37.41 linux-image-aws 5.4.0.1015.16 linux-image-azure 5.4.0.1016.16 linux-image-gcp 5.4.0.1015.14 linux-image-generic 5.4.0.37.40 linux-image-generic-hwe-20.04 5.4.0.37.40 linux-image-generic-lpae 5.4.0.37.40 linux-image-generic-lpae-hwe-20.04 5.4.0.37.40 linux-image-gke 5.4.0.1015.14 linux-image-kvm 5.4.0.1015.14 linux-image-lowlatency 5.4.0.37.40 linux-image-lowlatency-hwe-20.04 5.4.0.37.40 linux-image-oem 5.4.0.37.40 linux-image-oem-osp1 5.4.0.37.40 linux-image-oracle 5.4.0.1015.14 linux-image-virtual 5.4.0.37.40 linux-image-virtual-hwe-20.04 5.4.0.37.40 Please note that the mitigation for CVE-2020-0543 requires a processor microcode update to be applied, either from your system manufacturer or via the intel-microcode package. The kernel update for this issue provides the ability to disable the mitigation and toreport vulnerability status. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4389-1 CVE-2020-0067, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-12659, https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS Package Information: https://launchpad.net/ubuntu/+source/linux/5.4.0-37.41 https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1015.15 https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1016.16 https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1015.15 https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1015.15 https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1015.15 . Several vulnerabilities tackled within Ubuntu's Linux kernel remedy risk leaking confidential data and triggering unexpected system failures.. Ubuntu kernel security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 09, 2020 Important Ubuntu
Banner 4 1028x280 1708121825 1771600306
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecode execution

Ubuntu: 7.10 USN-541-1 Essential: JPEG Buffer Overflow Vulnerability

Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. . =========================================================== Ubuntu Security Notice USN-540-1 November 13, 2007 flac vulnerability CVE-2007-4619 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libflac7 1.1.2-3ubuntu1.1 Ubuntu 6.10: libflac7 1.1.2-5ubuntu1.1 Ubuntu 7.04: libflac7 1.1.2-5ubuntu2.1 Ubuntu 7.10: libflac8 1.1.4-3ubuntu1.1 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 284604 feb27a6426a007bc2a0a78eeec6de3d0 Size/MD5: 824 be82d3e74ad7aaaa5f0b2c4dbb9fad7f Size/MD5: 1516235 2bfc127cdda02834d0491ab531a20960 Architecture independent packages: Size/MD5: 447440 4df3d8f2205048b72f0d39a497877e27 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 131746 ee4d910c7d5cea96a798e0d02aac5724 Size/MD5: 49854 e258e0a74ba286ee63bc671060460435 Size/MD5: 40408575f2f769a100003bcaf7a5dcb8d1276 Size/MD5: 185820 393768563f38beaabd141d80d636b2eb Size/MD5: 109282 6d80dec0f38582e76dd8b6f97381301e Size/MD5: 25946 18aa0a2036736e38b3ff087e78e61634 Size/MD5: 26048 d2d30fb06edfc4896952e6d5b56f816c Size/MD5: 59634 772e0c11b01ec18347b60cdc1f9b79a7 Size/MD5: 32890 925d6b56f26faea749e53eea3abcd69d Size/MD5: 61752 f6bf71d6a117216999192fbb79d90e37 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 126982 76d4a39d95baebdb6578613a63168c1a Size/MD5: 47036 b39a5d2f1f77a23786b3a1aca62046d8 Size/MD5: 41566 7085dd7d3b9123e9e213e8e111ccdc94 Size/MD5: 181756 4188bdddc96d69f9d21e626004a12086 Size/MD5: 109146 f12d216b63902992c081e9ab05f1a455 Size/MD5: 25328 db56e68ca44d17f83ee16ac472c322ea Size/MD5: 27500 6bb49b501639aa1d80a61c94936f151b Size/MD5: 55842 0ea5ffbec66b2279f382d54b57bacda9 Size/MD5: 31064 7e95e6171191d77c49dbbca70124bfb9 Size/MD5: 57524 65b57d4b9c02895de44e7bd7b4252383 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 140802 822fde1e977b7b036b5b3de87460f166 Size/MD5: 50736 638860ba370b6e1cbd6b852e73751652 Size/MD5: 39518 88bbf472fe8fcad886edc6b676f7b513 Size/MD5: 190954 d4d7a53557ff809f2be5fc5bc8675de8 Size/MD5: 112102 316b7e2980d4bd2aacf679e87a7f9145 Size/MD5: 26302 8902dc3bed607d46e26b2cc4cb4acc2f Size/MD5: 26158 e3e0b86617575ccbdd220f4ab135da21 Size/MD5: 58134 e9dfbfd38d6e1ae636028467bc68dc79 Size/MD5: 31288 4932d82f3b6f7d41667b1e8717643f2c Size/MD5: 66192 514661f89b3c635a00dd87e698fa2d3d sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 132944 30cdf2a5bb9b77cacbb4cf78d4c6b4c0 Size/MD5: 46888 3b6ab0c7a64900b451ffb9a9309373f7 Size/MD5: 37374 e04e013b18e8adf4a0f3bd775fe453e8 Size/MD5: 182794 b54d6a043d9f3d28d4a12687965f6436 Size/MD5: 104314 c26ddc80d11f746d0895b660972ffef1 Size/MD5: 25400 cdcd33682b9bb3c2611b642f7a72a71c Size/MD5: 25106 87e70c7d1841b826a8daa9c86d398405 Size/MD5: 56470 6ba4e3210ec06dc34980ef7453614e93 Size/MD5: 29348 af34729b3d05e72baad6b88c6468018e Size/MD5: 64418 2b6d2630f064e8a8274e573a1c883ac8 Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 286295 f3b707568b69697106b5f482ecddf250 Size/MD5: 824 40987dfd53261615f3ca19eb7adf50cd Size/MD5: 1516235 2bfc127cdda02834d0491ab531a20960 Architecture independent packages: Size/MD5: 447992 c6a24cf33cdc021d90241a0f13456663 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 146872 0abd625bc54393305d4387b67f652407 Size/MD5: 50808 cb51ba59f165bce96e5a19599e9d1c0e Size/MD5: 41148 806692b77f1c7f2a7dd8f2ff0a1590f8 Size/MD5: 206138 15e5dcf812a1f888474f9d8a5d29487b Size/MD5: 127762 36eb934e57e391adbce373c30d0d25e7 Size/MD5: 27760 413af7a4fb184804977e854313060680 Size/MD5: 26724 13aa68c241ea0e5cd046d3e7dcbaba0c Size/MD5: 60798 62fc078c646123913294360dd02ed699 Size/MD5: 34810 2434e06cdb018916e8438a781b16057b Size/MD5: 67998 31c571519cdfd043639741262c2215a0 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 142390 761848d18a1521b573810aa488996190 Size/MD5: 48854 da9d40ae85a2ee7e157b761a40fd29ed Size/MD5: 43038 75f41111c7aaaf250447a872e455cd0a Size/MD5: 197320 4c19d7d9c0c6f330094df179d6c50a9b Size/MD5: 124556 3b93cc5a825cfc3233ea369cca537681 Size/MD5: 27176 d6b87bfa55753079a14e2fe204eea38e Size/MD5: 28302 b8345bdb26847b7ea28da3fe372ae772 Size/MD5: 577602051423d73b08119fcf4c6c125b774e1 Size/MD5: 33536 ac2d22c68d7418742bea156349390e18 Size/MD5: 64436 dab276b0fbeeafc4521bfc8c906742d7 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 167450 11484f9e0f61bfef7c890a5ce4df99c2 Size/MD5: 53746 d9295f770b257cfee9688900aaa902dc Size/MD5: 40956 360510a2372d6cc8958f1a2e149650cd Size/MD5: 228446 0a88f0b57cda12d81e441bbbcfa1248c Size/MD5: 145508 fd2ba8b4f423e378f8492bd18614643a Size/MD5: 28852 611ac8395a6b9e692036d6d89676e6ec Size/MD5: 27000 ee87e6e313f59ff34cf6dcebf50a7db4 Size/MD5: 60566 6aac9c46411267e06939d225f05f6ec4 Size/MD5: 34622 088371577ab628f474e4b900626ea685 Size/MD5: 75390 3fc8fa0252ac90347ff99e2c92ddf728 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 148980 8a855b7c54911e80109296bb8b008f2e Size/MD5: 48264 ff972e5353d4c93e6f7cc620e128ab69 Size/MD5: 38164 74dc29e38e698b20eef48b8af425f3fa Size/MD5: 201754 3a2e6f9f3f4a4dd368edb3469bd4b348 Size/MD5: 122890 3f5fc9b86aa8d70d8de33fb195a4fc56 Size/MD5: 27400 6f88468f4c51e5ee2243d017806298da Size/MD5: 25800 f54935b0001a4f32164b2bd6d2f2298b Size/MD5: 57568 9099ea1e705a592c2756b7783169edbb Size/MD5: 30388 9bed374789481a4ac637a7fef4ab1cc2 Size/MD5: 70994 9284a0a7c36ad764436edbfb7156d98a Updated packages for Ubuntu 7.04: Source archives: Size/MD5: 286428 3a2f3b55d443cdb7caa1564a697eb533 Size/MD5: 908 4211408bad928e7ffb11f9d2c8fdf16c Size/MD5: 1516235 2bfc127cdda02834d0491ab531a20960 Architecture independent packages: Size/MD5: 448078 dd0a520052ac1b86ff0206e2bd0d8671 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 147354 0735a265a01448f06e8de7dfe8a4837d Size/MD5: 50902eb64b0e5e47ca12473f2510ed41d692c Size/MD5: 44660 9319f8cd342a00fd7ac6df5eb34b7c3e Size/MD5: 206168 ea57c2738402f58cbb5ecb1143f05650 Size/MD5: 131488 fc1c8d7ac1d3fb37f3e89017bda9de59 Size/MD5: 27860 ea22887c2e5b75ef4f411beace0924b0 Size/MD5: 28378 45b905dcf2dde7279f9d54e63eac7b91 Size/MD5: 60906 9fc105c9d9e15286dd51d27477fbf0b2 Size/MD5: 36726 50fe798e78748c94153ce73b2b8c9e8f Size/MD5: 68564 637813a1a7848cec0760774fe569c873 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 142850 58822df94784f353bbff8bf9b21f33c5 Size/MD5: 48872 30092a5922ab3ea37de326e3702c22ff Size/MD5: 47488 328925c511744dc55c3e0c6df36d16b2 Size/MD5: 197242 d05e4f526bcf5432609672474f471d0a Size/MD5: 128328 b91222628406fc1f1bdf31b2f9c6ba85 Size/MD5: 27226 9d165cf1c36a42bd36e0d0177b0b9401 Size/MD5: 30036 098cdc691b8a37893d3836d02461f5b7 Size/MD5: 57810 b79938992b27dfa92b6a220be975af65 Size/MD5: 35512 bfffd9a7079797553a7dd08dfe5c47a0 Size/MD5: 64944 dcce6c15aff43217d129d2471cc6bbce powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 174146 b746b0d858709d086f11f0bc1991090d Size/MD5: 53760 9ed8f537dd6b33011fd9018496687632 Size/MD5: 49614 24ba935f93e06f33ed31b18b76e17e8f Size/MD5: 228836 b15cefd9db3f3074c821e95a2f92f584 Size/MD5: 153824 1d6d88d93708a90d143a0de2a3ad7cbb Size/MD5: 28910 84f13e265c3c0aa349b7dbc6191089a3 Size/MD5: 31356 f012026a8abe8a423ca6076a9d5fa11f Size/MD5: 60646 0e3e84e1c04367541c968634508a7a85 Size/MD5: 40512 5e277ea3c1c2e0314d4ea343de2bb624 Size/MD5: 79290 f171c12302a200a52be29e6e0570f8c5 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 151782 e652e89e52f31720bdcdd4f34de6fc2a Size/MD5: 48310 600f9111b65dc1ad3148f0707f48795d Size/MD5: 43952 b32b21656bc8f81523bdfa4fcbf17d7e Size/MD5: 201428 808bc33543a77743e8ff299810ca14cb Size/MD5: 125988 287bc4e7d304768de81dc4fedbc3a373 Size/MD5: 27470 d18c5ba603aea0917a8a26d467b30e9f Size/MD5: 27966 eeac07ef15059df1d68690deaeb9411a Size/MD5: 57624 8e4a4b3844edd2c0d9f0d3758ea21447 Size/MD5: 32196 772eb2c795c277102196b773ecaefa93 Size/MD5: 71322 6990da9d87c786f073d6058b1a7467b1 Updated packages for Ubuntu 7.10: Source archives: Size/MD5: 37869 03d4d7901d3d55fc933369c14a32698e Size/MD5: 820 b0d7926cacb832e5a4578e59ad931112 Size/MD5: 1866308 3958cbd5b6ed8c14966792538e44223b Architecture independent packages: Size/MD5: 695206 03cf20669f382b6cb1913452ae72c877 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 171148 5c18eb2263ed387e0a09c35100000edd Size/MD5: 49380 bc0b333a5f581c76bc0bfd470a761917 Size/MD5: 38788 a8d2dad343a82e57ab9e3e8b6f5926fe Size/MD5: 218688 6ce4e49bab995490c6cdc1509385302e Size/MD5: 143092 bf7f2c4483aa2ba8d4bf8c3bdf818966 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 166628 8e7a837b594ee9b7acbfdfbb69cbb202 Size/MD5: 47590 363aa521e2a455c5ab97fbd521bfe5b1 Size/MD5: 40650 74d0c6e448cdcd731b84575ce4da4265 Size/MD5: 208212 b5db2b967a26f5a69dd22df7d48d4c6b Size/MD5: 139100 5a8dc58cd7387d31ed9854b037074aac powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 199048 61e18424a44de6c8cdf45281e72c313a Size/MD5: 51612 17236a564b6de5c495f89020db503be4 Size/MD5: 43448 81d458b9d4083427f91005eeafa5cc58 Size/MD5: 250016 e6734e15d07e03d85d66b82da2419e38 Size/MD5: 172542 99610d2e7152332aa375e253acc4fc65 sparc architecture (SunSPARC/UltraSPARC): Size/MD5: 175054 9ec35f8dc92ce556f7b62d0b4e463b1c Size/MD5: 47124 46ce38604c97cf22f243c67806b238fc Size/MD5: 37968 ea71d972df04acc310c589f54bb54699 Size/MD5: 222780 7e43680ff33f3e939127e2bd1979c131 Size/MD5: 144244 b045431a4b8e59d27f61f26d122f7d0c . A vulnerability in Ubuntu's flac could let malefactors run code or trigger a service interruption. Update strongly advised.. Flac Vulnerability, Code Execution Risk, Ubuntu Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 13, 2007 Critical Ubuntu
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorykernel updateprivilege escalation

Slackware 9.1: 2004-006-01 Critical: Kernel Update For Bounds Checking

New kernels are available for Slackware 9.0, 9.1 and -current. The 9.1 and -current kernels have been upgraded to 2.4.24, and a fix has been backported to the 2.4.21 kernels in Slackware 9.0 to fix a bounds-checking problem in the kernel's mremap() call . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Kernel security update (SSA:2004-006-01) New kernels are available for Slackware 9.0, 9.1 and -current. The 9.1 and -current kernels have been upgraded to 2.4.24, and a fix has been backported to the 2.4.21 kernels in Slackware 9.0 to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Sites should upgrade to the 2.4.24 kernel and kernel modules. After installing the new kernel, be sure to run 'lilo'. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-CAN-2003-0985 Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Tue Jan 6 15:01:54 PST 2004 patches/kernels/: Upgraded to Linux 2.4.24. This fixes a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Sites should upgrade to the 2.4.24 kernel and kernel modules. After installing the new kernel, be sure to run 'lilo'. For more details, see: https://www.cve.org/CVERecord?id=CVE-CAN-2003-0985 Thanks to Paul Starzetz for finding and researching this issue. (* Security fix *) patches/packages/alsa-driver-0.9.8-i486-2.tgz: Recompiled against linux-2.4.24. patches/packages/cvs-1.11.11-i486-1.tgz: Upgraded to cvs-1.11.11. This version enforces greater security. Changes include pserver refusing to run as root, and logging attempts to exploit the security hole fixed in 1.11.10 in the syslog. patches/packages/kernel-ide-2.4.24-i486-1.tgz: Upgraded bare.i kernel package to Linux 2.4.24. patches/packages/kernel-modules-2.4.24-i486-1.tgz: Upgraded toLinux 2.4.24 kernel modules. patches/packages/kernel-source-2.4.24-noarch-2.tgz: Upgraded to Linux 2.4.24 kernel source, with XFS and Speakup patches included (but not pre-applied). This uses the XFS and Speakup patches for 2.4.23, which should be fine since 2.4.24 didn't change much code. Proper XFS patches for 2.4.24 will probably be out soon to fix the one Makefile rejection for EXTRAVERSION = -xfs, but likely little else will be different since XFS development has already gone ahead to what is now the 2.4.25-pre kernel series. patches/packages/kernel-modules-xfs/alsa-driver-xfs-0.9.8-i486-2.tgz: Recompiled against linux-2.4.24-xfs. patches/packages/kernel-modules-xfs/kernel-modules-xfs-2.4.24-i486-1.tgz: Upgraded to Linux 2.4.24 kernel modules for the xfs.s (XFS patched) kernel. +--------------------------+ WHERE TO FIND THE NEW PACKAGES: +-----------------------------+ Updated packages for Slackware 9.0: An alternate kernel may be installed. Those are found in this directory: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/kernels/ Updated packages for Slackware 9.1: An alternate kernel may be installed. Those are found in this directory: The ALSA driver package has also been recompiled for 2.4.24: The XFS patched kernel requires different kernel modules. If you use the XFS filesystem and XFS patched kernel (xfs.s), these packages contain kernel modules compiled against 2.4.24-xfs: Updated packages for Slackware -current: MD5 SIGNATURES: +-------------+ MD5 signatures may be downloaded from our FTP server: Slackware 9.0 packages: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/CHECKSUMS.md5 To verify authenticity, this file has been signed with the Slackware GPG key (use 'gpg --verify'): ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/CHECKSUMS.md5.asc Slackware 9.1 packages: To verify authenticity, this file has been signed with the Slackware GPG key (use 'gpg--verify'): ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/CHECKSUMS.md5.asc Slackware -current packages: ftp://ftp.slackware.com/pub/slackware/slackware-current/CHECKSUMS.md5 ftp://ftp.slackware.com/pub/slackware/slackware-current/CHECKSUMS.md5.asc INSTALLATION INSTRUCTIONS: +------------------------+ Use upgradepkg to install the new kernel, kernel-modules, and alsa packages. After installing the kernel-ide package you will need to run lilo ('lilo' at a command prompt) or create a new system boot disk ('makebootdisk'), and reboot. If desired, a kernel from the kernels/ directory may be used instead. For example, to use the kernel in kernels/scsi.s/, you would copy it to the boot directory like this: cd kernels/scsi.s cp bzImage /boot/vmlinuz-scsi.s-2.4.24 Create a symbolic link: ln -sf /boot/vmlinuz-scsi.s-2.4.24 /boot/vmlinuz Then, run 'lilo' or create a new system boot disk and reboot. +-----+ . Slackware 2004-007-02 kernel patch addresses a security vulnerability, essential for safeguarding the system.. Kernel Update, Privilege Escalation, Slackware Security, System Upgrade, Linux Distributions. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 07, 2004 Critical Slackware
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here