Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severityfedora

Fedora 40: FEDORA-2024-2a56aeb66b High: Chromium Multiple Issues

update to 126.0.6478.182 High CVE-2024-6772: Inappropriate implementation in V8 High CVE-2024-6773: Type Confusion in V8 High CVE-2024-6774: Use after free in Screen Capture High CVE-2024-6775: Use after free in Media Stream. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-2a56aeb66b 2024-07-21 01:38:57.829392 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 40 Version : 126.0.6478.182 Release : 1.fc40 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: update to 126.0.6478.182 High CVE-2024-6772: Inappropriate implementation in V8 High CVE-2024-6773: Type Confusion in V8 High CVE-2024-6774: Use after free in Screen Capture High CVE-2024-6775: Use after free in Media Stream High CVE-2024-6776: Use after free in Audio High CVE-2024-6777: Use after free in Navigation High CVE-2024-6778: Race in DevTools High CVE-2024-6779: Out of bounds memory access in V8 -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 16 2024 Than Ngo - 126.0.6478.182-1 - update to 126.0.6478.182 * High CVE-2024-6772: Inappropriate implementation in V8 * High CVE-2024-6773: Type Confusion in V8 * High CVE-2024-6774: Use after free in Screen Capture * High CVE-2024-6775: Use after free in Media Stream * High CVE-2024-6776: Use after free in Audio * High CVE-2024-6777: Use after free in Navigation * High CVE-2024-6778: Race in DevTools * High CVE-2024-6779: Out of bounds memory access in V8 * Sun Jul 7 2024 Than Ngo - 126.0.6478.126-2 - fixed rhbz#2293202, chromium Wayland UIregression -------------------------------------------------------------------------------- References: [ 1 ] Bug #2298405 - 126.0.6478.182 has been released, fixing 10 CVEs https://bugzilla.redhat.com/show_bug.cgi?id=2298405 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-2a56aeb66b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . The latest update for Fedora's Chromium tackles critical vulnerabilities, including buffer overflow, credential leakage, and others. Ensure your safety!. chromium Update,Fedora Security Advisory,Type Confusion Issue,Screen Capture Fix. . LinuxSecurity.com Team

Calendar 2 Jul 21, 2024 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 37 Critical Update: FEDORA-2023-2c4a95caf8 for Chromium Issues

update to 113.0.5672.64. Fixes the following security issues: CVE-2023-2459 CVE-2023-2460 CVE-2023-2461 CVE-2023-2462 CVE-2023-2463 CVE-2023-2464 CVE-2023-2465 CVE-2023-2466 CVE-2023-2467 CVE-2023-2468. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-2c4a95caf8 2023-05-10 01:40:09.608709 --------------------------------------------------------------------------------Name : chromium Product : Fedora 37 Version : 113.0.5672.63 Release : 1.fc37 URL : https://www.chromium.org/Home/ Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). --------------------------------------------------------------------------------Update Information: update to 113.0.5672.64. Fixes the following security issues: CVE-2023-2459 CVE-2023-2460 CVE-2023-2461 CVE-2023-2462 CVE-2023-2463 CVE-2023-2464 CVE-2023-2465 CVE-2023-2466 CVE-2023-2467 CVE-2023-2468 --------------------------------------------------------------------------------ChangeLog: * Wed May 3 2023 Than Ngo - 113.0.5672.63-1 - update to 113.0.5672.63 * Sun Apr 23 2023 Than Ngo - 112.0.5615.165-2 - make --use-gl=egl default for x11/wayland - enable WebUIDarkMode --------------------------------------------------------------------------------References: [ 1 ] Bug #2192762 - CVE-2023-2459 chromium-browser: Inappropriate implementation in Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2192762 [ 2 ] Bug #2192763 - CVE-2023-2460 chromium-browser: Insufficient validation of untrusted input in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=2192763 [ 3 ] Bug #2192764 - CVE-2023-2461 chromium-browser: Use after free in OS Inputs https://bugzilla.redhat.com/show_bug.cgi?id=2192764 [ 4 ] Bug #2192765 - CVE-2023-2462 chromium-browser: Inappropriate implementation in Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2192765 [ 5 ] Bug #2192766 - CVE-2023-2463 chromium-browser: Inappropriate implementation in Full Screen Mode https://bugzilla.redhat.com/show_bug.cgi?id=2192766 [ 6 ] Bug #2192767 - CVE-2023-2464 chromium-browser: Inappropriate implementation in PictureInPicture https://bugzilla.redhat.com/show_bug.cgi?id=2192767 [ 7 ] Bug #2192768 - CVE-2023-2465 chromium-browser: Inappropriate implementation in CORS https://bugzilla.redhat.com/show_bug.cgi?id=2192768 [ 8 ] Bug #2192769 - CVE-2023-2466 chromium-browser: Inappropriate implementation in Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2192769 [ 9 ] Bug #2192770 - CVE-2023-2467 chromium-browser: Inappropriate implementation in Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2192770 [ 10 ] Bug #2192771 - CVE-2023-2468 chromium-browser: Inappropriate implementation in PictureInPicture https://bugzilla.redhat.com/show_bug.cgi?id=2192771 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2c4a95caf8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora releases an update for Firefox, tackling several severe security vulnerabilities and improving overall browser performance.. Fedora Security, Chromium Update, Browser Threat Patches. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 10, 2023 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatecritical

openSUSE 15-SP3: 2022:10009-1 Critical: Chromium Issues Fixed

An update that fixes 28 vulnerabilities is now available. . openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:10009-1 Rating: critical References: #1199893 #1200139 #1200423 Cross-References: CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866 CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871 CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876 CVE-2022-2007 CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes 28 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 102.0.5005.115 (boo#1200423) * CVE-2022-2007: Use after free in WebGPU * CVE-2022-2008: Out of bounds memory access in WebGL * CVE-2022-2010: Out of bounds read in compositing * CVE-2022-2011: Use after free in ANGLE Chromium 102.0.5001.61 (boo#1199893) * CVE-2022-1853: Use after free in Indexed DB * CVE-2022-1854: Use after free in ANGLE * CVE-2022-1855: Use after free in Messaging * CVE-2022-1856: Use after free in User Education * CVE-2022-1857: Insufficient policy enforcement in File System API * CVE-2022-1858: Out of bounds read in DevTools * CVE-2022-1859: Use after free in Performance Manager * CVE-2022-1860: Use after free in UI Foundations * CVE-2022-1861: Use after free in Sharing * CVE-2022-1862: Inappropriate implementation in Extensions * CVE-2022-1863: Useafter free in Tab Groups * CVE-2022-1864: Use after free in WebApp Installs * CVE-2022-1865: Use after free in Bookmarks * CVE-2022-1866: Use after free in Tablet Mode * CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer * CVE-2022-1868: Inappropriate implementation in Extensions API * CVE-2022-1869: Type Confusion in V8 * CVE-2022-1870: Use after free in App Service * CVE-2022-1871: Insufficient policy enforcement in File System API * CVE-2022-1872: Insufficient policy enforcement in Extensions API * CVE-2022-1873: Insufficient policy enforcement in COOP * CVE-2022-1874: Insufficient policy enforcement in Safe Browsing * CVE-2022-1875: Inappropriate implementation in PDF * CVE-2022-1876: Heap buffer overflow in DevTools Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-10009=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 x86_64): chromedriver-102.0.5005.115-bp153.2.101.1 chromedriver-debuginfo-102.0.5005.115-bp153.2.101.1 chromium-102.0.5005.115-bp153.2.101.1 chromium-debuginfo-102.0.5005.115-bp153.2.101.1 References: https://www.suse.com/security/cve/CVE-2022-1853.html https://www.suse.com/security/cve/CVE-2022-1854.html https://www.suse.com/security/cve/CVE-2022-1855.html https://www.suse.com/security/cve/CVE-2022-1856.html https://www.suse.com/security/cve/CVE-2022-1857.html https://www.suse.com/security/cve/CVE-2022-1858.html https://www.suse.com/security/cve/CVE-2022-1859.html https://www.suse.com/security/cve/CVE-2022-1860.html https://www.suse.com/security/cve/CVE-2022-1861.html https://www.suse.com/security/cve/CVE-2022-1862.html https://www.suse.com/security/cve/CVE-2022-1863.html https://www.suse.com/security/cve/CVE-2022-1864.html https://www.suse.com/security/cve/CVE-2022-1865.html https://www.suse.com/security/cve/CVE-2022-1866.html https://www.suse.com/security/cve/CVE-2022-1867.html https://www.suse.com/security/cve/CVE-2022-1868.html https://www.suse.com/security/cve/CVE-2022-1869.html https://www.suse.com/security/cve/CVE-2022-1870.html https://www.suse.com/security/cve/CVE-2022-1871.html https://www.suse.com/security/cve/CVE-2022-1872.html https://www.suse.com/security/cve/CVE-2022-1873.html https://www.suse.com/security/cve/CVE-2022-1874.html https://www.suse.com/security/cve/CVE-2022-1875.html https://www.suse.com/security/cve/CVE-2022-1876.html https://www.suse.com/security/cve/CVE-2022-2007.html https://www.suse.com/security/cve/CVE-2022-2008.html https://www.suse.com/security/cve/CVE-2022-2010.html https://www.suse.com/security/cve/CVE-2022-2011.html https://bugzilla.suse.com/1199893 https://bugzilla.suse.com/1200139 https://bugzilla.suse.com/1200423 . Urgent patch released for openSUSE tackling 28 vulnerabilities in chromium. Prioritize updating your system to maintain security integrity.. openSUSE Security Update, Chromium Critical Fix, Software Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 15, 2022 Critical OpenSUSE
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorymultiple issuesupgrade recommendation

Arch Linux: ASA-202112-2 High: Opera Multiple Security Issues

The package opera before version 82.0.4227.23-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, content spoofing, information disclosure, same-origin policy bypass, sandbox escape and denial of service. . Arch Linux Security Advisory ASA-202112-2 ======================================== Severity: High Date : 2021-12-03 CVE-ID : CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016 CVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020 CVE-2021-38021 CVE-2021-38022 Package : opera Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2563 Summary ====== The package opera before version 82.0.4227.23-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, content spoofing, information disclosure, same-origin policy bypass, sandbox escape and denial of service. Resolution ========= Upgrade to 82.0.4227.23-1. # pacman -Syu "opera> =82.0.4227.23-1" The problems have been fixed upstream in version 82.0.4227.23. Workaround ========= None. Description ========== - CVE-2021-38005 (arbitrary code execution) A use after free security issue has been found in the loader component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38006 (arbitrary code execution) A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38007 (arbitrary code execution) A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38008 (arbitrary code execution) A use after free security issue has been found in the media component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38009 (arbitrary code execution) Aninappropriate implementation security issue has been found in the cache component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38010 (arbitrary code execution) An inappropriate implementation security issue has been found in the service workers component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38011 (arbitrary code execution) A use after free security issue has been found in the storage foundation component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38012 (arbitrary code execution) A type confusion security issue has been found in the V8 component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38013 (arbitrary code execution) A heap buffer overflow security issue has been found in the fingerprint recognition component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38014 (arbitrary code execution) An out of bounds write security issue has been found in the Swiftshader component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38015 (arbitrary code execution) An inappropriate implementation security issue has been found in the input component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38016 (access restriction bypass) An insufficient policy enforcement security issue has been found in the background fetch component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38017 (sandbox escape) An insufficient policy enforcement security issue has been found in the iframe sandbox component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38018 (content spoofing) An inappropriate implementation security issue has been found in the navigation component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38019 (same-origin policy bypass) An insufficient policy enforcement security issue has been found in the CORS component of the Chromium browser engine beforeversion 96.0.4664.45. - CVE-2021-38020 (information disclosure) An insufficient policy enforcement security issue has been found in the contacts picker component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38021 (information disclosure) An inappropriate implementation security issue has been found in the referrer component of the Chromium browser engine before version 96.0.4664.45. - CVE-2021-38022 (denial of service) An inappropriate implementation security issue has been found in the WebAuthentication component of the Chromium browser engine before version 96.0.4664.45. Impact ===== A remote attacker could execute arbitrary code, spoof content, bypass security restrictions or crash the browser through crafted web content. References ========= https://blogs.opera.com/desktop/changelog-for-81/ https://blogs.opera.com/desktop/changelog-for-82/ https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html https://security.archlinux.org/CVE-2021-38005 https://security.archlinux.org/CVE-2021-38006 https://security.archlinux.org/CVE-2021-38007 https://security.archlinux.org/CVE-2021-38008 https://security.archlinux.org/CVE-2021-38009 https://security.archlinux.org/CVE-2021-38010 https://security.archlinux.org/CVE-2021-38011 https://security.archlinux.org/CVE-2021-38012 https://security.archlinux.org/CVE-2021-38013 https://security.archlinux.org/CVE-2021-38014 https://security.archlinux.org/CVE-2021-38015 https://security.archlinux.org/CVE-2021-38016 https://security.archlinux.org/CVE-2021-38017 https://security.archlinux.org/CVE-2021-38018 https://security.archlinux.org/CVE-2021-38019 https://security.archlinux.org/CVE-2021-38020 https://security.archlinux.org/CVE-2021-38021 https://security.archlinux.org/CVE-2021-38022 . Various vulnerabilities in Opera versions prior to 82.0.4227.23-1 can potentially lead to exposure to remote exploitation and various security risks. Prompt update is advised.. Opera Security Threats, Arch Linux Issues, BrowserVulnerabilities. . LinuxSecurity.com Team

Calendar 2 Dec 06, 2021 ArchLinux
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updateimportant fixes

openSUSE 15.2: 2021:1096-1 Important Opera Security Update

An update that fixes 6 vulnerabilities is now available. . openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1096-1 Rating: important References: Cross-References: CVE-2021-30541 CVE-2021-30560 CVE-2021-30561 CVE-2021-30562 CVE-2021-30563 CVE-2021-30564 Affected Products: openSUSE Leap 15.2:NonFree ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for opera fixes the following issues: Update to version 77.0.4054.277: - DNA-94291 Video conference popout doesnt remember its size after resizing - DNA-94399 Incorrect icon for wp.pl in address bar dropdown - DNA-94462 Low quality of default wallpaper on windows - The update to chromium 91.0.4472.164 fixes following issues: CVE-2021-30541, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562, CVE-2021-30563, CVE-2021-30564 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2:NonFree: zypper in -t patch openSUSE-2021-1096=1 Package List: - openSUSE Leap 15.2:NonFree (x86_64): opera-77.0.4054.277-lp152.2.55.1 References: https://www.suse.com/security/cve/CVE-2021-30541.html https://www.suse.com/security/cve/CVE-2021-30560.html https://www.suse.com/security/cve/CVE-2021-30561.html https://www.suse.com/security/cve/CVE-2021-30562.html https://www.suse.com/security/cve/CVE-2021-30563.html https://www.suse.com/security/cve/CVE-2021-30564.html . This notification covers 5 critical concerns in opera for Fedora. Discover more about the required adjustments and guidance.. openSUSE security, operabrowser update, secure patch instructions, important fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 05, 2021 Important OpenSUSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuebuffer overflow

Debian DSA-4846-1 Critical: Chromium Buffer Overflow Security Issue

Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-16044 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4846-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Michael Gilbert February 07, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium CVE ID : CVE-2020-16044 CVE-2021-21117 CVE-2021-21118 CVE-2021-21119 CVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123 CVE-2021-21124 CVE-2021-21125 CVE-2021-21126 CVE-2021-21127 CVE-2021-21128 CVE-2021-21129 CVE-2021-21130 CVE-2021-21131 CVE-2021-21132 CVE-2021-21133 CVE-2021-21134 CVE-2021-21135 CVE-2021-21136 CVE-2021-21137 CVE-2021-21138 CVE-2021-21139 CVE-2021-21140 CVE-2021-21141 CVE-2021-21142 CVE-2021-21143 CVE-2021-21144 CVE-2021-21145 CVE-2021-21146 CVE-2021-21147 Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-16044 Ned Williamson discovered a use-after-free issue in the WebRTC implementation. CVE-2021-21117 Rory McNamara discovered a policy enforcement issue in Cryptohome. CVE-2021-21118 Tyler Nighswander discovered a data validation issue in the v8 javascript library. CVE-2021-21119 A use-after-free issue was discovered in media handling. CVE-2021-21120 Nan Wang and Guang Gong discovered a use-after-free issue in the WebSQL implementation. CVE-2021-21121 Leecraso and Guang Gong discovered a use-after-free issue in the Omnibox. CVE-2021-21122 Renata Hodovan discovered a use-after-free issue in Blink/WebKit. CVE-2021-21123 Maciej Pulikowski discovered a data validation issue. CVE-2021-21124 Chaoyang Ding discovered a use-after-freeissue in the speech recognizer. CVE-2021-21125 Ron Masas discovered a policy enforcement issue. CVE-2021-21126 David Erceg discovered a policy enforcement issue in extensions. CVE-2021-21127 Jasminder Pal Singh discovered a policy enforcement issue in extensions. CVE-2021-21128 Liang Dong discovered a buffer overflow issue in Blink/WebKit. CVE-2021-21129 Maciej Pulikowski discovered a policy enforcement issue. CVE-2021-21130 Maciej Pulikowski discovered a policy enforcement issue. CVE-2021-21131 Maciej Pulikowski discovered a policy enforcement issue. CVE-2021-21132 David Erceg discovered an implementation error in the developer tools. CVE-2021-21133 wester0x01 discovered a policy enforcement issue. CVE-2021-21134 wester0x01 discovered a user interface error. CVE-2021-21135 ndevtk discovered an implementation error in the Performance API. CVE-2021-21136 Shiv Sahni, Movnavinothan V, and Imdad Mohammed discovered a policy enforcement error. CVE-2021-21137 bobbybear discovered an implementation error in the developer tools. CVE-2021-21138 Weipeng Jiang discovered a use-after-free issue in the developer tools. CVE-2021-21139 Jun Kokatsu discovered an implementation error in the iframe sandbox. CVE-2021-21140 David Manouchehri discovered uninitialized memory in the USB implementation. CVE-2021-21141 Maciej Pulikowski discovered a policy enforcement error. CVE-2021-21142 Khalil Zhani discovered a use-after-free issue. CVE-2021-21143 Allen Parker and Alex Morgan discovered a buffer overflow issue in extensions. CVE-2021-21144 Leecraso and Guang Gong discovered a buffer overflow issue. CVE-2021-21145 A use-after-free issue was discovered. CVE-2021-21146 Alison Huffman and Choongwoo Han discovered a use-after-free issue. CVE-2021-21147 Roman Starkov discovered an implementation error in the skia library. For the stable distribution (buster), these problems have been fixedin version 88.0.4324.146-1~deb10u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/chromium Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Numerous vulnerabilities fixed in Chrome, Debian users urged to update for enhanced web security.. Debian Chromium Security, Browser Update, Security Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 07, 2021 Critical Debian
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiancritical update

Debian DSA-4638-1 Critical: Chromium Browser Policy Errors

. -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - -------------------------------------------------------------------------Debian Security Advisory DSA-4638-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Michael Gilbert March 10, 2020 https://www.debian.org/security/faq - -------------------------------------------------------------------------Package : chromium CVE ID : CVE-2019-19880 CVE-2019-19923 CVE-2019-19925 CVE-2019-19926 CVE-2020-6381 CVE-2020-6382 CVE-2020-6383 CVE-2020-6384 CVE-2020-6385 CVE-2020-6386 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389 CVE-2020-6390 CVE-2020-6391 CVE-2020-6392 CVE-2020-6393 CVE-2020-6394 CVE-2020-6395 CVE-2020-6396 CVE-2020-6397 CVE-2020-6398 CVE-2020-6399 CVE-2020-6400 CVE-2020-6401 CVE-2020-6402 CVE-2020-6403 CVE-2020-6404 CVE-2020-6405 CVE-2020-6406 CVE-2020-6407 CVE-2020-6408 CVE-2020-6409 CVE-2020-6410 CVE-2020-6411 CVE-2020-6412 CVE-2020-6413 CVE-2020-6414 CVE-2020-6415 CVE-2020-6416 CVE-2020-6418 CVE-2020-6420 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-19880 Richard Lorenz discovered an issue in the sqlite library. CVE-2019-19923 Richard Lorenz discovered an out-of-bounds read issue in the sqlite library. CVE-2019-19925 Richard Lorenz discovered an issue in the sqlite library. CVE-2019-19926 Richard Lorenz discovered an implementation error in the sqlite library. CVE-2020-6381 UK's National Cyber Security Centre discovered an integer overflow issue in the v8 javascript library. CVE-2020-6382 Soyeon Park and Wen Xu discovered a type error in the v8 javascript library. CVE-2020-6383 Sergei Glazunov discovered a type error in the v8 javascript library. CVE-2020-6384 David Manoucheri discovered a use-after-free issue in WebAudio. CVE-2020-6385 Sergei Glazunov discovered a policy enforcement error. CVE-2020-6386 Zhe Jin discovered a use-after-free issue in speech processing. CVE-2020-6387 Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation. CVE-2020-6388 Sergei Glazunov discovered an out-of-bounds read error in the WebRTC implementation. CVE-2020-6389 Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation. CVE-2020-6390 Sergei Glazunov discovered an out-of-bounds read error. CVE-2020-6391 Michał Bentkowski discoverd that untrusted input was insufficiently validated. CVE-2020-6392 The Microsoft Edge Team discovered a policy enforcement error. CVE-2020-6393 Mark Amery discovered a policy enforcement error. CVE-2020-6394 Phil Freo discovered a policy enforcement error. CVE-2020-6395 Pierre Langlois discovered an out-of-bounds read error in the v8 javascript library. CVE-2020-6396 William Luc Ritchie discovered an error in the skia library. CVE-2020-6397 Khalil Zhani discovered a user interface error. CVE-2020-6398 pdknsk discovered an uninitialized variable in the pdfium library. CVE-2020-6399 Luan Herrera discovered a policy enforcement error. CVE-2020-6400 Takashi Yoneuchi discovered an error in Cross-Origin Resource Sharing. CVE-2020-6401 Tzachy Horesh discovered that user input was insufficiently validated. CVE-2020-6402 Vladimir Metnew discovered a policy enforcement error. CVE-2020-6403 Khalil Zhani discovered a user interface error. CVE-2020-6404 kanchi discovered an error in Blink/Webkit. CVE-2020-6405 Yongheng Chen and Rui Zhong discovered an out-of-bounds read issue in the sqlite library. CVE-2020-6406 Sergei Glazunov discovered a use-after-freeissue. CVE-2020-6407 Sergei Glazunov discovered an out-of-bounds read error. CVE-2020-6408 Zhong Zhaochen discovered a policy enforcement error in Cross-Origin Resource Sharing. CVE-2020-6409 Divagar S and Bharathi V discovered an error in the omnibox implementation. CVE-2020-6410 evil1m0 discovered a policy enforcement error. CVE-2020-6411 Khalil Zhani discovered that user input was insufficiently validated. CVE-2020-6412 Zihan Zheng discovered that user input was insufficiently validated. CVE-2020-6413 Michał Bentkowski discovered an error in Blink/Webkit. CVE-2020-6414 Lijo A.T discovered a policy safe browsing policy enforcement error. CVE-2020-6415 Avihay Cohen discovered an implementation error in the v8 javascript library. CVE-2020-6416 Woojin Oh discovered that untrusted input was insufficiently validated. CVE-2020-6418 Clement Lecigne discovered a type error in the v8 javascript library. CVE-2020-6420 Taras Uzdenov discovered a policy enforcement error. For the oldstable distribution (stretch), security support for chromium has been discontinued. For the stable distribution (buster), these problems have been fixed in version 80.0.3987.132-1~deb10u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/chromium Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. -----BEGIN PGPSIGNATURE-----iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAl5oNcAACgkQmD40ZYkU ayh0Rh/+PrQfatkM3FrjJJww29+dsIOZ3S2MGR6mggmYcfN8VBIurnBoa/T48RpX PH0JtNNXmGFXgByL877ykk9cgWeFgnTYlxc5RICKup2qlcZrXugqhN029AtjlMwl Ynw2tbgyHEEh+aRg/tiMMMDYhDtQpnIpgKJ3L206F9KEpjxgnCAuLMbabwfgf4lX +5ErU+4LEhWBESkUJCEJA/OFCFfsfBVaz+H564PgsIh1OG/Sm4QL0DoYma3iN+KQ f/jFejdSFkiTNfZgRmcOU2dqvzf0qfY/iJWrma/RPiF8r5ta5Ew65qoodCxz1pB5 Q7A2c/4ckNYpe+RvafkHZ7TX13IHYOPTaG2lR/lCK0wyuTi1m6KceI6O9fR7mrii pV9cnTFFYFV2i/Hjq59LFlVh3gfBU9fiO2cps/SVVpCkenxvD372S8NCijBWd3we K1xmyhmR07zTircuY305T8Sj5qJ/Gb+V0uvhOPeBhkC1cTHUSf/oeU2r+L2fnl41 ctYUfXIfwG5aqr47Q5N+6WuxZMJW/eTHA765/5HhLysyXqw7/fUWrZDU6G6wS9Ij 2pxFzxl2NFHbAl7rBRyrOVfzIT6lAj5OJhqktwI5+8ZSqOO0c+ETkZekfMJXB/H9 +mX1FLAJtxpDKwpqNWt3ZW/vdWF2fnnHifE3BmrdvAv6aBklUWmRGJwBA8/8YTjD noxg4JZG58GNonsU641iwP0YR4ncI2o0Qq7+plPzm+iG4iiLBsL6+zRe1hAaS38Q TZioSM3QVsFPKcWQ9pn3xengFVGsMaDH/nAHUfxyD4y6VEvIfJGQsNm2CN9c9Sz1 2ZltQIwtKPe0N2iEA/edzIzINrAmg9g7JB9h2XAsSU+48NtkVZ8gk2nzu/oreRDR EWe8PNPkHfWDQMv31TcXmqrZfS3RjmoOzlJxOk4iuYnhkhUpv2N/IuhOrVUg0e1v kVZiRUpdJAh31dKEUNTlEkNH5aCWELhxlr6FJb1tLYqV8Cfg7rHxB9knTzdgz93d MTsN2Ig6J+bDsBi8HclE0gYLwCbdGx08bFth7Tyd/WbdAlhaZaoMfZkTWXm9rl3e ReLx4VEZh8fEAXnYU7EqPuWv2UiQBQYSD713+WCmSNCnM7uDkobCJ1CF961FcX7u BtnFsjE5F1F7bE+FP9zOHXd3fhYCJHkKcg+BTNxYn9ORMYQhhfK0ms5awNT4CyFX AeWQh5/szmJHowmgfgRmcVSkHNK02R984kvYnRd+oqJg6R+P8PSZWXTmS0X2RnU3 BdoniwUi2Qrtx++E5KtH+qFUEaKJTB5NYub87ZVGJ1wvsHxAQxCW1iOcrZ7KV+Ly Cf9ugJha6dD2cjM09JPVBrHMzJVKbA==Ho61 -----END PGP SIGNATURE----- . Update your Debian chromium software packages in light of numerous patches addressing vulnerabilities such as buffer overflows and security policy misconfigurations.. Debian Chromium Security Update, Browser Security Advisory, Policy Enforcement Errors. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 10, 2020 Critical Debian
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryGentoosoftware update

Gentoo: GLSA-201605-02 Normal: Chromium Remote Code Execution Threat

Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201605-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: May 14, 2016 Bugs: #578200, #579954, #581524, #582828 ID: 201605-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Background ========= Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 50.0.2661.102 > = 50.0.2661.102 Description ========== Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround ========= There is no known workaround at this time. Resolution ========= All chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "> =www-client/chromium-50.0.2661.102" References ========= [ 1 ] CVE-2016-1646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1646 [ 2 ] CVE-2016-1647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1647 [ 3 ] CVE-2016-1648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1648 [ 4 ] CVE-2016-1649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1649 [ 5 ] CVE-2016-1650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1650 [ 6 ] CVE-2016-1651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1651 [ 7 ] CVE-2016-1652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1652 [ 8 ] CVE-2016-1653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1653 [ 9 ] CVE-2016-1654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1654 [ 10 ] CVE-2016-1655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1655 [ 11 ] CVE-2016-1656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1656 [ 12 ] CVE-2016-1657 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1657 [ 13 ] CVE-2016-1658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1658 [ 14 ] CVE-2016-1659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1659 [ 15 ] CVE-2016-1660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1660 [ 16 ] CVE-2016-1661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1661 [ 17 ] CVE-2016-1662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1662 [ 18 ] CVE-2016-1663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1663 [ 19 ] CVE-2016-1664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1664 [ 20 ] CVE-2016-1665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1665 [ 21 ] CVE-2016-1666 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1666 [ 22 ] CVE-2016-1667 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1667 [ 23 ] CVE-2016-1668 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1668 [ 24 ] CVE-2016-1669 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1669 [ 25 ] CVE-2016-1670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1670 [ 26 ] CVE-2016-1671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1671 Availability =========== This GLSA and anyupdates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201605-02 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Ensure you update to the latest version of Chromium to address vulnerabilities that could lead to remote code execution among other potential threats.. Chromium Security, Gentoo Linux, Browser Patch, Open Source Safety. . LinuxSecurity.com Team

Calendar 2 May 17, 2016 Gentoo
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here