Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5,050 articles for you...
89

Fedora 44 proftpd Important Buffer Overflow Fix 2026-2f95481529

Cumulative bug-fix update, including several buffer overflow fixes.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-2f95481529 2026-07-18 00:26:14.272998+00:00 -------------------------------------------------------------------------------- Name : proftpd Product : Fedora 44 Version : 1.3.9c Release : 1.fc44 URL : http://www.proftpd.org/ Summary : Flexible, stable and highly-configurable FTP server Description : ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by systemd instead are included. -------------------------------------------------------------------------------- Update Information: Cumulative bug-fix update, including several buffer overflow fixes. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 8 2026 Paul Howarth - 1.3.9c-1 - Update to 1.3.9c - ExecEnviron values not passed due to regression since 1.3.8.d (GH#2135) - Stack buffer overflow in MLSD/MLST handling for long path names (GH#2146) - MaxTransfersPerUser no longer enforces configured limits (GH#2158) - AdminControlsACLs for config, get actions not honored as they should be (GH#2163) - Memcached/Redis-cached JSON TLS session/OCSP entries decoded into fixed buffers without bounds checking (GH#2166) - RewriteMap unescape builtin use causes one-byte out-of-bounds write, fails to reject illegal characters (GH#2173) - SQL group name lookup concatenates client-provided group names without escaping (GH#2188) - Authenticated SFTP sessions can overflowthe SFTP packet buffer (GH#2190) - Default Controls socket ACLs unintentionally allow all users access for sending Controls requests (GH#2210) * Fri Jun 12 2026 Yaakov Selkowitz - 1.3.9b-2 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2f95481529' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Cumulative update for proftpd in Fedora 44 includes essential bug fixes for buffer overflows and security enhancements.. proftpd update,Fedora 44,buffer overflow fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Fedora
202

openSUSE Leap 16.0 Chromium Critical Security Update 2026-21363-1

An update that solves 15 vulnerabilities and has one bug fix can now be installed.. openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21363-1 Rating: critical References: * bsc#1271415 Cross-References: * CVE-2026-15764 * CVE-2026-15765 * CVE-2026-15766 * CVE-2026-15767 * CVE-2026-15768 * CVE-2026-15769 * CVE-2026-15770 * CVE-2026-15771 * CVE-2026-15772 * CVE-2026-15773 * CVE-2026-15774 * CVE-2026-15775 * CVE-2026-15776 * CVE-2026-15777 * CVE-2026-15778 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 15 vulnerabilities and has one bug fix can now be installed. Description: This update for chromium fixes the following issues: Changes in chromium: - Chromium 150.0.7871.124 (boo#1271415): * CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigation Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-424=1 PackageList: - openSUSE Leap 16.0: chromedriver-150.0.7871.124-bp160.1.1 chromium-150.0.7871.124-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-15764.html * https://www.suse.com/security/cve/CVE-2026-15765.html * https://www.suse.com/security/cve/CVE-2026-15766.html * https://www.suse.com/security/cve/CVE-2026-15767.html * https://www.suse.com/security/cve/CVE-2026-15768.html * https://www.suse.com/security/cve/CVE-2026-15769.html * https://www.suse.com/security/cve/CVE-2026-15770.html * https://www.suse.com/security/cve/CVE-2026-15771.html * https://www.suse.com/security/cve/CVE-2026-15772.html * https://www.suse.com/security/cve/CVE-2026-15773.html * https://www.suse.com/security/cve/CVE-2026-15774.html * https://www.suse.com/security/cve/CVE-2026-15775.html * https://www.suse.com/security/cve/CVE-2026-15776.html * https://www.suse.com/security/cve/CVE-2026-15777.html * https://www.suse.com/security/cve/CVE-2026-15778.html . Critical security update for openSUSE Leap 16.0 addressing 15 distinct vulnerabilities in Chromium software.. openSUSE security, critical update, Chromium issues. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Critical OpenSUSE
217

Oracle Linux 9 Python3.9 Important Bug Fix ELSA-2026-39798 CVE-2026-15308

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-39798 http://linux.oracle.com/errata/ELSA-2026-39798.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: python-unversioned-command-3.9.25-7.0.1.el9_8.2.noarch.rpm python3-3.9.25-7.0.1.el9_8.2.i686.rpm python3-3.9.25-7.0.1.el9_8.2.x86_64.rpm python3-debug-3.9.25-7.0.1.el9_8.2.i686.rpm python3-debug-3.9.25-7.0.1.el9_8.2.x86_64.rpm python3-devel-3.9.25-7.0.1.el9_8.2.i686.rpm python3-devel-3.9.25-7.0.1.el9_8.2.x86_64.rpm python3-idle-3.9.25-7.0.1.el9_8.2.i686.rpm python3-idle-3.9.25-7.0.1.el9_8.2.x86_64.rpm python3-libs-3.9.25-7.0.1.el9_8.2.i686.rpm python3-libs-3.9.25-7.0.1.el9_8.2.x86_64.rpm python3-test-3.9.25-7.0.1.el9_8.2.i686.rpm python3-test-3.9.25-7.0.1.el9_8.2.x86_64.rpm python3-tkinter-3.9.25-7.0.1.el9_8.2.i686.rpm python3-tkinter-3.9.25-7.0.1.el9_8.2.x86_64.rpm aarch64: python-unversioned-command-3.9.25-7.0.1.el9_8.2.noarch.rpm python3-3.9.25-7.0.1.el9_8.2.aarch64.rpm python3-debug-3.9.25-7.0.1.el9_8.2.aarch64.rpm python3-devel-3.9.25-7.0.1.el9_8.2.aarch64.rpm python3-idle-3.9.25-7.0.1.el9_8.2.aarch64.rpm python3-libs-3.9.25-7.0.1.el9_8.2.aarch64.rpm python3-test-3.9.25-7.0.1.el9_8.2.aarch64.rpm python3-tkinter-3.9.25-7.0.1.el9_8.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/python3.9-3.9.25-7.0.1.el9_8.2.src.rpm Related CVEs: CVE-2026-15308 Description of changes: [3.9.25-7.0.1.el9_8.2] - Remove upstream URL reference [3.9.25-7.2] - Security fix for CVE-2026-15308 Resolves: RHEL-193786 [3.9.25-7.1] - Fix ssl.SSLError: [ASN1: NOT_ENOUGH_DATA] not enough data with OpenSSL 3.5.7+ Resolves: RHEL-194207 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Recent security update for Oracle Linux 9 includes important fixes for Python 3.9 addressing CVE-2026-15308.. Oracle Linux 9Security Fix, Python 3.9 Update, CVE-2026-15308, Linux Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
217

Oracle Linux 9 ELSA-2026-39576 cifs-utils Important Bug Fix

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-39576 http://linux.oracle.com/errata/ELSA-2026-39576.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: cifs-utils-7.6-2.el9_8.x86_64.rpm cifs-utils-devel-7.6-2.el9_8.i686.rpm cifs-utils-devel-7.6-2.el9_8.x86_64.rpm pam_cifscreds-7.6-2.el9_8.x86_64.rpm aarch64: cifs-utils-7.6-2.el9_8.aarch64.rpm cifs-utils-devel-7.6-2.el9_8.aarch64.rpm pam_cifscreds-7.6-2.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/cifs-utils-7.6-2.el9_8.src.rpm Related CVEs: CVE-2026-12505 Description of changes: [7.6-2] - resolves: RHEL-192982 - fix krb5 mount regression [7.6-1] - Update to version 7.6 - resolves: RHEL-185761 - CVE-2026-12505 cifs-utils: LPE via cifs.spnego _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 security update for cifs-utils fixes critical issues, including local privilege escalation vulnerability.. Oracle Linux, cifs-utils, local privilege escalation, security update, bug fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
217

Oracle Linux Nine ELSA-2026-38491 Important Kernel Bug Fixes

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38491 http://linux.oracle.com/errata/ELSA-2026-38491.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-abi-stablelists-5.14.0-687.25.1.el9_8.noarch.rpm kernel-core-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-cross-headers-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-core-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-devel-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-devel-matched-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-modules-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-modules-core-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-modules-extra-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-debug-uki-virt-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-devel-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-devel-matched-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-doc-5.14.0-687.25.1.el9_8.noarch.rpm kernel-headers-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-modules-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-modules-core-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-modules-extra-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-tools-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-tools-libs-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-tools-libs-devel-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-uki-virt-5.14.0-687.25.1.el9_8.x86_64.rpm kernel-uki-virt-addons-5.14.0-687.25.1.el9_8.x86_64.rpm libperf-5.14.0-687.25.1.el9_8.x86_64.rpm perf-5.14.0-687.25.1.el9_8.x86_64.rpm python3-perf-5.14.0-687.25.1.el9_8.x86_64.rpm rtla-5.14.0-687.25.1.el9_8.x86_64.rpm rv-5.14.0-687.25.1.el9_8.x86_64.rpm aarch64: kernel-cross-headers-5.14.0-687.25.1.el9_8.aarch64.rpm kernel-headers-5.14.0-687.25.1.el9_8.aarch64.rpm kernel-tools-5.14.0-687.25.1.el9_8.aarch64.rpm kernel-tools-libs-5.14.0-687.25.1.el9_8.aarch64.rpm kernel-tools-libs-devel-5.14.0-687.25.1.el9_8.aarch64.rpm libperf-5.14.0-687.25.1.el9_8.aarch64.rpm perf-5.14.0-687.25.1.el9_8.aarch64.rpm python3-perf-5.14.0-687.25.1.el9_8.aarch64.rpm rtla-5.14.0-687.25.1.el9_8.aarch64.rpm rv-5.14.0-687.25.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.25.1.el9_8.src.rpm RelatedCVEs: CVE-2026-22979 CVE-2026-43499 CVE-2026-46086 CVE-2026-53016 CVE-2026-53166 Description of changes: [5.14.0-687.25.1] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64

Calendar%202 Jul 17, 2026 Important Oracle
217

Oracle Linux 8 cifs-utils Important Bug Fix CVE-2026-12505 ELSA-2026-39575

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-39575 http://linux.oracle.com/errata/ELSA-2026-39575.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: cifs-utils-7.0-5.el8_10.x86_64.rpm cifs-utils-devel-7.0-5.el8_10.i686.rpm cifs-utils-devel-7.0-5.el8_10.x86_64.rpm pam_cifscreds-7.0-5.el8_10.x86_64.rpm aarch64: cifs-utils-7.0-5.el8_10.aarch64.rpm cifs-utils-devel-7.0-5.el8_10.aarch64.rpm pam_cifscreds-7.0-5.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/cifs-utils-7.0-5.el8_10.src.rpm Related CVEs: CVE-2026-12505 Description of changes: [7.0-5] - resolves: RHEL-192933 - fix krb5 mount regression [7.0-4] - cifs.upcall: remove getpwuid dependency - cifs.upcall: fix compiler warning with -Wvla - Resolves: RHEL-185759 - Fix CVE-2026-12505 [7.0-3] - docs: update echo_interval description - Resolves: RHEL-80397 [7.0-2] - mount.cifs.rst: add missing reference for sssd - mount.cifs.rst: update section about xattr/acl support - Resolves: RHEL-41059 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updates for cifs-utils and related bug fixes in Oracle Linux 8 enhance security against CVE-2026-12505.. oracle linux,cifs-utils,security advisory,bug fix,exploit. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
217

Oracle Linux 8 go-toolset Significant Bug Corrections ELSA-2026-38995

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38995 http://linux.oracle.com/errata/ELSA-2026-38995.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: delve-1.26.1-1.0.1.module+el8.10.0+90954+4b0fdef3.x86_64.rpm golang-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.x86_64.rpm golang-bin-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.x86_64.rpm golang-docs-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm golang-misc-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm golang-race-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.x86_64.rpm golang-src-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm golang-tests-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm go-toolset-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.x86_64.rpm aarch64: delve-1.26.1-1.0.1.module+el8.10.0+90954+4b0fdef3.aarch64.rpm golang-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.aarch64.rpm golang-bin-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.aarch64.rpm golang-docs-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm golang-misc-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm golang-race-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.aarch64.rpm golang-src-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm golang-tests-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.noarch.rpm go-toolset-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/delve-1.26.1-1.0.1.module+el8.10.0+90954+4b0fdef3.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/golang-1.26.5-1.0.1.module+el8.10.0+90954+4b0fdef3.src.rpm Related CVEs: CVE-2026-27145 CVE-2026-39821 CVE-2026-39822 Description of changes: delve [1.26.1-1.0.1] - Disable DWARF compression which has issues (Alex Burmashev) [1.26.1-1] - Update to Delve 1.26.1 - Related: RHEL-183712 golang [1.26.5-1.0.1] - EXPERIMENTAL: Introduce fipsnoenforceems GODEBUG var - Backported fromOL9u7 - Resolves: OLDIS-53586 [1.26.5-1] - Update to Go 1.26.5 (fips-1) - Resolves: RHEL-193478 [1.26.4-1] - Update to Go 1.26.4 (fips-1) - Resolves: RHEL-183352 [1.25.10-1] - Update to Go 1.25.10 (fips-1) - Resolves: RHEL-175610 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 updates including go-toolset contain important bug fixes addressing various bugs and reducing threat exposure.. Oracle Linux, go-toolset, bug fixes, security updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
219

Rocky Linux 9 python3.9 Important Denial of Service Fix RLSA-2026-39798

Important: python3.9 security, bug fix, and enhancement update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39798", "synopsis": "Important: python3.9 security, bug fix, and enhancement update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for python3.9.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations (CVE-2026-15308)\n\nBug Fix(es) and Enhancement(s):\n\n* python3.9 test_ssl fails ssl.SSLError: [ASN1: NOT_ENOUGH_DATA] not enough data (_ssl.c:4192) [rhel-9.8.z] (JIRA:Rocky Linux-194207)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2498608", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2498608", "description": ""}], "cves": [{"name": "CVE-2026-15308", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-15308", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-835"}], "references": [], "publishedAt": "2026-07-16T12:03:41.048961Z", "rpms": {"Rocky Linux 9": {"nvras": ["python3-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-0:3.9.25-7.el9_8.2.i686.rpm", "python3-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-0:3.9.25-7.el9_8.2.s390x.rpm","python3-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3.9-0:3.9.25-7.el9_8.2.src.rpm", "python3.9-debuginfo-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3.9-debuginfo-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3.9-debuginfo-0:3.9.25-7.el9_8.2.s390x.rpm", "python3.9-debuginfo-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3.9-debugsource-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3.9-debugsource-0:3.9.25-7.el9_8.2.i686.rpm", "python3.9-debugsource-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3.9-debugsource-0:3.9.25-7.el9_8.2.s390x.rpm", "python3.9-debugsource-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3-debug-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-debug-0:3.9.25-7.el9_8.2.i686.rpm", "python3-debug-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-debug-0:3.9.25-7.el9_8.2.s390x.rpm", "python3-debug-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3-devel-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-devel-0:3.9.25-7.el9_8.2.i686.rpm", "python3-devel-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-devel-0:3.9.25-7.el9_8.2.s390x.rpm", "python3-devel-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3-idle-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-idle-0:3.9.25-7.el9_8.2.i686.rpm", "python3-idle-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-idle-0:3.9.25-7.el9_8.2.s390x.rpm", "python3-idle-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3-libs-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-libs-0:3.9.25-7.el9_8.2.i686.rpm", "python3-libs-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-libs-0:3.9.25-7.el9_8.2.s390x.rpm", "python3-libs-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3-test-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-test-0:3.9.25-7.el9_8.2.i686.rpm", "python3-test-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-test-0:3.9.25-7.el9_8.2.s390x.rpm", "python3-test-0:3.9.25-7.el9_8.2.x86_64.rpm", "python3-tkinter-0:3.9.25-7.el9_8.2.aarch64.rpm", "python3-tkinter-0:3.9.25-7.el9_8.2.i686.rpm", "python3-tkinter-0:3.9.25-7.el9_8.2.ppc64le.rpm", "python3-tkinter-0:3.9.25-7.el9_8.2.s390x.rpm", "python3-tkinter-0:3.9.25-7.el9_8.2.x86_64.rpm", "python-unversioned-command-0:3.9.25-7.el9_8.2.noarch.rpm"]}},"rebootSuggested": false, "buildReferences": []}. Rocky Linux 9 python3.9 important security update fixes a Denial of Service risk and enhances performance.. Rocky Linux python3 security update important bug fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 16, 2026 Important Rocky Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200