Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorybug fixsecurity fix

Red Hat 9: RHSA-2023-2193-01 Moderate: Butane Security Fix for DoS

An update for butane is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: butane security, bug fix, and enhancement update Advisory ID: RHSA-2023:2193-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2193 Issue date: 2023-05-09 CVE Names: CVE-2022-27664 CVE-2022-32189 ==================================================================== 1. Summary: An update for butane is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: Butane translates human-readable Butane Configs into machine-readable Ignition configs for provisioning operating systems that use Ignition. The following packages have been upgraded to a later upstream version: butane (0.16.0). (BZ#2135475) Security Fix(es): * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: Fordetailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2135475 - Update butane to latest upstream version 0.16.0 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: butane-0.16.0-1.el9.src.rpm aarch64: butane-0.16.0-1.el9.aarch64.rpm butane-debuginfo-0.16.0-1.el9.aarch64.rpm butane-debugsource-0.16.0-1.el9.aarch64.rpm ppc64le: butane-0.16.0-1.el9.ppc64le.rpm butane-debuginfo-0.16.0-1.el9.ppc64le.rpm butane-debugsource-0.16.0-1.el9.ppc64le.rpm s390x: butane-0.16.0-1.el9.s390x.rpm butane-debuginfo-0.16.0-1.el9.s390x.rpm butane-debugsource-0.16.0-1.el9.s390x.rpm x86_64: butane-0.16.0-1.el9.x86_64.rpm butane-debuginfo-0.16.0-1.el9.x86_64.rpm butane-debugsource-0.16.0-1.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-27664 https://access.redhat.com/security/cve/CVE-2022-32189 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZFo0ptzjgjWX9erEAQge6A//ZpWXomxucsX7wvVE5yZHZHM95peYYg43 OsTi+2VbGn4sf6LxH/d3fXhnheMLT72aGJJfqH5LF8cURjT0GLV/WhNJeNx/G+G2 qa7N/hi2mjH/T3ot6aGgm0sX6JddLhvLLs9HhEoQeB7bN1JtCbgndvDuA56mOkew FrKuGPMcbzc3PPOkw0/2CHUMcx9lSM1FoeUyAZU9pEl8d0T3Zmwmioi2llQlJINW SvmfDb+YVMkIFnswpVbPz3SmDDHWy68HCGhCYcBy+yHSMJk4R+LpmV+wpnGwEor6 OrTlDb8GrSuLwnbPtAnkhOIG3TsjwBUH1XWxIMsn1HMXaQZofnJ/RzJ1irgmaoja LSzFVt51FmH/3FeX5r9X07Tw3pSn2Iu2jcxHBQHuoMMVMb3YnYf97ES7wqg2lAk+ 7DQ9TKGdRaGYFbuu5nE9ekZ634GUVXhXnLEKbprwGy2SE1OGNH5eeGGouEAyD7FX 00clOMbfElIrZzs9rOYd28TU3vAEFCcFS/WlN4Op9hogVFtb37kR6tvnfJjoMd6E a+5Or8UuyDr9ZStt2lQ7kem5TwxDxNrOdZ7vl/zfjCidYPqGs1XNkgg+tSzFOvsa 8OWLeMgehVGY0DvUBbcs07MQcTJ1CCdJYExQId6Z5RfQbE20/23x0GkvkMxttBEt flgUVYUXUFk=8Inq -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A notification concerning mild security concerns in propane for Red Hat Enterprise Linux 9 along with related issue resolutions.. Butane Security, Bug Fixes, RHEL Updates, Moderate Issues. . LinuxSecurity.com Team

Calendar 2 May 09, 2023 Red Hat
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraDenial of Service

Fedora 35: 2022-3969b64d4b Moderate: Butane Security Issues

Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3969b64d4b 2022-07-17 00:57:11.020145 --------------------------------------------------------------------------------Name : butane Product : Fedora 35 Version : 0.15.0 Release : 2.fc35 URL : https://github.com/coreos/butane Summary : Butane config transpiler Description : Butane translates human-readable Butane Configs into machine-readable Ignition configs for provisioning operating systems that use Ignition. --------------------------------------------------------------------------------Update Information: Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode -CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar -CVE-2022-29526 golang: syscall: faccessat checks wrong group (There are some Go CVEs that are a little bit older that will also be mitigated by the rebuild for packages that haven't been updated recently) CVEs in other golang libraries that affect a subset of Go packages: - CVE-2022-21698 golang-github-prometheus-client: prometheus/client_golang: Denial of service using InstrumentHandlerCounter - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key ---- Initial import for golang-github-a8m-envsubst Resolves: rhbz#2074406 ---- Initial package Resolves: rhbz#2074438 ----Update to v3.14.0 (close rhbz#2105612) ---- Fix merge ---- Update to 1.22.1 - Close: rhbz#2077577 --------------------------------------------------------------------------------ChangeLog: --------------------------------------------------------------------------------References: [ 1 ] Bug #2074406 - Review Request: golang-github-a8m-envsubst - Environment variables substitution for Go https://bugzilla.redhat.com/show_bug.cgi?id=2074406 [ 2 ] Bug #2074438 - Review Request: golang-github-goccy-yaml - YAML support for the Go language https://bugzilla.redhat.com/show_bug.cgi?id=2074438 [ 3 ] Bug #2077577 - powerline-go-1.22.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077577 [ 4 ] Bug #2105612 - golang-github-task-3.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2105612 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3969b64d4b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it:https://pagure.io/fedora-infrastructure . Mitigating risks in go and butane for Fedora 35 promotes safe system setup. Keep your systems current!. Fedora Update, Butane Security, Golang Issues, System Provisioning. . LinuxSecurity.com Team

Calendar 2 Jul 16, 2022 Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here