Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
217
security advisoryimportantkernelOracle Linux 9 ELSA-2025-20608 Security Advisory Kernel Important
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20608 http://linux.oracle.com/errata/ELSA-2025-20608.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-core-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-103.40.4.3.el9uek.noarch.rpm kernel-uek-modules-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-103.40.4.3.el9uek.x86_64.rpm kernel-uek-tools-6.12.0-103.40.4.3.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-core-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek-tools-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-devel-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-103.40.4.3.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-103.40.4.3.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-103.40.4.3.el9uek.src.rpm Related CVEs: CVE-2025-38500 CVE-2025-38560 CVE-2025-38566 CVE-2025-38571 CVE-2025-38618 CVE-2025-39682 Description of changes: [6.12.0-103.40.4.3.el9uek] - x86/sev: Evict cache lines during SNP memory validation (Tom Lendacky) [Orabug: 38453836] {CVE-2025-38560} - xfrm: interface: fix use-after-free after changing collect_md xfrm interface (EyalBirger) [Orabug: 38453837] {CVE-2025-38500} - sunrpc: fix handling of server side tls alerts (Olga Kornievskaia) [Orabug: 38453835] {CVE-2025-38566} - sunrpc: fix client side handling of tls alerts (Olga Kornievskaia) [Orabug: 38453834] {CVE-2025-38571} - vsock: Do not allow binding to VMADDR_PORT_ANY (Budimir Markovic) [Orabug: 38453833] {CVE-2025-38618} - tls: fix handling of zero-length records on the rx_list (Jakub Kicinski) [Orabug: 38453832] {CVE-2025-39682} _______________________________________________ El-errata mailing list
Sep 24, 2025
•Important
Oracle
89
security advisoryupdatecriticalFedora 38 FEDORA-2023-dcbfbf1396 Critical: Traffic Server Update
Update to upstream 9.2.2. Changes with Apache Traffic Server 9.2.2 #9544 - Docs: format typos in header_rewrite doc #9754 - Fix OCSP detection during build (9.2.x) #9829 - Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header rewrite #9831 - Allow slice plugin to purge requests #9840 - Fix crash on config reload with BoringSSL #9877 - Do not add content-length for status 204. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-dcbfbf1396 2023-08-18 01:58:38.704443 -------------------------------------------------------------------------------- Name : trafficserver Product : Fedora 38 Version : 9.2.2 Release : 1.fc38 URL : https://trafficserver.apache.org/ Summary : Fast, scalable and extensible HTTP/1.1 and HTTP/2 caching proxy server Description : Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching and reusing frequently-requested web pages, images, and web service calls. Proxying - Easily add keep-alive, filter or anonymize content requests, or add load balancing by adding a proxy layer. Fast - Scales well on modern SMP hardware, handling 10s of thousands of requests per second. Extensible - APIs to write your own plug-ins to do anything from modifying HTTP headers to handling ESI requests to writing your own cache algorithm. Proven - Handling over 400TB a day at Yahoo! both as forward and reverse proxies, Apache Traffic Server is battle hardened. -------------------------------------------------------------------------------- Update Information: Update to upstream 9.2.2. Changes with Apache Traffic Server 9.2.2 #9544 - Docs: format typos in header_rewrite doc #9754 - Fix OCSP detection during build (9.2.x) #9829- Add TSHttpTxnNextHopPortGet, add NEXT-HOP to header rewrite #9831 - Allow slice plugin to purge requests #9840 - Fix crash on config reload with BoringSSL #9877 - Do not add content-length for status 204 cache #9879 - doc: fix the internal libraries section formatting #9886 - Fix deprecated set_class for documentation build #9943 - Add yaml libs reference to HTTP proxy test suite. #9944 - Fix clang-format for 9.2.x branch #9952 - 92x autest updates #9959 - 9.2.x: OpenSSL 3.0 tls autest updates (#9947) #9971 - Update to autest version 1.10.3 #9976 - fix: require RSRC_CLIENT_REQUEST_HEADERS in ConditionMethod #9989 - Do not set @SECLEVEL with boringssl #10038 - LSan: Fix leaks of Cache Unit Test #10054 - Demote SSL log line to debug and remove key printing #10093 - tools/check-unused- dependencies: make exceptions for tools under clang+asan #10103 - autest get_port: update to use psutil #10105 - Update autest to the latest 1.10.4 #10107 - Fix ports.py type hint for sets on older Python #10124 - Fix DbgCtl reference that got cherry-picked into 9.2.x #10125 - Remove duplicate slashes at the beginning of the incoming URL #10127 - 9.2.x: Correctly handle encoding for cache hash generation #10131 - 9.2.x: Fix a crash triggered by invalid range header -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 9 2023 Jered Floyd 9.2.2-1 - Update to upstream 9.2.2 * Sat Jul 22 2023 Fedora Release Engineering - 9.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2228525 - trafficserver-9.2.2-rc0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2228525 [ 2 ] Bug #2231467 - CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2231467 [ 3 ] Bug #2231468 -CVE-2022-47185 CVE-2023-33934 trafficserver: Two flaws in Apache traffic server [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2231468 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-dcbfbf1396' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Aug 18, 2023
•Critical
Fedora
200
security advisorymoderatemuttScientific Linux 7: SLSA-2020:1126-1 Moderate: Mutt Path Traversal
mutt: IMAP header caching path traversal vulnerability SL7 x86_64 mutt-1.5.21-29.el7.x86_64.rpm mutt-debuginfo-1.5.21-29.el7.x86_64.rpm - Scientific Linux Development Team. Synopsis: Moderate: mutt security update Advisory ID: SLSA-2020:1126-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2018-14355 -- * mutt: IMAP header caching path traversal vulnerability -- SL7 x86_64 mutt-1.5.21-29.el7.x86_64.rpm mutt-debuginfo-1.5.21-29.el7.x86_64.rpm - Scientific Linux Development Team . Updated security patch for Scientific Linux rectifies a moderate risk related to IMAP header caching path traversal vulnerabilities in SL7.x x86_64 architecture.. Mutt Security Update, IMAP Path Traversal, Scientific Linux Advisory. . LinuxSecurity.com Team
Apr 20, 2020
Scientific Linux
100
security advisoryupdateimportantSUSE: 2019:2035-1 Important: Polkit Authentication Issue Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for polkit ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:2035-1 Rating: important References: #1121826 Cross-References: CVE-2019-6133 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 7 SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Workstation Extension 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Desktop 12-SP5 SUSE Linux Enterprise Desktop 12-SP4 SUSE Enterprise Storage 5 SUSE Enterprise Storage 4 HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend (bsc#1121826). Patch Instructions: To installthis SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2019-2035=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2019-2035=1 - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2019-2035=1 - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2019-2035=1 - SUSE Linux Enterprise Workstation Extension 12-SP4: zypper in -t patch SUSE-SLE-WE-12-SP4-2019-2035=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2019-2035=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-2035=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2019-2035=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-2035=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2019-2035=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2019-2035=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-2035=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-2035=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2019-2035=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-2035=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-2035=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2019-2035=1 - SUSE LinuxEnterprise Desktop 12-SP5: zypper in -t patch SUSE-SLE-DESKTOP-12-SP5-2019-2035=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-2035=1 - SUSE Enterprise Storage 5: zypper in -t patch SUSE-Storage-5-2019-2035=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2019-2035=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2019-2035=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE OpenStack Cloud 8 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE OpenStack Cloud 7 (s390x x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): libpolkit0-32bit-0.113-5.18.1 libpolkit0-debuginfo-32bit-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 - SUSE Linux Enterprise Workstation Extension 12-SP4 (x86_64): libpolkit0-32bit-0.113-5.18.1 libpolkit0-debuginfo-32bit-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 polkit-devel-0.113-5.18.1 polkit-devel-debuginfo-0.113-5.18.1 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 polkit-devel-0.113-5.18.1 polkit-devel-debuginfo-0.113-5.18.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 -SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Desktop 12-SP5 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-32bit-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 libpolkit0-debuginfo-32bit-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-32bit-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 libpolkit0-debuginfo-32bit-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Enterprise Storage 5 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - SUSE Enterprise Storage 4 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 - HPEHelion Openstack 8 (x86_64): libpolkit0-0.113-5.18.1 libpolkit0-debuginfo-0.113-5.18.1 polkit-0.113-5.18.1 polkit-debuginfo-0.113-5.18.1 polkit-debugsource-0.113-5.18.1 typelib-1_0-Polkit-1_0-0.113-5.18.1 References: https://www.suse.com/security/cve/CVE-2019-6133.html https://bugzilla.suse.com/1121826 _______________________________________________ sle-security-updates mailing list
Aug 01, 2019
•Important
SuSE
98
security advisoryupdatered hatRed Hat: RHSA-2018-1639-01 Important Kernel Security Issue
An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2018:1639-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1639 Issue date: 2018-05-29 CVE Names: CVE-2018-3639 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.6) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update intothe microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software side of the mitigation for this hardware issue. To be fully functional, up-to-date CPU microcode applied on the system is required. Please refer to References section for further information about this issue, CPU microcode requirements and the potential performance impact. Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.6): Source: kernel-2.6.32-504.69.3.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.69.3.el6.noarch.rpm kernel-doc-2.6.32-504.69.3.el6.noarch.rpm kernel-firmware-2.6.32-504.69.3.el6.noarch.rpm x86_64: kernel-2.6.32-504.69.3.el6.x86_64.rpm kernel-debug-2.6.32-504.69.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.69.3.el6.x86_64.rpm kernel-devel-2.6.32-504.69.3.el6.x86_64.rpm kernel-headers-2.6.32-504.69.3.el6.x86_64.rpm perf-2.6.32-504.69.3.el6.x86_64.rpm perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v.6.6): Source: kernel-2.6.32-504.69.3.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.69.3.el6.noarch.rpm kernel-doc-2.6.32-504.69.3.el6.noarch.rpm kernel-firmware-2.6.32-504.69.3.el6.noarch.rpm x86_64: kernel-2.6.32-504.69.3.el6.x86_64.rpm kernel-debug-2.6.32-504.69.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.69.3.el6.x86_64.rpm kernel-devel-2.6.32-504.69.3.el6.x86_64.rpm kernel-headers-2.6.32-504.69.3.el6.x86_64.rpm perf-2.6.32-504.69.3.el6.x86_64.rpm perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.6): x86_64: kernel-debug-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.69.3.el6.x86_64.rpm perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm python-perf-2.6.32-504.69.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.6): x86_64: kernel-debug-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.69.3.el6.x86_64.rpm perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm python-perf-2.6.32-504.69.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.69.3.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/updates/classification#important https://access.redhat.com/security/vulnerabilities/ssbd 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBWw2Ah9zjgjWX9erEAQgYwg//e0Q3cPJIigLdHOmwG+T3FpwdO4aqn6ks jW6F8hAjOu9PxXWcb3MfqqZMNM6/l5bKTWM4Bm8/o4X29KmesrnIq1sAe2+MAE3Q gtBjEoXYSvpHxbqUweBZZRzimnYCtzmbrs/WMSlDWumM2qT666W0YgjemDNRk8Iu KADLvYFaqLSW28eOY4Q5y3ljgjTthW72ZYSudgsUB3CcqPBZ7EqXx/VWbbpAiumO MBsf83l/OvyhNlZ7zJTQiet0v3rTMf0zcnyrUp/7+VPZBZLxXHPC7Y4/7743M0cb fYrak+VsK7mQqCuj9mWagOyLbSuY4Yd1SVfxOH2gPh0cCKlZfdBcsiuHNG9Lkqd1 tZ6XSlbpO8g8AedNrhf+0x44UQJzB8c6E5tFzOEhqaridxvWx02rrjJ3Uk9sMvdl v1wEOZYyk+C0W8aByljPLv0js2p63zsBQyzoL1NnJbcM2sAIF99O75/XLRSY104s D2Krg+ZjHozbZTt0XiMiC6Pydg2cU1dne+C/GVB1SvKxqhV7KsSgB8/H+4KVN0SR VN8PAcb4MmkPwFp4z1ZpZF9oo+OR4yrZaAJyjcX8wi5XHqe4U+39HLMyIM1yQYoL VLmq/Ynr5zFDscFNAiv+wV29hrWbU+rtaudFf+SFwvNipS8+RmFV3nTFzQZMZDfT b0f25qNqSPM=5cRp -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 29, 2018
•Important
Red Hat
89
security advisorymoderateupdateFedora 25 2017-b9433ad88e Moderate: Knot-Resolver Security Update
New upstream release:. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-b9433ad88e 2017-08-10 15:18:03.832008 --------------------------------------------------------------------------------Name : knot-resolver Product : Fedora 25 Version : 1.3.2 Release : 1.fc25 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, just start the local DNS socket: BEWARE: Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968 you need to switch your system to SELinux permissive mode. --------------------------------------------------------------------------------Update Information: New upstream release: --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot-resolver' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Aug 10, 2017
Fedora
89
security advisoryupdatecriticalFedora 24: 2017-9d06448c3e Critical: Knot-Resolver Update
new upstream release. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-9d06448c3e 2017-03-20 22:12:04.582921 -------------------------------------------------------------------------------- Name : knot-resolver Product : Fedora 24 Version : 1.2.4 Release : 1.fc24 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, just start the local DNS socket: BEWARE: Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968 you need to switch your system to SELinux permissive mode. -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot-resolver' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Mar 21, 2017
•Critical
Fedora
89
security advisoryupdatecriticalFedora Core 3: FEDORA-2005-852 Critical: Squid Performance Update
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-852 2005-09-06 ---------------------------------------------------------------------Product : Fedora Core 3 Name : squid Version : 2.5.STABLE9 Release : 1.FC3.7 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. ---------------------------------------------------------------------* Tue Sep 6 2005 Martin Stransky 7:2.5.STABLE9-1.FC3.7 - Three upstream patches for #167414 - Spanish and Greek messages - patch for -D_FORTIFY_SOURCE=2 ---------------------------------------------------------------------This update can be downloaded from: 268ed1f8914e63cf62ed219dba64bdd3 SRPMS/squid-2.5.STABLE9-1.FC3.7.src.rpm 9e778cb8cb3c567a1448cbbdb58a279c x86_64/squid-2.5.STABLE9-1.FC3.7.x86_64.rpm 19e7fc5664b3a329a503ea36246c3f95 x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.7.x86_64.rpm 79d84f9735f50a4178f7b17d5e466c97 i386/squid-2.5.STABLE9-1.FC3.7.i386.rpm 4dc0c0a28762db74b1c9a6effe394e7c i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.7.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ----------------------------------------------------------------------- fedora-announce-list mailing list
Sep 06, 2005
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!