Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
172
security advisorydenial of servicecertificate managementUbuntu 26.04 LTS Samba Critical Update Denial of Service USN-8306-1
Several security issues were fixed in Samba.. ========================================================================== Ubuntu Security Notice USN-8306-1 May 26, 2026 samba vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access checks on reparse point operations. An attacker could possibly use this issue to modify reparse point extended attributes on files that should have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-1933) Pavel Kohout discovered that Samba's vfs_worm module did not properly block file overwrites. An attacker could possibly use this issue to overwrite files that should have remained immutable. (CVE-2026-2340) Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly handled certificate auto-enrolment group policies over HTTP without verification. A machine-in-the-middle attacker could possibly use this issue to install a malicious CA certificate. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012) Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that Samba's Active Directory Domain Controller WINS server could be made to crash under certain circumstances. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2026-3238) Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly handled a non-default password check script configuration. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2026-4408) Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly handled a non-default print commandconfiguration. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2026-4480) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS samba 2:4.23.6+dfsg-1ubuntu2.1 Ubuntu 25.10 samba 2:4.22.3+dfsg-4ubuntu2.4 Ubuntu 24.04 LTS samba 2:4.19.5+dfsg-4ubuntu9.6 Ubuntu 22.04 LTS samba 2:4.15.13+dfsg-0ubuntu1.12 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8306-1 CVE-2026-1933, CVE-2026-2340, CVE-2026-3012, CVE-2026-3238, CVE-2026-4408, CVE-2026-4480 Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.23.6+dfsg-1ubuntu2.1 https://launchpad.net/ubuntu/+source/samba/2:4.22.3+dfsg-4ubuntu2.4 https://launchpad.net/ubuntu/+source/samba/2:4.19.5+dfsg-4ubuntu9.6 https://launchpad.net/ubuntu/+source/samba/2:4.15.13+dfsg-0ubuntu1.12 . Several Samba security issues addressed in Ubuntu impacting denial of service and code execution risks. Update now.. Samba Security Update, Ubuntu Advisory, Code Execution Risk, Denial of Service, SMB Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
May 26, 2026
•Critical
Ubuntu
89
security advisoryfedoracertificate managementFedora 44 rust-reqsign-file-write-tokio Important System Update Alert 2026-c7e42ddg45
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-file-read-tokio Product : Fedora 44 Version : 3.0.0 Release : 1.fc44 URL : https://crates.io/crates/reqsign-file-read-tokio Summary : Tokio-based file reader implementation for reqsign Description : Tokio-based file reader implementation for reqsign. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version0.2.18 fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 3.0.0-1 - Update to version 3.0.0; Fixes RHBZ#2432774 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical updates for Fedora 44 addressing network stack changes likely impacting trusted certificates for uv and python-uv-build.. Fedora 44 Updates, Rust Reqsign, Network Stack Changes, Python UV Build. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
100
security advisorymoderateupdateSUSE Linux patch release update for security key repairs - Mozilla
# Security update for ca-certificates-mozilla Announcement ID: SUSE-SU-2026:20652-1 Release Date: 2026-03-04T09:35:51Z Rating: moderate References:. # Security update for ca-certificates-mozilla Announcement ID: SUSE-SU-2026:20652-1 Release Date: 2026-03-04T09:35:51Z Rating: moderate References: * bsc#1258002 Affected Products: * SUSE Linux Micro 6.1 An update that has one fix can now be installed. ## Description: This update for ca-certificates-mozilla fixes the following issues: * Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002) * Removed: * Baltimore CyberTrust Root * CommScope Public Trust ECC Root-01 * CommScope Public Trust ECC Root-02 * CommScope Public Trust RSA Root-01 * CommScope Public Trust RSA Root-02 * DigiNotar Root CA * Added: * e-Szigno TLS Root CA 2023 * OISTE Client Root ECC G1 * OISTE Client Root RSA G1 * OISTE Server Root ECC G1 * OISTE Server Root RSA G1 * SwissSign RSA SMIME Root CA 2022 - 1 * SwissSign RSA TLS Root CA 2022 - 1 * TrustAsia SMIME ECC Root CA * TrustAsia SMIME RSA Root CA * TrustAsia TLS ECC Root CA * TrustAsia TLS RSA Root CA ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-423=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * ca-certificates-mozilla-2.84-slfo.1.1_1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1258002 . Update for ca-certificates-mozilla addresses moderate issues on SUSE Linux Micro, enhancing certificate trust and security.. SUSE Linux, certificates, security update, ca-certificates. . LinuxSecurity.com Team
Mar 18, 2026
SuSE
98
security advisorymoderatesecurity issueModerate Security Advisory RHSA-2022:7086-01 for pki-core on RHEL 7
An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: pki-core security update Advisory ID: RHSA-2022:7086-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7086 Issue date: 2022-10-24 CVE Names: CVE-2022-2393 ==================================================================== 1. Summary: An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch 3. Description: The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): * pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field (CVE-2022-2393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to theCVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2101046 - CVE-2022-2393 pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: pki-core-10.5.18-23.el7_9.src.rpm noarch: pki-base-10.5.18-23.el7_9.noarch.rpm pki-base-java-10.5.18-23.el7_9.noarch.rpm pki-ca-10.5.18-23.el7_9.noarch.rpm pki-javadoc-10.5.18-23.el7_9.noarch.rpm pki-kra-10.5.18-23.el7_9.noarch.rpm pki-server-10.5.18-23.el7_9.noarch.rpm x86_64: pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm pki-symkey-10.5.18-23.el7_9.x86_64.rpm pki-tools-10.5.18-23.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: pki-core-10.5.18-23.el7_9.src.rpm noarch: pki-base-10.5.18-23.el7_9.noarch.rpm pki-base-java-10.5.18-23.el7_9.noarch.rpm pki-ca-10.5.18-23.el7_9.noarch.rpm pki-javadoc-10.5.18-23.el7_9.noarch.rpm pki-kra-10.5.18-23.el7_9.noarch.rpm pki-server-10.5.18-23.el7_9.noarch.rpm x86_64: pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm pki-symkey-10.5.18-23.el7_9.x86_64.rpm pki-tools-10.5.18-23.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: pki-core-10.5.18-23.el7_9.src.rpm noarch: pki-base-10.5.18-23.el7_9.noarch.rpm pki-base-java-10.5.18-23.el7_9.noarch.rpm pki-ca-10.5.18-23.el7_9.noarch.rpm pki-kra-10.5.18-23.el7_9.noarch.rpm pki-server-10.5.18-23.el7_9.noarch.rpm ppc64le: pki-core-debuginfo-10.5.18-23.el7_9.ppc64le.rpm pki-tools-10.5.18-23.el7_9.ppc64le.rpm x86_64: pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm pki-symkey-10.5.18-23.el7_9.x86_64.rpm pki-tools-10.5.18-23.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): Source: pki-core-10.5.18-23.el7_9.src.rpm noarch: pki-base-10.5.18-23.el7_9.noarch.rpm pki-base-java-10.5.18-23.el7_9.noarch.rpm pki-ca-10.5.18-23.el7_9.noarch.rpm pki-javadoc-10.5.18-23.el7_9.noarch.rpm pki-kra-10.5.18-23.el7_9.noarch.rpm pki-server-10.5.18-23.el7_9.noarch.rpm ppc64: pki-core-debuginfo-10.5.18-23.el7_9.ppc64.rpm pki-symkey-10.5.18-23.el7_9.ppc64.rpm pki-tools-10.5.18-23.el7_9.ppc64.rpm ppc64le: pki-core-debuginfo-10.5.18-23.el7_9.ppc64le.rpm pki-symkey-10.5.18-23.el7_9.ppc64le.rpm s390x: pki-core-debuginfo-10.5.18-23.el7_9.s390x.rpm pki-symkey-10.5.18-23.el7_9.s390x.rpm pki-tools-10.5.18-23.el7_9.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: pki-core-10.5.18-23.el7_9.src.rpm noarch: pki-base-10.5.18-23.el7_9.noarch.rpm pki-base-java-10.5.18-23.el7_9.noarch.rpm pki-ca-10.5.18-23.el7_9.noarch.rpm pki-kra-10.5.18-23.el7_9.noarch.rpm pki-server-10.5.18-23.el7_9.noarch.rpm x86_64: pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm pki-symkey-10.5.18-23.el7_9.x86_64.rpm pki-tools-10.5.18-23.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: pki-javadoc-10.5.18-23.el7_9.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2393 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBY1anstzjgjWX9erEAQggtxAAkCBV4nrxolVnvqT3zLzViIK3SU2XiHym aJm3+6S+rlMa1s1DkJ2Ip5utFII8BldkhYd8KbmDBj5qKLAY0T8oyJf3Q6dokN10 1EGciIbio8yCbp6A6pVPNqUxDgFi6DSXcipc8klZTUyfLcf/ydpCCcbByzHLuva0 XkROzwCdS8DZ93y3yR4CKcfs8TL5kfbpht5fSYCpVwrExXJYuUZrzKVXWI7IHz5o lgjb7cZWKFaf+Vwrb3wBo+MZoJ0aNeEsg5E2//wqGCVthk3L0CLPaXCTPHcLP5b1 jD9ZJ8PP9QyJ3sfATYIhjqbaXB1r+lFRg45+OOlurQS2Ai7F1dnnRyg59nFEObdP s/qT9ZkzSQnXqsGSyFnkf9GTsGuuhT7OzxZxoILZ3Pq9D/f2bDBPlIB+5/cP1GyN iM9SGvBmkl4edzUiiukEZ/l8IllbgaaHaUyERVF0u+2WDiw2m4jZ+y2N/IlFWj+u DXvIoaCuFSSJXD5niUqq2bVODvYoqn2/XluDjUoMi/h4aP4C4zjSTov1MetPzG+O 6oVsO67iGxvb0na8r1Y2YEWtRZgO9lXQzVjd+CBfr19qCcCLanEQP/D0CC0fVmkP oG+WHk6S2zHXmWrZxPWz4tDqEPlD/nEtH0H9JQ0DFzyrwNnTFnu5RjKS8lUrwpAr +wMn5+WR0Ao=FOIV -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Oct 24, 2022
Red Hat
89
security advisorymoderatefedoraFedora 32: FEDORA-2021-344dd24c84 Critical: Certificate Renewal Issue
Fix CVE-2021-20179: Unprivileged users can renew any certificate. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-344dd24c84 2021-03-20 01:13:48.600958 --------------------------------------------------------------------------------Name : pki-core Product : Fedora 32 Version : 10.10.5 Release : 5.fc32 URL : https://www.dogtagpki.org Summary : Dogtag PKI Core Package Description : Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: * Automatic Certificate Management Environment (ACME) Responder * Certificate Authority (CA) * Key Recovery Authority (KRA) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) --------------------------------------------------------------------------------Update Information: Fix CVE-2021-20179: Unprivileged users can renew any certificate --------------------------------------------------------------------------------ChangeLog: * Fri Mar 12 2021 Dogtag PKI Team
Mar 19, 2021
•Critical
Fedora
89
security advisoryfedorasoftware updateFedora 35: 2022-b725a8d91c3 High: Certificate Management Update
- Use tomcat instead of pki-servlet-engine in ELN and RHEL 9 - Drop dependency on esc for s390(x) architectures - build pki-core properly for ELN and RHEL 9 - Fix CVE-2021-20179: Unprivileged users can renew any certificate - Drop i686 architecture going forward. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-c0d6637ca5 2021-03-19 19:51:22.367631 --------------------------------------------------------------------------------Name : dogtag-pki Product : Fedora 34 Version : 10.10.5 Release : 3.fc34 URL : https://www.dogtagpki.org Summary : Dogtag PKI Package Description : Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: * Automatic Certificate Management Environment (ACME) Responder * Certificate Authority (CA) * Key Recovery Authority (KRA) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) --------------------------------------------------------------------------------Update Information: - Use tomcat instead of pki-servlet-engine in ELN and RHEL 9 - Drop dependency on esc for s390(x) architectures - build pki-core properly for ELN and RHEL 9 -Fix CVE-2021-20179: Unprivileged users can renew any certificate - Drop i686 architecture going forward --------------------------------------------------------------------------------ChangeLog: * Wed Mar 10 2021 Dogtag PKI Team - 10.10.5-3 - Use tomcat instead of pki-servlet-engine in ELN * Wed Mar 10 2021 Dogtag PKI Team - 10.10.5-2 - Drop dependency on esc for s390(x) architectures --------------------------------------------------------------------------------References: [ 1 ] Bug #1914379 - CVE-2021-20179 pki-core: Unprivileged users can renew any certificate https://bugzilla.redhat.com/show_bug.cgi?id=1914379 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-c0d6637ca5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 19, 2021
•Critical
Fedora
89
security advisorymoderateFedoraFedora 34: 2021-c0d6637ca5 Moderate: pki-core Certificate Issue
- Use tomcat instead of pki-servlet-engine in ELN and RHEL 9 - Drop dependency on esc for s390(x) architectures - build pki-core properly for ELN and RHEL 9 - Fix CVE-2021-20179: Unprivileged users can renew any certificate - Drop i686 architecture going forward. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-c0d6637ca5 2021-03-19 19:51:22.367631 --------------------------------------------------------------------------------Name : pki-core Product : Fedora 34 Version : 10.10.5 Release : 6.fc34 URL : https://www.dogtagpki.org Summary : Dogtag PKI Core Package Description : Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: * Automatic Certificate Management Environment (ACME) Responder * Certificate Authority (CA) * Key Recovery Authority (KRA) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) --------------------------------------------------------------------------------Update Information: - Use tomcat instead of pki-servlet-engine in ELN and RHEL 9 - Drop dependency on esc for s390(x) architectures - build pki-core properly for ELN and RHEL 9 -Fix CVE-2021-20179: Unprivileged users can renew any certificate - Drop i686 architecture going forward --------------------------------------------------------------------------------ChangeLog: * Fri Mar 12 2021 Dogtag PKI Team
Mar 19, 2021
Fedora
197
security advisorymoderatesecurity updateDebian: DLA-2485-1 Moderate: Python-Certbot ACMEv2 Transition
Let's Encrypt's ACMEv1 API is deprecated and in the process of being shut down. Beginning with brownouts in January 2021, and ending with a total shutdown in June 2021, the Let's Encrypt APIs will become unavailable. To prevent users having disruptions to their certificate . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2484-1
Dec 08, 2020
•Important
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!