Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 3 articles for you...
89
security advisoryfedoranetworking updateFedora 44 rust-reqsign-azure-storage Advisory 2026-b8b59dcf44 TLS Update
Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8b59dcf44 2026-03-28 00:15:26.019955+00:00 -------------------------------------------------------------------------------- Name : rust-reqsign-azure-storage Product : Fedora 44 Version : 3.0.0 Release : 1.fc44 URL : https://crates.io/crates/reqsign-azure-storage Summary : Azure Storage signing implementation for reqsign Description : Azure Storage signing implementation for reqsign. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so, they have marked the change as breaking out of an abundance of caution. The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13, which included some breaking changes to TLS certificate verification. This update also includes updates for several of uv\u2019s Rust library dependencies. Update rust-openssl-probe to 0.2.1, including breaking changes introduced in 0.2.0, and introduce a new rust-openssl-probe0.1 compat package. Update rust-rustls-native-certs to 0.8.3, now using openssl-probe 0.2. Update rust-native-tls to 0.2.18. Version 0.2.16 added TLS 1.3 as an option, added stack_from_pem, and upgraded openssl-probe to 0.2. Version 0.2.17 added support for ALPN on the server side. Version 0.2.18fixed min/max protocol selection fallback for very old OpenSSL versions. Add an initial package for rust-webpki-root-certs. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2026 Benjamin A. Beasley - 3.0.0-1 - Update to version 3.0.0; Fixes RHBZ#2432771 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2425802 - rust-openssl-probe-0.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425802 [ 2 ] Bug #2425819 - rust-rustls-native-certs-0.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2425819 [ 3 ] Bug #2432768 - rust-reqsign-aliyun-oss-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432768 [ 4 ] Bug #2432769 - rust-reqsign-core-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432769 [ 5 ] Bug #2432770 - rust-reqsign-0.20.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432770 [ 6 ] Bug #2432771 - rust-reqsign-azure-storage-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432771 [ 7 ] Bug #2432772 - rust-reqsign-http-send-reqwest-4.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432772 [ 8 ] Bug #2432773 - rust-reqsign-google-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432773 [ 9 ] Bug #2432774 - rust-reqsign-file-read-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432774 [ 10 ] Bug #2432775 - rust-reqsign-command-execute-tokio-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432775 [ 11 ] Bug #2432776 - rust-reqsign-aws-v4-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432776 [ 12 ] Bug #2432777 - rust-reqsign-huaweicloud-obs-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432777 [ 13 ] Bug #2432779 - rust-reqsign-tencent-cos-3.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2432779 [ 14 ] Bug #2436289 - rust-ambient-id-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2436289 [ 15 ] Bug #2437941 - rust-astral-reqwest-middleware-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437941 [ 16 ] Bug #2437942 - rust-astral-reqwest-retry-0.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437942 [ 17 ] Bug #2437976 - rust-astral_async_http_range_reader-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2437976 [ 18 ] Bug #2439752 - rust-native-tls-0.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=2439752 [ 19 ] Bug #2450541 - python-uv-build-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450541 [ 20 ] Bug #2450582 - uv-0.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2450582 [ 21 ] Bug #2451103 - Review Request: rust-webpki-root-certs - Mozilla trusted certificate authorities in self-signed X.509 format https://bugzilla.redhat.com/show_bug.cgi?id=2451103 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8b59dcf44' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for rust-reqsign-azure-storage in Fedora 44 addressing breaking changes to TLS certificates and networking stack.. rust-reqsign-azure-storage,tls update,networking change,security advisory. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Fedora
100
security advisoryimportantTLSSUSE Linux Micro: 2025:20022-1 important: ca-certificates-mozilla
* bsc#1199079 * bsc#1220356 * bsc#1227525 Affected Products: . # Security update for ca-certificates-mozilla Announcement ID: SUSE-SU-2025:20022-1 Release Date: 2025-02-03T08:49:50Z Rating: important References: * bsc#1199079 * bsc#1220356 * bsc#1227525 Affected Products: * SUSE Linux Micro 6.0 An update that has three fixes can now be installed. ## Description: This update for ca-certificates-mozilla fixes the following issues: * Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) * Added: FIRMAPROFESIONAL CA ROOT-A WEB * Distrust: GLOBALTRUST 2020 * Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: * CommScope Public Trust ECC Root-01 * CommScope Public Trust ECC Root-02 * CommScope Public Trust RSA Root-01 * CommScope Public Trust RSA Root-02 * D-Trust SBR Root CA 1 2022 * D-Trust SBR Root CA 2 2022 * Telekom Security SMIME ECC Root 2021 * Telekom Security SMIME RSA Root 2023 * Telekom Security TLS ECC Root 2020 * Telekom Security TLS RSA Root 2023 * TrustAsia Global Root CA G3 * TrustAsia Global Root CA G4 Removed: * Autoridad de Certificacion Firmaprofesional CIF A62634068 * Chambers of Commerce Root - 2008 * Global Chambersign Root - 2008 * Security Communication Root CA * Symantec Class 1 Public Primary Certification Authority - G6 * Symantec Class 2 Public Primary Certification Authority - G6 * TrustCor ECA-1 * TrustCor RootCert CA-1 * TrustCor RootCert CA-2 * VeriSign Class 1 Public Primary Certification Authority - G3 * VeriSign Class 2 Public Primary Certification Authority - G3 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-24=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * ca-certificates-mozilla-2.68-1.1 ## References: *https://bugzilla.suse.com/show_bug.cgi?id=1199079 * https://bugzilla.suse.com/show_bug.cgi?id=1220356 * https://bugzilla.suse.com/show_bug.cgi?id=1227525 . Important enhancement for ca-certificates-mozilla boosts SSL root CA confidence on SUSE systems, vital for safeguarding.. SUSE Linux Micro, SSL root CA, ca-certificates, security update. . Severity: Important. LinuxSecurity.com Team
Jun 04, 2025
•Important
SuSE
100
security advisorymoderateupdateSUSE 6.0: 2025:20336-1 moderate: ca-certificates-mozilla update
* bsc#1010996 * bsc#1199079 * bsc#1229003 * bsc#1234798 * bsc#1240009 . # Security update for ca-certificates-mozilla Announcement ID: SUSE-SU-2025:20336-1 Release Date: May 21, 2025, 3:38 p.m. Rating: moderate References: * bsc#1010996 * bsc#1199079 * bsc#1229003 * bsc#1234798 * bsc#1240009 * bsc#1240343 * bsc#441356 Affected Products: * SUSE Linux Micro 6.0 An update that has seven fixes can now be installed. ## Description: This update for ca-certificates-mozilla fixes the following issues: * test for a concretely missing certificate rather than just the directory, as the latter is now also provided by openssl-3 * Re-create java-cacerts with SOURCE_DATE_EPOCH set for reproducible builds (bsc#1229003) * explicit remove distrusted certs, as the distrust does not get exported correctly and the SSL certs are still trusted. (bsc#1240343) * Entrust.net Premium 2048 Secure Server CA * Entrust Root Certification Authority * AffirmTrust Commercial * AffirmTrust Networking * AffirmTrust Premium * AffirmTrust Premium ECC * Entrust Root Certification Authority - G2 * Entrust Root Certification Authority - EC1 * GlobalSign Root E46 * GLOBALTRUST 2020 * pass file argument to awk (bsc#1240009) * update to 2.74 state of Mozilla SSL root CAs: Removed: * SwissSign Silver CA - G2 Added: * D-TRUST BR Root CA 2 2023 * D-TRUST EV Root CA 2 2023 * remove extensive signature printing in comments of the cert bundle * Define two macros to break a build cycle with p11-kit. * Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798) Removed: * SecureSign RootCA11 * Security Communication RootCA3 Added: * TWCA CYBER Root CA * TWCA Global Root CA G2 * SecureSign Root CA12 * SecureSign Root CA14 * SecureSign Root CA15 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for yourproduct: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-331=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * ca-certificates-mozilla-2.74-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1010996 * https://bugzilla.suse.com/show_bug.cgi?id=1199079 * https://bugzilla.suse.com/show_bug.cgi?id=1229003 * https://bugzilla.suse.com/show_bug.cgi?id=1234798 * https://bugzilla.suse.com/show_bug.cgi?id=1240009 * https://bugzilla.suse.com/show_bug.cgi?id=1240343 * https://bugzilla.suse.com/show_bug.cgi?id=441356 . Recent enhancement for ca-certificates-mozilla in SUSE addresses multiple SSL certificate problems. Confirm your system is up-to-date.. ca-certificates-mozilla,SUSE update,security advisory,SSL certificates. . LinuxSecurity.com Team
May 29, 2025
SuSE
172
security advisorycode executionremote attackUbuntu 18.04 LTS: Security Advisory USN-6948-1 Critical: Salt Issues
Several security issues were fixed in Salt.. ========================================================================== Ubuntu Security Notice USN-6948-1 August 08, 2024 salt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Salt. Software Description: - salt: Infrastructure management built on a dynamic communication bus Details: It was discovered that Salt incorrectly handled crafted web requests. A remote attacker could possibly use this issue to run arbitrary commands. (CVE-2020-16846) It was discovered that Salt incorrectly created certificates with weak file permissions. (CVE-2020-17490) It was discovered that Salt incorrectly handled credential validation. A remote attacker could possibly use this issue to bypass authentication. (CVE-2020-25592) It was discovered that Salt incorrectly handled crafted process names. An attacker could possibly use this issue to run arbitrary commands. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-28243) It was discovered that Salt incorrectly handled validation of SSL/TLS certificates. A remote attacker could possibly use this issue to spoof a trusted entity. (CVE-2020-28972, CVE-2020-35662) It was discovered that Salt incorrectly handled credential validation. A remote attacker could possibly use this issue to run arbitrary code. (CVE-2021-25281) It was discovered that Salt incorrectly handled crafted paths. A remote attacker could possibly use this issue to perform directory traversal. (CVE-2021-25282) It was discovered that Salt incorrectly handled template rendering. A remote attacker could possibly this issue to run arbitrary code. (CVE-2021-25283) It was discovered that Salt incorrectly handled logging. An attacker could possibly use this issue to discover credentials. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-25284) It was discoveredthat Salt incorrectly handled crafted web requests. A remote attacker could possibly use this issue to run arbitrary commands. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3148) It was discovered that Salt incorrectly handled input sanitization. A remote attacker could possibly use this issue to run arbitrary commands. (CVE-2021-3197) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS salt-common 2017.7.4+dfsg1-1ubuntu18.04.2+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS salt-common 2015.8.8+ds-1ubuntu0.1+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6948-1 CVE-2020-16846, CVE-2020-17490, CVE-2020-25592, CVE-2020-28243, CVE-2020-28972, CVE-2020-35662, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283, CVE-2021-25284, CVE-2021-3148, CVE-2021-3197 . Numerous vulnerabilities in Salt addressed in Ubuntu 20.04 and 22.04 LTS. Critical patches released to protect your environment.. Salt Security, Ubuntu Updates, Remote Attack Fixes, Security Advisory, Software Vulnerability. . Severity: Critical. LinuxSecurity.com Team
Aug 08, 2024
•Critical
Ubuntu
100
security advisorymoderateupdateSUSE: 2023:4507-1 Moderate: Java 1.8.0 OpenJDK Security Issues
* bsc#1211968 * bsc#1216374 * bsc#1216379 Cross-References: . # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2023:4507-1 Rating: moderate References: * bsc#1211968 * bsc#1216374 * bsc#1216379 Cross-References: * CVE-2015-4000 * CVE-2023-22067 * CVE-2023-22081 CVSS scores: * CVE-2015-4000 ( NVD ): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-22067 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-22067 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-22081 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-22081 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u392 (icedtea-3.29.0) October 2023 CPU: * CVE-2023-22067: Fixed IOR deserialization issue in CORBA (bsc#1216379). * CVE-2023-22081: Fixed certificate path validation issue during client authentication (bsc#1216374). * CVE-2015-4000: Fixed Logjam issue in SLES12SP5 (bsc#1211968). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4507=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4507=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4507=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) *java-1_8_0-openjdk-devel-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-1.8.0.392-27.93.1 * java-1_8_0-openjdk-devel-1.8.0.392-27.93.1 * java-1_8_0-openjdk-headless-1.8.0.392-27.93.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-debugsource-1.8.0.392-27.93.1 * java-1_8_0-openjdk-demo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-debuginfo-1.8.0.392-27.93.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-1.8.0.392-27.93.1 * java-1_8_0-openjdk-devel-1.8.0.392-27.93.1 * java-1_8_0-openjdk-headless-1.8.0.392-27.93.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-debugsource-1.8.0.392-27.93.1 * java-1_8_0-openjdk-demo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-debuginfo-1.8.0.392-27.93.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-1.8.0.392-27.93.1 * java-1_8_0-openjdk-devel-1.8.0.392-27.93.1 * java-1_8_0-openjdk-headless-1.8.0.392-27.93.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-debugsource-1.8.0.392-27.93.1 * java-1_8_0-openjdk-demo-1.8.0.392-27.93.1 * java-1_8_0-openjdk-debuginfo-1.8.0.392-27.93.1 ## References: * https://www.suse.com/security/cve/CVE-2015-4000.html * https://www.suse.com/security/cve/CVE-2023-22067.html * https://www.suse.com/security/cve/CVE-2023-22081.html * https://bugzilla.suse.com/show_bug.cgi?id=1211968 * https://bugzilla.suse.com/show_bug.cgi?id=1216374 * https://bugzilla.suse.com/show_bug.cgi?id=1216379 . The recent java-1_8_0-openjdk patch resolves various concerns in SUSE Linux Enterprise, labeled with moderateseverity levels.. Java Update, SUSE Linux, OpenJDK Security Update, Moderate Threat. . LinuxSecurity.com Team
Nov 21, 2023
SuSE
89
security advisoryFedorasecurity fixFedora 38 Advisory: 2023-9f5f1ef40a High: Moby-Engine Security Fixes
- Update moby-engine to 24.0.5 - Security fix for CVE-2021-41803 - Security fix for CVE-2023-28842 - Security fix for CVE-2023-28841 - Security fix for CVE-2023-28840 - Security fix for CVE-2023-0845 - Security fix for CVE-2023-26054 - Security fix for CVE-2022-3064 - Security fix for CVE-2022-40716 - Security fix for CVE-2023-25173 ---- Update moby-engine to. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-9f5f1ef40a 2023-08-30 01:35:03.119254 -------------------------------------------------------------------------------- Name : moby-engine Product : Fedora 38 Version : 24.0.5 Release : 1.fc38 URL : https://www.docker.com Summary : The open-source application container engine Description : Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance and everything in between - and they don't require you to use a particular language, framework or packaging system. That makes them great building blocks for deploying and scaling web apps, databases, and backend services without depending on a particular stack or provider. -------------------------------------------------------------------------------- Update Information: - Update moby-engine to 24.0.5 - Security fix for CVE-2021-41803 - Security fix for CVE-2023-28842 - Security fix for CVE-2023-28841 - Security fix for CVE-2023-28840 - Security fix for CVE-2023-0845 - Security fix for CVE-2023-26054 - Security fix for CVE-2022-3064 - Security fix for CVE-2022-40716 - Security fix for CVE-2023-25173 ---- Update moby-engine to 23.0.4 -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 23 2023 LuK1337 - 24.0.5-1 - Update moby-engine to 24.0.5 * Thu Jul 20 2023 Fedora ReleaseEngineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2156860 - CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request https://bugzilla.redhat.com/show_bug.cgi?id=2156860 [ 2 ] Bug #2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents https://bugzilla.redhat.com/show_bug.cgi?id=2163037 [ 3 ] Bug #2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly https://bugzilla.redhat.com/show_bug.cgi?id=2174485 [ 4 ] Bug #2176447 - CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build https://bugzilla.redhat.com/show_bug.cgi?id=2176447 [ 5 ] Bug #2177595 - CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections https://bugzilla.redhat.com/show_bug.cgi?id=2177595 [ 6 ] Bug #2184683 - CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated https://bugzilla.redhat.com/show_bug.cgi?id=2184683 [ 7 ] Bug #2184685 - CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted https://bugzilla.redhat.com/show_bug.cgi?id=2184685 [ 8 ] Bug #2184688 - CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated https://bugzilla.redhat.com/show_bug.cgi?id=2184688 [ 9 ] Bug #2189788 - CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation https://bugzilla.redhat.com/show_bug.cgi?id=2189788 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9f5f1ef40a' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Aug 30, 2023
Fedora
200
security advisorysecurity fixjava updateScientific Linux SL7 SLSA-2022:7002-1 Moderate: OpenJDK Security Issues
OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624 [More...]. Synopsis: Moderate: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2022:7002-1 Issue Date: 2022-10-20 CVE Numbers: CVE-2022-21619 CVE-2022-21626 CVE-2022-21624 CVE-2022-21628 -- Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) -- SL7 x86_64 java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.352.b08-2.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm noarch java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm - Scientific Linux Development Team . The recent security and maintenance patch for java-1.8.0-openjdk mitigates significant vulnerabilities ahead of the scheduled quarterly deployment.. OpenJDK Update, Java Security Fixes, SL7 Packages. . LinuxSecurity.com Team
Oct 21, 2022
Scientific Linux
172
security advisorysecurity issueupdateUbuntu: USN-4719-1 High Severity: CA Certificates Update
The CA certificates in the ca-certificates package were updated.. =========================================================================Ubuntu Security Notice USN-4719-1 February 02, 2021 ca-certificates update ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: The CA certificates in the ca-certificates package were updated. Software Description: - ca-certificates: Common CA certificates Details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: ca-certificates 20210119~20.10.1 Ubuntu 20.04 LTS: ca-certificates 20210119~20.04.1 Ubuntu 18.04 LTS: ca-certificates 20210119~18.04.1 Ubuntu 16.04 LTS: ca-certificates 20210119~16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4719-1 https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1914064 Package Information: https://launchpad.net/ubuntu/+source/ca-certificates/20210119~20.10.1 https://launchpad.net/ubuntu/+source/ca-certificates/20210119~20.04.1 https://launchpad.net/ubuntu/+source/ca-certificates/20210119~18.04.1 https://launchpad.net/ubuntu/+source/ca-certificates/20210119~16.04.1 . The SSL certificate bundle in Debian has undergone a significant revision, replacing obsolete certificates with the most current set.. Ubuntu Security Update, CA Certificates Update, Authority Package. . LinuxSecurity.com Team
Feb 02, 2021
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!