Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorylowOpenSUSE

openSUSE Leap 17.0 Security Update openSUSE-SU-2026-20487-3 CVE-2026-71235

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for mumble ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20394-1 Rating: low References: * bsc#1259721 Cross-References: * CVE-2025-71264 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for mumble fixes the following issues: Changes in mumble: - CVE-2025-71264: (opus) incorrect size calculations allow for an out-of-bounds array access and can lead to a client crash (boo#1259721) - Update to version 1.5.857: * fixes for undesired ACL behavior * Client bug fixes: UI, memory leaks, audio mute/volume behavior Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-173=1 Package List: - openSUSE Leap 16.0: mumble-1.5.857-bp160.1.1 mumble-server-1.5.857-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2025-71264.html . An openSUSE update for mumble addresses a low-level issue with a client crash due to incorrect size calculations.. openSUSE mumble security client crash low severity. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Mar 25, 2026 Low OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorypatchimportant

SUSE: 2024:0784-1 Alert: freerdp Vulnerability Notice Enhancements

* bsc#1223346 * bsc#1223347 * bsc#1223348 * bsc#1223353 . # Security update for freerdp Announcement ID: SUSE-SU-2024:1856-1 Rating: important References: * bsc#1223346 * bsc#1223347 * bsc#1223348 * bsc#1223353 Cross-References: * CVE-2024-32658 * CVE-2024-32659 * CVE-2024-32660 * CVE-2024-32661 CVSS scores: * CVE-2024-32658 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32659 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2024-32660 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-32661 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: * CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec (bsc#1223353). * CVE-2024-32659: Fixed out-of-bounds read if `((nWidth == 0) and (nHeight == 0))` (bsc#1223346) * CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347) * CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1856=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1856=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1856=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1856=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1856=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1856=1 ## Package List: * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * libwinpr2-debuginfo-2.4.0-150400.3.32.1 * freerdp-debugsource-2.4.0-150400.3.32.1 * libwinpr2-2.4.0-150400.3.32.1 * libfreerdp2-debuginfo-2.4.0-150400.3.32.1 * freerdp-debuginfo-2.4.0-150400.3.32.1 * libfreerdp2-2.4.0-150400.3.32.1 * winpr2-devel-2.4.0-150400.3.32.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * freerdp-proxy-debuginfo-2.4.0-150400.3.32.1 * freerdp-2.4.0-150400.3.32.1 * libwinpr2-debuginfo-2.4.0-150400.3.32.1 * freerdp-debugsource-2.4.0-150400.3.32.1 * libwinpr2-2.4.0-150400.3.32.1 * freerdp-devel-2.4.0-150400.3.32.1 * freerdp-proxy-2.4.0-150400.3.32.1 * libfreerdp2-debuginfo-2.4.0-150400.3.32.1 * freerdp-debuginfo-2.4.0-150400.3.32.1 * libfreerdp2-2.4.0-150400.3.32.1 * winpr2-devel-2.4.0-150400.3.32.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * freerdp-proxy-debuginfo-2.4.0-150400.3.32.1 * freerdp-2.4.0-150400.3.32.1 * libwinpr2-debuginfo-2.4.0-150400.3.32.1 * freerdp-debugsource-2.4.0-150400.3.32.1 * libwinpr2-2.4.0-150400.3.32.1 * freerdp-devel-2.4.0-150400.3.32.1 * freerdp-proxy-2.4.0-150400.3.32.1 * libfreerdp2-debuginfo-2.4.0-150400.3.32.1 * freerdp-debuginfo-2.4.0-150400.3.32.1 * libfreerdp2-2.4.0-150400.3.32.1 *winpr2-devel-2.4.0-150400.3.32.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * freerdp-wayland-2.4.0-150400.3.32.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.32.1 * freerdp-2.4.0-150400.3.32.1 * freerdp-server-2.4.0-150400.3.32.1 * libwinpr2-debuginfo-2.4.0-150400.3.32.1 * winpr2-devel-2.4.0-150400.3.32.1 * freerdp-debugsource-2.4.0-150400.3.32.1 * libwinpr2-2.4.0-150400.3.32.1 * freerdp-devel-2.4.0-150400.3.32.1 * freerdp-proxy-2.4.0-150400.3.32.1 * libfreerdp2-debuginfo-2.4.0-150400.3.32.1 * uwac0-0-devel-2.4.0-150400.3.32.1 * freerdp-server-debuginfo-2.4.0-150400.3.32.1 * libuwac0-0-debuginfo-2.4.0-150400.3.32.1 * freerdp-debuginfo-2.4.0-150400.3.32.1 * libfreerdp2-2.4.0-150400.3.32.1 * freerdp-wayland-debuginfo-2.4.0-150400.3.32.1 * libuwac0-0-2.4.0-150400.3.32.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * freerdp-wayland-2.4.0-150400.3.32.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.32.1 * freerdp-2.4.0-150400.3.32.1 * freerdp-server-2.4.0-150400.3.32.1 * libwinpr2-debuginfo-2.4.0-150400.3.32.1 * winpr2-devel-2.4.0-150400.3.32.1 * freerdp-debugsource-2.4.0-150400.3.32.1 * libwinpr2-2.4.0-150400.3.32.1 * freerdp-devel-2.4.0-150400.3.32.1 * freerdp-proxy-2.4.0-150400.3.32.1 * libfreerdp2-debuginfo-2.4.0-150400.3.32.1 * uwac0-0-devel-2.4.0-150400.3.32.1 * freerdp-server-debuginfo-2.4.0-150400.3.32.1 * libuwac0-0-debuginfo-2.4.0-150400.3.32.1 * freerdp-debuginfo-2.4.0-150400.3.32.1 * libfreerdp2-2.4.0-150400.3.32.1 * freerdp-wayland-debuginfo-2.4.0-150400.3.32.1 * libuwac0-0-2.4.0-150400.3.32.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * freerdp-wayland-2.4.0-150400.3.32.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.32.1 * freerdp-2.4.0-150400.3.32.1 * freerdp-server-2.4.0-150400.3.32.1 * libwinpr2-debuginfo-2.4.0-150400.3.32.1 * winpr2-devel-2.4.0-150400.3.32.1 * freerdp-debugsource-2.4.0-150400.3.32.1 *libwinpr2-2.4.0-150400.3.32.1 * freerdp-devel-2.4.0-150400.3.32.1 * freerdp-proxy-2.4.0-150400.3.32.1 * libfreerdp2-debuginfo-2.4.0-150400.3.32.1 * uwac0-0-devel-2.4.0-150400.3.32.1 * freerdp-server-debuginfo-2.4.0-150400.3.32.1 * libuwac0-0-debuginfo-2.4.0-150400.3.32.1 * freerdp-debuginfo-2.4.0-150400.3.32.1 * libfreerdp2-2.4.0-150400.3.32.1 * freerdp-wayland-debuginfo-2.4.0-150400.3.32.1 * libuwac0-0-2.4.0-150400.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32658.html * https://www.suse.com/security/cve/CVE-2024-32659.html * https://www.suse.com/security/cve/CVE-2024-32660.html * https://www.suse.com/security/cve/CVE-2024-32661.html * https://bugzilla.suse.com/show_bug.cgi?id=1223346 * https://bugzilla.suse.com/show_bug.cgi?id=1223347 * https://bugzilla.suse.com/show_bug.cgi?id=1223348 * https://bugzilla.suse.com/show_bug.cgi?id=1223353 . Significant freerdp enhancements tackle severe problems, featuring vulnerabilities linked to memory overflows and application failures. Apply updates promptly.. SUSE Patch, freerdp Security, Important Update, SUSE Security Advisory, Critical Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 19, 2024 Important SuSE
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 36: FEDORA-2022-4b739ab17e Important: python Server Fail

Rebuild for CVE-2022-27191. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3a63897745 2022-04-28 05:50:06.248389 --------------------------------------------------------------------------------Name : golang-github-haproxytech-client-native Product : Fedora 35 Version : 2.5.3 Release : 2.fc35 URL : https://github.com/haproxytech/client-native Summary : Go client for HAProxy configuration and runtime API Description : Go client for HAProxy configuration and runtime API. --------------------------------------------------------------------------------Update Information: Rebuild for CVE-2022-27191 --------------------------------------------------------------------------------ChangeLog: * Sat Apr 16 2022 Fabio Alessandro Locati - 2.5.3-2 - Rebuilt for CVE-2022-27191 --------------------------------------------------------------------------------References: [ 1 ] Bug #2074262 - CVE-2022-27191 golang-x-crypto: golang: crash in a golang.org/x/crypto/ssh server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2074262 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3a63897745' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 35 addresses CVE-2022-27191 in golang-client package, enhancing security and stability.. Fedora Update,golang Client,HAProxy Configuration,security patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 28, 2022 Important Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianDoS

Debian Stretch: DLA-2747-1 Critical Segfault in ircii Client Disconnect

An issue has been found in ircii, an Internet Relay Chat client. A crafted CTCP UTC message could allow an attacker to disconnect the victim from an IRC server due to a segmentation fault and client crash. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2747-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz August 22, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : ircii Version : 20151120-1+deb9u1 CVE ID : CVE-2021-29376 An issue has been found in ircii, an Internet Relay Chat client. A crafted CTCP UTC message could allow an attacker to disconnect the victim from an IRC server due to a segmentation fault and client crash. For Debian 9 stretch, this problem has been fixed in version 20151120-1+deb9u1. We recommend that you upgrade your ircii packages. For the detailed security status of ircii please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/ircii Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-2750-2 resolves a buffer overflow in mime-construct, bolstering the email client against malformed inputs.. ircii, Debian LTS, security update, DoS attack, segmentation fault. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 22, 2021 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebiansegmentation fault

Debian 9 Stretch: DLA-2746-1 Moderate: Scrollz Client Crash Issue

An issue has been found in scrollz, an advanced ircII-based IRC client. A crafted CTCP UTC message could allow an attacker to disconnect the victim from an IRC server due to a segmentation fault and client crash. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2746-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz August 21, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : scrollz Version : 2.2.3-1+deb9u1 CVE ID : CVE-2021-29376 An issue has been found in scrollz, an advanced ircII-based IRC client. A crafted CTCP UTC message could allow an attacker to disconnect the victim from an IRC server due to a segmentation fault and client crash. For Debian 9 stretch, this problem has been fixed in version 2.2.3-1+deb9u1. We recommend that you upgrade your scrollz packages. For the detailed security status of scrollz please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/scrollz Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance the scrollz framework to rectify urgent vulnerabilities impacting IRC link stability and avert system failures.. Debian LTS, Scrollz Client, IRC Security Update. . LinuxSecurity.com Team

Calendar 2 Aug 20, 2021 Debian LTS
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryremote accessinteger overflow

Mageia: 2020-0338 Critical: Freerdp Integer Overflow Crash

Integer overflow due to missing input sanitation in rdpegfx channel. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a memcpy) (CVE-2020-15103). . MGASA-2020-0338 - Updated freerdp packages fix security vulnerability Publication date: 18 Aug 2020 URL: https://advisories.mageia.org/MGASA-2020-0338.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-16135 Integer overflow due to missing input sanitation in rdpegfx channel. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a memcpy) (CVE-2020-15103). The freerdp package has been updated to version 2.2.0, fixing this issue and other bugs. References: - https://bugs.mageia.org/show_bug.cgi?id=27047 - https://github.com/FreeRDP/FreeRDP/releases/tag/2.2.0 - https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4r38-6hq7-j3j9 - https://www.cve.org/CVERecord?id=CVE-2020-16135 SRPMS: - 7/core/freerdp-2.2.0-1.mga7 . A security patch for freerdp software resolves integer overflow flaws and enhances input validation mechanisms.. Freerdp Security Update, Mageia Security Advisory, Remote Desktop Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 18, 2020 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSUSE

SUSE 2020:0527-1 Moderate: mariadb Fixes Client Crash and Path Issues

An update that solves two vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0527-1 Rating: moderate References: #1077717 #1160895 #1160912 #1162388 Cross-References: CVE-2019-18901 CVE-2020-2574 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 HPE Helion Openstack 8 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for mariadb fixes the following issues: MariaDB was updated to version 10.0.40-3 (bsc#1162388). Security issues fixed: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388). - CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-527=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2020-527=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2020-527=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (x86_64): libmysqlclient18-10.0.40.3-29.38.1 libmysqlclient18-debuginfo-10.0.40.3-29.38.1 - SUSE OpenStack Cloud 8 (x86_64): libmysqlclient18-10.0.40.3-29.38.1 libmysqlclient18-debuginfo-10.0.40.3-29.38.1 - HPE Helion Openstack 8 (x86_64): libmysqlclient18-10.0.40.3-29.38.1 libmysqlclient18-debuginfo-10.0.40.3-29.38.1 References: https://www.suse.com/security/cve/CVE-2019-18901.html https://www.suse.com/security/cve/CVE-2020-2574.html https://bugzilla.suse.com/1077717 https://bugzilla.suse.com/1160895 https://bugzilla.suse.com/1160912 https://bugzilla.suse.com/1162388 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE has issued a security update for MariaDB due to two critical vulnerabilities affecting OpenStack. Review the details and adhere to patching guidelines to secure your systems. SUSE Security Update,mariadb update,OpenStack security,security patch,SUSE vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 28, 2020 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 30: FEDORA-2019-cc896df591 Critical: Mosquitto Client Disconnection

1.6.2 when v5 client with Will message disconnects, where the Will message has as its first property one of `content-type`, `correlation-data`, `payload-format- indicator`, or `response-topic`. * Fix build for WITH_TLS=no. * Fix Will message not allowing user-property properties. * Fix broker originated messages (e.g.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-cc896df591 2019-05-11 01:56:51.127416 --------------------------------------------------------------------------------Name : mosquitto Product : Fedora 30 Version : 1.6.2 Release : 1.fc30 URL : https://mosquitto.org/ Summary : An Open Source MQTT v3.1/v3.1.1 Broker Description : Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power sensors or mobile devices such as phones, embedded computers or micro-controllers like the Arduino. --------------------------------------------------------------------------------Update Information: 1.6.2 ===== Broker: * Fix memory access after free, leading to possible crash, when v5 client with Will message disconnects, where the Will message has as its first property one of `content-type`, `correlation-data`, `payload-format-indicator`, or `response-topic`. * Fix build for WITH_TLS=no. * Fix Will message not allowing user-property properties. * Fix broker originated messages (e.g. $SYS/broker/version) not being published when `check_retain_source` set to true. Closes #1245. * Fix $SYS/broker/version being incorrectly expired after 60 seconds. Closes #1245. Library: * Fix crash after client has been unable to connect to a broker. This occurs when the client is exiting and is part of the final library cleanup routine. Closes #1246. Clients: * Fix -Lurl parsing. Closes #1248. ---- 1.6.1 release --------------------------------------------------------------------------------ChangeLog: * Tue Apr 30 2019 Peter Robinson 1.6.2-1 - 1.6.2 release * Sat Apr 27 2019 Peter Robinson 1.6.1-1 - 1.6.1 release * Thu Apr 18 2019 Peter Robinson 1.6.0-1 - Major new 1.6.0 release - Support for MQTT 5 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-cc896df591' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest mosquitto update in Fedora 30 addresses several critical bugs, such as client connectivity problems and unsafe memory interactions that could result in system failures.. mosquitto update,Fedora 30 security,message broker issue,MQTT protocol fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 10, 2019 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here