Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 515
Alerts This Week
Warning Icon 1 515

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 172 articles for you...
203

Mageia ImageMagick Critical Code Injection Buffer Overflow Vuln 2026-0252

Security update. Publication date: 14 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0252.html Type: security Affected Mageia releases: 10 CVE: CVE-2026-48724, CVE-2026-48733, CVE-2026-48734, CVE-2026-49218, CVE-2026-49219, CVE-2026-48994, CVE-2026-53460, CVE-2026-53461, CVE-2026-53462, CVE-2026-53463, CVE-2026-53464, CVE-2026-53465, CVE-2026-53466, CVE-2026-53467, CVE-2026-55510, CVE-2026-55628, CVE-2026-55594, CVE-2026-55595, CVE-2026-55597, CVE-2026-25797, CVE-2026-55577 Description: The updated packages fix numerous security vulnerabilities: Code injection in HTML encoder due to incomplete fix of CVE-2026-25797. (CVE-2026-25797) Heap Buffer Underwrite in Floyd-Steinberg depth dithering. (CVE-2026-48724) Infinite Loop in subimage-search with crafted image. (CVE-2026-48733) Stack Overflow in MVG decoder. (CVE-2026-48734) Policy Bypass in DCM decoder could result in image with invalid dimensions. (CVE-2026-49218) Policy Bypass can read disallowed files. (CVE-2026-49219) Heap Buffer Over-Write in MAT decoder on 32-bit systems. (CVE-2026-48994) Policy Bypass can trigger out-of-Memory condition. (CVE-2026-53460) Heap Buffer Over-Write in ICON decoder due to incorrect loop. (CVE-2026-53461) Use-After-Free when allocation in CheckPrimitiveExtent fails. (CVE-2026-53462) Null Pointer Dereference in distort operation when passing incorrect arguments. (CVE-2026-53463) Memory Leak in wand option parser when providing invalid arguments. (CVE-2026-53464) Heap Buffer Over-Write in SF3 encoder when writing multi-frame image. (CVE-2026-53465) Heap Buffer Over-Read in XCF decoder due to integer conversion overflow. (CVE-2026-53466) Information Disclosure in MNG decoder because allocated memory is left unchanged. (CVE-2026-53467) Use-After-Free in crafted 8BIM when identifying an image. (CVE-2026-55510) Heap Buffer Overflow in ImageMagick MVG decoder. (CVE-2026-55577) Stack Overflow in MVG decoder due to missing depthcheck. (CVE-2026-55594) Infinite Loop in connected-components when providing invalid arguments. (CVE-2026-55595) Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments. (CVE-2026-55597) Policy Bypass in concatenate operation due to missing checks. (CVE-2026-55628) References: - https://bugs.mageia.org/show_bug.cgi?id=35866 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2hhq-c99x-492r - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h36c-3666-h489 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5v62-8fq6-cp9m - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gm48-c7f2-v67p - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8pj9-6897-74xc - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xcjm-wqff-m669 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4v89-6mgq-6rgc - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-q62c-h75r-2xhc - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g22q-f7gc-5jhr - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-px7q-ggqj-hcf2 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p9rq-q46c-g4x6 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j989-f892-2335 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-44cp-c3ww-9rv5 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pjxj-pchx-4c3m - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h5r4-w88w-7ccr - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h58x-r7f7-rh84 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-m596-67p7-69wh - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r628-69v2-2f9c - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h7f2-f9cc-h2gv -https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jfq9-q63x-rc63 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-99w9-hv66-rfv7 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j8rh-v2r8-v94x - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7c7m-fpjw-gwcq - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6vxp-gfwf-hcr9 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hwf3-r46v-5ggx - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8g53-9m3c-69xg - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvxh-prvr-85w2 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6jwg-7q3p-5fqm - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-ff5c-8x9r-8qcw - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vghg-5jrg-2398 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-82mp-vp5c-9pf7 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v3j6-27vc-7pw2 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh5g-q395-cx4j - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-c4v7-w88g-m6c4 - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hc76-7mpc-qjqh - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qhmf-7fc4-8q3h - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-56m6-8q75-f2rw - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wx47-rm3x-jx6p - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rvhp-75f6-9jqh - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mx48-2qq3-23hf - https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-76q6-2p6h-xjqr - https://www.cve.org/CVERecord?id=CVE-2026-48724 - https://www.cve.org/CVERecord?id=CVE-2026-48733 - https://www.cve.org/CVERecord?id=CVE-2026-48734 -https://www.cve.org/CVERecord?id=CVE-2026-49218 - https://www.cve.org/CVERecord?id=CVE-2026-49219 - https://www.cve.org/CVERecord?id=CVE-2026-48994 - https://www.cve.org/CVERecord?id=CVE-2026-53460 - https://www.cve.org/CVERecord?id=CVE-2026-53461 - https://www.cve.org/CVERecord?id=CVE-2026-53462 - https://www.cve.org/CVERecord?id=CVE-2026-53463 - https://www.cve.org/CVERecord?id=CVE-2026-53464 - https://www.cve.org/CVERecord?id=CVE-2026-53465 - https://www.cve.org/CVERecord?id=CVE-2026-53466 - https://www.cve.org/CVERecord?id=CVE-2026-53467 - https://www.cve.org/CVERecord?id=CVE-2026-55510 - https://www.cve.org/CVERecord?id=CVE-2026-55628 - https://www.cve.org/CVERecord?id=CVE-2026-55594 - https://www.cve.org/CVERecord?id=CVE-2026-55595 - https://www.cve.org/CVERecord?id=CVE-2026-55597 - https://www.cve.org/CVERecord?id=CVE-2026-25797 - https://www.cve.org/CVERecord?id=CVE-2026-55577 SRPMS: - 10/core/imagemagick-7.1.2.27-1.mga10 - 10/tainted/imagemagick-7.1.2.27-1.mga10.tainted . This Mageia advisory details critical updates for ImageMagick, addressing multiple security flaws impacting system integrity and stability.. imagemagick updates, mageia security, vulnerability management. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Critical Mageia
217

Oracle Linux 9 ELSA-2026-38511 vim Important Code Injection

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38511 http://linux.oracle.com/errata/ELSA-2026-38511.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-common-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.10.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.10.x86_64.rpm aarch64: vim-X11-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-common-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.10.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.10.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/vim-8.2.2637-26.0.1.el9_8.10.src.rpm Related CVEs: CVE-2026-46483 CVE-2026-47162 CVE-2026-47167 CVE-2026-52858 Description of changes: [8.2.2637-26.0.1.el9_8.10] - Remove upstream references [Orabug: 31197557] [2:8.2.2637-26.10] - RHEL-186659 CVE-2026-47162 vim: code injection via NetrwBookHistSave() [2:8.2.2637-26.9] - RHEL-186646 CVE-2026-52858 vim: possible code execution with python3complete [2:8.2.2637-26.8] - RHEL-185874 CVE-2026-47167 vim: Code Injection in cucumber filetype plugin [2:8.2.2637-26.7] - RHEL-178243 CVE-2026-46483 vim: command injection in tar plugin [2:8.2.2637-26.6] - CVE-2026-41411 vim: Command injection via backticks in tag files [2:8.2.2637-26.5] - RHEL-170136 CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass [2:8.2.2637-26.4] - Resolves: RHEL-164966 vim: arbitrary command execution via modeline sandbox bypass [2:8.2.2637-26.3] - Related: RHEL-159630 rebuild to build with exception target [2:8.2.2637-26.2] - remove -O0 from flags _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata .Important security advisory for Oracle Linux 9 addressing critical code injection issues in vim and providing vital updates.. Oracle Linux Security, vim Security Update, Important Advisory, Code Injection Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Important Oracle
100

SUSE Linux Micro 6.2 dracut Important Code Injection Vuln 2026-22273-1

An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:22273-1 Release Date: 2026-06-24T21:38:59Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 059+suse.722.gdd9d67ff5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-1067=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-fips-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-debugsource-059+suse.722.gdd9d67ff5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . A crucial update for dracut addresses an important security flaw involving code execution via DHCP options command injection.. SUSE Dracut Security Update, Important Patch for Dracut, Linux Micro Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 Important SuSE
89

Fedora 43 Python-Pydantic-Settings Important Security Fix 2026-ade10efd88

Update to 2.14.2; fixes GHSA-4xgf-cpjx-pc3j.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ade10efd88 2026-06-29 01:10:47.357904+00:00 -------------------------------------------------------------------------------- Name : python-pydantic-settings Product : Fedora 43 Version : 2.14.2 Release : 1.fc43 URL : https://github.com/pydantic/pydantic-settings Summary : Settings management using pydantic Description : Settings management using pydantic. -------------------------------------------------------------------------------- Update Information: Update to 2.14.2; fixes GHSA-4xgf-cpjx-pc3j. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 19 2026 Benjamin A. Beasley - 2.14.2-1 - Update to 2.14.2; close RHBZ#2490754; fixes GHSA-4xgf-cpjx-pc3j * Thu Jun 4 2026 Python Maint - 2.14.1-2 - Rebuilt for Python 3.15 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2490754 - python-pydantic-settings-2.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2490754 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ade10efd88' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Security advisory for Fedora 43 updating python-pydantic-settings to fix known issues. Immediate upgrade is recommended.. python management, settings tool, security update, Fedora 43, critical vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 28, 2026 Important Fedora
217

Oracle Linux 9 hplip Important Code Execution Threat ELSA-2026-26297

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-26297 http://linux.oracle.com/errata/ELSA-2026-26297.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: hplip-3.21.2-6.el9_8.4.x86_64.rpm hplip-common-3.21.2-6.el9_8.4.i686.rpm hplip-common-3.21.2-6.el9_8.4.x86_64.rpm hplip-libs-3.21.2-6.el9_8.4.i686.rpm hplip-libs-3.21.2-6.el9_8.4.x86_64.rpm libsane-hpaio-3.21.2-6.el9_8.4.i686.rpm libsane-hpaio-3.21.2-6.el9_8.4.x86_64.rpm aarch64: hplip-3.21.2-6.el9_8.4.aarch64.rpm hplip-common-3.21.2-6.el9_8.4.aarch64.rpm hplip-libs-3.21.2-6.el9_8.4.aarch64.rpm libsane-hpaio-3.21.2-6.el9_8.4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/hplip-3.21.2-6.el9_8.4.src.rpm Related CVEs: CVE-2026-8631 CVE-2026-8632 Description of changes: [3.21.2-6.4] - Fix more leaks in hpcups [3.21.2-6.3] - OSH fixes after CVE-2026-8631 [3.21.2-6.2] - CVE-2026-8631 hplip: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups [3.21.2-6.1] - CVE-2026-8632 hplip: Privilege escalation and arbitrary code execution via OS command injection in Is_Process_Running() _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 hplip advisory fixes critical security issues including code execution vulnerabilities. Get updated RPMs now!. Oracle Linux, hplip, code execution, security fix, privilege escalation. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Oracle
87

Debian Oldstable php-twig Vulnerabilities for PHP Code Injection DSA-6320-1

Multiple security vulnerabilities were discovered in Twig, a template engine for PHP, which could result in PHP code injection, sandbox bypass or cross-site scripting. For the oldstable distribution (bookworm), these problems have been fixed in version 3.5.1-1+deb12u3.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6320-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 02, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-twig CVE ID : CVE-2024-51754 CVE-2026-46628 CVE-2026-46629 CVE-2026-46637 CVE-2026-47730 CVE-2026-46633 Multiple security vulnerabilities were discovered in Twig, a template engine for PHP, which could result in PHP code injection, sandbox bypass or cross-site scripting. For the oldstable distribution (bookworm), these problems have been fixed in version 3.5.1-1+deb12u3. We recommend that you upgrade your php-twig packages. For the detailed security status of php-twig please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php-twig Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple vulnerabilities in php-twig template engine could lead to code injection and cross-site attacks. Upgrade recommended.. Debian Security Advisory, PHP Template Engine, Twig Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 02, 2026 Critical Debian
87

Debian Trixie php-twig Important Code Injection Fixes DSA-6311-1

Multiple security vulnerabilities were discovered in Twig, a template engine for PHP, which could result in PHP code injection, sandbox bypass or cross-site scripting. For the stable distribution (trixie), these problems have been fixed in version 3.27.0-0+deb13u1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6311-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-twig CVE ID : CVE-2026-24425 CVE-2026-46627 CVE-2026-46628 CVE-2026-46629 CVE-2026-46633 CVE-2026-46634 CVE-2026-46635 CVE-2026-46636 CVE-2026-46637 CVE-2026-46638 CVE-2026-46640 CVE-2026-47730 CVE-2026-47732 CVE-2026-48805 Multiple security vulnerabilities were discovered in Twig, a template engine for PHP, which could result in PHP code injection, sandbox bypass or cross-site scripting. For the stable distribution (trixie), these problems have been fixed in version 3.27.0-0+deb13u1. We recommend that you upgrade your php-twig packages. For the detailed security status of php-twig please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php-twig Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-6311-1 details multiple vulnerabilities in php-twig including code injection and cross-site scripting fixes.. Debian Security Advisory, security vulnerabilities, php-twig, code injection, cross-site scripting. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 29, 2026 Important Debian
197

Debian 11 python-geopandas Critical SQL Threat Mitigated DLA-4523-1

It was discovered that there was a potential SQL vulnerability in python-geopandas, a tool for working with geographic/geospatial data in the Pandas data analysis suite. For Debian 11 bullseye, this problem has been fixed in version 0.8.2-1+deb11u1.. Debian LTS Advisory DLA-4523-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb April 21, 2026 https://wiki.debian.org/LTS Package : python-geopandas Version : 0.8.2-1+deb11u1 CVE ID : CVE-2025-69662 It was discovered that there was a potential SQL vulnerability in python-geopandas, a tool for working with geographic/geospatial data in the Pandas data analysis suite. For Debian 11 bullseye, this problem has been fixed in version 0.8.2-1+deb11u1. We recommend that you upgrade your python-geopandas packages. For the detailed security status of python-geopandas please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-geopandas Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Upgrade python-geopandas on Debian 11 to address a critical SQL vulnerability effectively and ensure your system is secure against potential threats. Debian Security Advisory, python-geopandas SQL Fix, Debian Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 21, 2026 Critical Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200