Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianopenstack

Debian LTS: DLA-3873-1 Moderate: Nova Arbitrary File Disclosure

Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3873-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : nova Version : 2:22.4.0-1~deb11u5 CVE ID : CVE-2024-32498 CVE-2024-40767 Debian Bug : 1074762 Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files. Arnaud Morin later discovered that the initial fix was not sufficient, and that nova was still vulnerable with some VM images types. For Debian 11 bullseye, these problems have been fixed in version 2:22.4.0-1~deb11u5. We recommend that you upgrade your nova packages. For the detailed security status of nova please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/nova Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Ubuntu Security Notice USN-1234-1 concerns vulnerabilities in OpenStack impacting various modules.. Debian LTS, OpenStack Security, Nova Updates, Disk Image Vulnerability, Security Advisory DLA-3873-1. . LinuxSecurity.com Team

Calendar 2 Sep 04, 2024 Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramoderate severity

Fedora 36: FEDORA-2022-8c43b4dce7 Moderate: Update for QtWebEngine 5.15.10

Update to 5.15.10 LTS. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-8c43b4dce7 2022-09-05 09:06:36.184002 --------------------------------------------------------------------------------Name : qt5-qtwebengine Product : Fedora 36 Version : 5.15.10 Release : 1.fc36 URL : https://www.qt.io/ Summary : Qt5 - QtWebEngine components Description : Qt5 - QtWebEngine components. --------------------------------------------------------------------------------Update Information: Update to 5.15.10 LTS --------------------------------------------------------------------------------ChangeLog: * Mon Aug 29 2022 Ankur Sinha - 5.15.10-1 - Update to 5.15.10 * Tue Aug 2 2022 Frantisek Zatloukal - 5.15.9-5 - Rebuilt for ICU 71.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #2079655 - QtWebEngine 5.15.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=2079655 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-8c43b4dce7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The Fedora 36 upgrade to qt5-qtwebengine version 5.15.10 introduces key updates and essential patches. Upgrade now to experience improved functionality.. Fedora Update, QtWebEngine, Software Update. . LinuxSecurity.com Team

Calendar 2 Sep 05, 2022 Fedora
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryinformation leakimportant

SUSE: 2021:162-1 Important: Security Fix for Information Leak

The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:162-1 Container Tags : suse/sle15:15.3 , suse/sle15:15.3.15.13 Container Release : 15.13 Severity : important Type : security References : 1050625 1165424 1169947 1170801 1172477 1172925 1173106 1173273 1173336 1173529 1174011 1174016 1174240 1174561 1174918 1175342 1175592 1177238 1177275 1177427 1177583 1178910 1178966 1179083 1179222 1179415 1179816 1179847 1179909 1180077 1180663 1180721 1181328 1181622 1182629 CVE-2017-9271 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:1938-1 Released: Thu Jul 16 14:43:32 2020 Summary: Recommended update for libsolv, libzypp, zypper Type: recommended Severity: moderate References: 1169947,1170801,1172925,1173106 This update for libsolv, libzypp, zypper fixes the following issues: libsolv was updated to: - Enable zstd compression support for sle15 zypper was updated to version 1.14.37: - Print switch abbrev warning to stderr (bsc#1172925) - Fix typo in man page (bsc#1169947) libzypp was updated to 17.24.0 - Fix core dump with corrupted history file (bsc#1170801) - Enable zchunk metadata download if libsolv supports it. - Better handling of the purge-kernels algorithm. (bsc#1173106) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:1987-1 Released: Tue Jul 21 17:02:15 2020 Summary: Recommended update for libsolv, libzypp, yast2-packager, yast2-pkg-bindings Type: recommended Severity: important References: 1172477,1173336,1174011 This update for libsolv, libzypp, yast2-packager, yast2-pkg-bindings fixes the following issues: libsolv: - No source changes, just shipping it as an installer update (required by yast2-pkg-bindings). libzypp: - Proactively send credentials if the URL specifes '?auth=basic' and a username. (bsc#1174011) - ZYPP_MEDIA_CURL_DEBUG: Strip credentials in header log. (bsc#1174011) yast2-packager: - Handle variable expansion in repository name. (bsc#1172477) - Improve medium type detection, do not report Online medium when the /media.1/products file is missing in the repository, SMT does not mirror this file. (bsc#1173336) yast2-pkg-bindings: - Extensions to handle raw repository name. (bsc#1172477) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:2819-1 Released: Thu Oct 1 10:39:16 2020 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate References: 1165424,1173273,1173529,1174240,1174561,1174918,1175342,1175592 This update for libzypp, zypper provides the following fixes: Changes in libzypp: - VendorAttr: Const-correct API and let Target provide its settings. (bsc#1174918) - Support buildnr with commit hash in purge-kernels. This adds special behaviour for when a kernel version has the rebuild counter before the kernel commit hash. (bsc#1175342) - Improve Italian translation of the 'breaking dependencies' message. (bsc#1173529) - Make sure reading from lsof does not block forever. (bsc#1174240) - Just collect details for the signatures found. Changes in zypper: - man: Enhance description of the global package cache. (bsc#1175592) - man: Point out that plain rpm packages are not downloaded to the global package cache. (bsc#1173273) - Directly list subcommands in 'zypper help'. (bsc#1165424) - Remove extern C block wrapping augeas.h as it breaks the build on Arch Linux. - Point out that plaindir repos do not follow symlinks. (bsc#1174561) - Fix help command forlist-patches. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:109-1 Released: Wed Jan 13 10:13:24 2021 Summary: Security update for libzypp, zypper Type: security Severity: moderate References: 1050625,1174016,1177238,1177275,1177427,1177583,1178910,1178966,1179083,1179222,1179415,1179909,CVE-2017-9271 This update for libzypp, zypper fixes the following issues: Update zypper to version 1.14.41 Update libzypp to 17.25.4 - CVE-2017-9271: Fixed information leak in the log file (bsc#1050625 bsc#1177583) - RepoManager: Force refresh if repo url has changed (bsc#1174016) - RepoManager: Carefully tidy up the caches. Remove non-directory entries. (bsc#1178966) - RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe (bsc#1177427). - RpmDb: If no database exists use the _dbpath configured in rpm. Still makes sure a compat symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. (bsc#1178910) - Fixed update of gpg keys with elongated expire date (bsc#179222) - needreboot: remove udev from the list (bsc#1179083) - Fix lsof monitoring (bsc#1179909) yast-installation was updated to 4.2.48: - Do not cleanup the libzypp cache when the system has low memory, incomplete cache confuses libzypp later (bsc#1179415) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:169-1 Released: Tue Jan 19 16:18:46 2021 Summary: Recommended update for libsolv, libzypp, zypper Type: recommended Severity: moderate References: 1179816,1180077,1180663,1180721 This update for libsolv, libzypp, zypper fixes the following issues: libzypp was updated to 17.25.6: - Rephrase solver problem descriptions (jsc#SLE-8482) - Adapt to changed gpg2/libgpgme behavior (bsc#1180721) - Multicurl backend breaks with with unknown filesize (fixes #277) zypper was updated to 1.14.42: - Fix source-download commnds help (bsc#1180663) - man: Recommend to use the --non-interactive global option ratherthan the command option -y (bsc#1179816) - Extend apt packagemap (fixes #366) - --quiet: Fix install summary to write nothing if there's nothing todo (bsc#1180077) libsolv was updated to 0.7.16; - do not ask the namespace callback for splitprovides when writing a testcase - fix add_complex_recommends() selecting conflicted packages in rare cases leading to crashes - improve choicerule generation so that package updates are prefered in more cases ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:874-1 Released: Thu Mar 18 09:41:54 2021 Summary: Recommended update for libsolv, libzypp, zypper Type: recommended Severity: moderate References: 1179847,1181328,1181622,1182629 This update for libsolv, libzypp, zypper fixes the following issues: - support multiple collections in updateinfo parser - Fixed an issue when some 'systemd' tools require '/proc' to be mounted and fail if it's not there. (bsc#1181328) - Enable release packages to request a releaxed suse/opensuse vendorcheck in dup when migrating. (bsc#1182629) - Patch: Identify well-known category names to allow to use the RH and SUSE patch category names synonymously. (bsc#1179847) - Fix '%posttrans' script execution. (fixes #265) - Repo: Allow multiple baseurls specified on one line (fixes #285) - Regex: Fix memory leak and undefined behavior. - Add rpm buildrequires for test suite (fixes #279) - Use rpmdb2solv new -D switch to tell the location of the rpmdatabase to use. - doc: give more details about creating versioned package locks. (bsc#1181622) - man: Document synonymously used patch categories (bsc#1179847) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1426-1 Released: Thu Apr 29 06:23:13 2021 Summary: Recommended update for libsolv Type: recommended Severity: moderate References: This update for libsolv fixes the following issues: - Fix rare segfault in resolve_jobrules() that could happen if new rules are learnt. - Fix acouple of memory leaks in error cases. - Fix error handling in solv_xfopen_fd() - Fixed 'regex' code on win32. - Fixed memory leak in choice rule generation . SUSE Container Update Notice regarding critical updates and security resolutions expressed in advisory SUSE-CU-2021:162-2.. SUSE Container Update,suse/sle15,security patch,software update,container advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 13, 2021 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity issue

Fedora 33: 2021-93ff9e9103 Moderate: Ceph Dashboard Security Fix

notes=Security fix for CVE-2020-27839, CVE-2020-25678 ceph 15.2.9 GA bugs=1892109,1900681,1901330,1906954 Note: Bodhi does not allow me to find/enter 1892109 or 1901330 in the Bugs section.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-93ff9e9103 2021-03-05 19:15:55.704743 --------------------------------------------------------------------------------Name : ceph Product : Fedora 33 Version : 15.2.9 Release : 1.fc33 URL : Summary : User space components of the Ceph file system Description : Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. --------------------------------------------------------------------------------Update Information: notes=Security fix for CVE-2020-27839, CVE-2020-25678 ceph 15.2.9 GA bugs=1892109,1900681,1901330,1906954 Note: Bodhi does not allow me to find/enter 1892109 or 1901330 in the Bugs section. --------------------------------------------------------------------------------ChangeLog: * Wed Feb 24 2021 Kaleb S. KEITHLEY - 2:15.2.9-1 - ceph 15.2.9 GA --------------------------------------------------------------------------------References: [ 1 ] Bug #1900681 - CVE-2020-25678 ceph: mgr modules' passwords are in clear text in mgr logs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1900681 [ 2 ] Bug #1906954 - CVE-2020-27839 ceph: ceph-dashboard: Don't use Browser's LocalStorage for storing JWT but Secure Cookies with proper HTTP Headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1906954 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-93ff9e9103' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Improvements addressing major vulnerabilities in Ceph on Fedora 33 bolster data security and safeguard users.. Ceph Update, Fedora Security, Data Protection, Security Fixes, User Space Components. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 05, 2021 Important Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here