Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 14.04 LTS USN-7040-2: Critical ConfigObj Crash Issue

ConfigObj could be made to crash if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7040-2 October 14, 2024 configobj vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: ConfigObj could be made to crash if it received specially crafted input. Software Description: - configobj: simple but powerful config file reader and writer for Python Details: USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS python-configobj 4.7.2+ds-5ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7040-2 https://ubuntu.com/security/notices/USN-7040-1 CVE-2023-26112 . Security Update for ConfigObj on Ubuntu 14.04 LTS mitigating potential crash from malicious input.. ConfigObj Update, Ubuntu 14.04 LTS, Regex Denial of Service. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 14, 2024 Critical Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 22.04 LTS: USN-7040-1 critical: configobj denial of service

ConfigObj could be made to crash if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7040-1 September 26, 2024 configobj vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: ConfigObj could be made to crash if it received specially crafted input. Software Description: - configobj: simple but powerful config file reader and writer for Python Details: It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS python3-configobj 5.0.6-5ubuntu0.1 Ubuntu 20.04 LTS python3-configobj 5.0.6-4ubuntu0.1 Ubuntu 18.04 LTS python-configobj 5.0.6-2ubuntu0.18.04.1~esm1 Available with Ubuntu Pro python3-configobj 5.0.6-2ubuntu0.18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS python-configobj 5.0.6-2ubuntu0.16.04.1~esm1 Available with Ubuntu Pro python3-configobj 5.0.6-2ubuntu0.16.04.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7040-1 CVE-2023-26112 Package Information: https://launchpad.net/ubuntu/+source/configobj/5.0.6-5ubuntu0.1 https://launchpad.net/ubuntu/+source/configobj/5.0.6-4ubuntu0.1 . Serious configobj vulnerability identified in Ubuntu. Immediate update needed to avert system failures caused by maliciously crafted data inputs.. ConfigObj Security Advisory, Ubuntu Updates, Denial of Service Threat, Input Handling Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 26, 2024 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraDoS

Fedora 38: 2023-27b41bb133 Moderate Update for ConfigObj DoS Issue

Fixes an issue in configobj: CVE-2023-26112. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-27b41bb133 2023-10-18 01:45:22.977803 -------------------------------------------------------------------------------- Name : python-configobj Product : Fedora 38 Version : 5.0.8 Release : 6.fc38 URL : https://configobj.readthedocs.io/en/latest/ Summary : Config file reading, writing, and validation Description : ConfigObj is a simple but powerful configuration file reader and writer: an ini file round tripper. Its main feature is that it is very easy to use, with a straightforward programmers interface and a simple syntax for config files. -------------------------------------------------------------------------------- Update Information: Fixes an issue in configobj: CVE-2023-26112 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 9 2023 Terje Rosten - 5.0.8-6 - Add patch to fix CVE-2023-26112 * Sun Oct 1 2023 Terje Rosten - 5.0.8-5 - SPDX fix from Daniel P. Berrange * Fri Jul 21 2023 Fedora Release Engineering - 5.0.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jun 13 2023 Python Maint - 5.0.8-3 - Rebuilt for Python 3.12 * Tue May 23 2023 Yaakov Selkowitz - 5.0.8-2 - Avoid pytest-cov dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #2224088 - CVE-2023-26112 python-configobj: Regular expression denial of service exists in ./src/configobj/validate.py [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2224088 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-27b41bb133' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . A security update has been applied to python-configobj to address CVE-2023-26112, improving the overall security posture and stability for users running Fedora 38.. Fedora Security Update, Python ConfigObj, DoS Issue. . LinuxSecurity.com Team

Calendar 2 Oct 18, 2023 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here