Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
202
security advisorysoftware patchimportantopenSUSE Leap 15.3: 2021:3944-1 Important glib-networking Connection Fix
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for glib-networking ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:3944-1 Rating: important References: #1172460 Cross-References: CVE-2020-13645 CVSS scores: CVE-2020-13645 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2020-13645 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for glib-networking fixes the following issues: Update to version 2.62.4: - CVE-2020-13645: Fixed a connection failure when the server identity is unset (bsc#1172460). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-3944=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): glib-networking-2.62.4-3.3.1 glib-networking-debuginfo-2.62.4-3.3.1 glib-networking-debugsource-2.62.4-3.3.1 - openSUSE Leap 15.3 (noarch): glib-networking-lang-2.62.4-3.3.1 - openSUSE Leap 15.3 (x86_64): glib-networking-32bit-2.62.4-3.3.1 glib-networking-32bit-debuginfo-2.62.4-3.3.1 References: https://www.suse.com/security/cve/CVE-2020-13645.html https://bugzilla.suse.com/1172460 . Critical security enhancements for glib-networking released in openSUSE, featuring essential updates and detailed patch guidelines for users.. openSUSE Security Update, glib-networking, connection fix, software patching. . Severity: Important. LinuxSecurity.com Team
Dec 06, 2021
•Important
OpenSUSE
202
security advisorysecurity fiximportantopenSUSE Leap 15.3: 2021:1234-2 Critical Mutt Network Patch
An update that solves one vulnerability and has one errata is now available. . openSUSE Security Update: Security update for mutt ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:2141-1 Rating: important References: #1179035 #1179113 Cross-References: CVE-2020-28896 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for mutt fixes the following issues: - CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections (bsc#1179035) - Avoid that message with a million tiny parts can freeze MUA for several minutes (bsc#1179113) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-2141=1 Package List: - openSUSE Leap 15.2 (noarch): mutt-doc-1.10.1-lp152.3.6.1 mutt-lang-1.10.1-lp152.3.6.1 - openSUSE Leap 15.2 (x86_64): mutt-1.10.1-lp152.3.6.1 mutt-debuginfo-1.10.1-lp152.3.6.1 mutt-debugsource-1.10.1-lp152.3.6.1 References: https://www.suse.com/security/cve/CVE-2020-28896.html https://bugzilla.suse.com/1179035 https://bugzilla.suse.com/1179113 _______________________________________________ openSUSE Security Announce mailing list --
Dec 01, 2020
•Critical
OpenSUSE
89
security advisoryupdateFedoraFedora 30 Moderation: FEDORA-2019-63ba15cc83 Critical Connection Fix
Rebuilt with newer nghttp2 ---- This update includes the latest upstream release of `mod_http2`, version **1.15.3**. Upstream changes include: * fixes Timeout vs. KeepAliveTimeout behaviour, see PR 63534. * Fixes stream cleanup when connection throttling is in place. * Counts stream resets by client on streams initiated by client as cause for connection throttling. * Header length. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-63ba15cc83 2019-08-30 14:20:29.662750 --------------------------------------------------------------------------------Name : mod_http2 Product : Fedora 30 Version : 1.15.3 Release : 2.fc30 URL : https://icing.github.io/mod_h2/ Summary : module implementing HTTP/2 for Apache 2 Description : The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. --------------------------------------------------------------------------------Update Information: Rebuilt with newer nghttp2 ---- This update includes the latest upstream release of `mod_http2`, version **1.15.3**. Upstream changes include: * fixes Timeout vs. KeepAliveTimeout behaviour, see PR 63534. * Fixes stream cleanup when connection throttling is in place. * Counts stream resets by client on streams initiated by client as cause for connection throttling. * Header length checks are now logged similar to HTTP/1.1 protocol handler * Header length is checked also on the merged value from several header instances and results in a 431 response. * fixing mod_proxy_http2 to support trailers in both directions. See PR 63502. --------------------------------------------------------------------------------ChangeLog: * Mon Aug 19 2019 Lubos Uhliarik - 1.15.3-2 - Rebuilt with newer nghttp2 * Thu Aug 8 2019 Joe Orton - 1.15.3-1 - update to 1.15.3 * Thu Jul 25 2019 Fedora Release Engineering - 1.15.1-2 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Wed May 29 2019 Joe Orton - 1.15.1-1 - update to 1.15.1 * Wed May 22 2019 Joe Orton - 1.15.0-1 - update to 1.15.0 --------------------------------------------------------------------------------References: [ 1 ] Bug #1741948 - CVE-2019-9511 CVE-2019-9516 CVE-2019-9517 mod_http2: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1741948 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-63ba15cc83' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Aug 30, 2019
•Critical
Fedora
89
security advisoryupdateFedoraFedora 25: Gajim Security Update Fixes Connection And Chat Problems
Gajim 0.16.8 * Fix rejoining MUCs after connection loss * Fix Groupchat invites * Fix encoding problems with newer GnuPG versions * Fix old messages randomly reappearing in the chat window * Fix some problems with IBB filetransfer * Make XEP-0146 Commands opt-in * Improve sending messages to your own resources * Improve reliability of delivery recipes * Many minor. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-3c561780c8 2017-06-15 02:57:02.425277 --------------------------------------------------------------------------------Name : gajim Product : Fedora 25 Version : 0.16.8 Release : 1.fc25 URL : https://gajim.org/ Summary : Jabber client written in PyGTK Description : Gajim is a Jabber client written in PyGTK. The goal of Gajim's developers is to provide a full featured and easy to use xmpp client for the GTK+ users. Gajim does not require GNOME to run, even though it exists with it nicely. --------------------------------------------------------------------------------Update Information: Gajim 0.16.8 * Fix rejoining MUCs after connection loss * Fix Groupchat invites * Fix encoding problems with newer GnuPG versions * Fix old messages randomly reappearing in the chat window * Fix some problems with IBB filetransfer * Make XEP-0146 Commands opt-in * Improve sending messages to your own resources * Improve reliability of delivery recipes * Many minor bugfixes --------------------------------------------------------------------------------References: [ 1 ] Bug #1456364 - CVE-2016-10376 gajim: XEP-0146 makes it possible to extract plain-text from OTR sessions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456364 [ 2 ] Bug #1458616 - gajim-0.16.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458616 --------------------------------------------------------------------------------This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade gajim' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 15, 2017
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!