Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 28 articles for you...
100

Ubuntu 22 Python Django Minor Link Problem FEC-RENEW-2028-1753-5

An update that solves one vulnerability can now be installed.. # Security update for python-pyOpenSSL Announcement ID: SUSE-SU-2026:1416-1 Release Date: 2026-04-16T15:36:01Z Rating: low References: * bsc#1259804 Cross-References: * CVE-2026-27448 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for python-pyOpenSSL fixes the following issue: * CVE-2026-27448: unhandled exception can result in connection not being cancelled (bsc#1259804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1416=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1416=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1416=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-pyOpenSSL-19.0.0-150300.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-pyOpenSSL-19.0.0-150300.3.3.1 * openSUSE Leap 15.3 (noarch) * python3-pyOpenSSL-19.0.0-150300.3.3.1 * python2-pyOpenSSL-19.0.0-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html *https://bugzilla.suse.com/show_bug.cgi?id=1259804 . Update available for python-pyOpenSSL in SUSE fixing low impact connection issue from unhandled exceptions.. python pyOpenSSL security advisory openSUSE update. . LinuxSecurity.com Team

Calendar%202 Apr 16, 2026 SuSE
100

SUSE 2026 python-pyOpenSSL Important Buffer Overflow and Connection Issue

An update that solves two vulnerabilities can now be installed.. # Security update for python-pyOpenSSL Announcement ID: SUSE-SU-2026:20930-1 Release Date: 2026-03-25T03:41:11Z Rating: important References: * bsc#1259804 * bsc#1259808 Cross-References: * CVE-2026-27448 * CVE-2026-27459 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-pyOpenSSL fixes the following issues: * CVE-2026-27448: unhandled exception can result in connection not being cancelled (bsc#1259804). * CVE-2026-27459: large cookie value can lead to a buffer overflow (bsc#1259808). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patch SUSE-SLES-16.0-439=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0(noarch) * python313-pyOpenSSL-25.0.0-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 . Fixes critical issues in python-pyOpenSSL for SUSE Linux that could lead to connection problems and buffer overflows.. SUSE Linux, python-pyOpenSSL, security update, buffer overflow, important patch. . LinuxSecurity.com Team

Calendar%202 Apr 01, 2026 SuSE
202

Ubuntu 22.04 python-securesystem Urgent Security Alert Ubuntu-2023-98767-2

An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for python-pyopenssl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20419-1 Rating: important References: * bsc#1259804 * bsc#1259808 Cross-References: * CVE-2026-27448 * CVE-2026-27459 CVSS scores: * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for python-pyOpenSSL fixes the following issues: - CVE-2026-27448: unhandled exception can result in connection not being cancelled (bsc#1259804). - CVE-2026-27459: large cookie value can lead to a buffer overflow (bsc#1259808). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-439=1 Package List: - openSUSE Leap 16.0: python313-pyOpenSSL-25.0.0-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html . Update for openSUSE contains important fixes for python-pyOpenSSL addressing connection issues and buffer overflows.. openSUSE patch, python-pyOpenSSL fix, buffer overflow security, important update, connection issue resolution. . LinuxSecurity.com Team

Calendar%202 Mar 28, 2026 OpenSUSE
203

Mageia 9: Crypto-Policies Bug Fix for SSH Connection Issues MGAA-2026-0001

MGAA-2026-0001 - Updated crypto-policies packages fix bug. MGAA-2026-0001 - Updated crypto-policies packages fix bug Publication date: 02 Jan 2026 URL: https://advisories.mageia.org/MGAA-2026-0001.html Type: bugfix Affected Mageia releases: 9 Description: Some recent systems refuse to connect to a ssh server running on mageia 9. This update fixes the issue. References: - https://bugs.mageia.org/show_bug.cgi?id=34914 - https://www.openssh.org/pq.html SRPMS: - 9/core/crypto-policies-20221110-2.1.mga9 . Fixes connection issues with ssh server on Mageia 9 related to updated crypto-policies, enhancing system stability.. Mageia Security Update,Crypto Policies Bug Fix,SSH Connection Issues,Mageia 9 Advisory. . LinuxSecurity.com Team

Calendar%202 Jan 02, 2026 Mageia
172

Ubuntu 18.04, 16.04 LTS USN-6852-2: Wget Host Connection Threat

Wget could be made to connect to a different host than expected.. ========================================================================== Ubuntu Security Notice USN-6852-2 June 27, 2024 wget vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Wget could be made to connect to a different host than expected. Software Description: - wget: retrieves files from the web Details: USN-6852-1 fixed a vulnerability in Wget. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS wget 1.19.4-1ubuntu2.2+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS wget 1.17.1-1ubuntu1.5+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6852-2 https://ubuntu.com/security/notices/USN-6852-1 CVE-2024-38428 . Ubuntu's recent security notice USN-6852-2 highlights critical Wget vulnerabilities, urging immediate updates to prevent potential remote exploits and data breaches. download manager, security notice, remote threats, Ubuntu updates. . LinuxSecurity.com Team

Calendar%202 Jun 27, 2024 Ubuntu
203

Mageia 9: MGASA-2024-0113 Critical Libreswan Denial Of Service

The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause . MGASA-2024-0113 - Updated libreswan packages fix security vulnerabilities Publication date: 06 Apr 2024 URL: https://advisories.mageia.org/MGASA-2024-0113.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-2357 The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service. (CVE-2024-2357) References: - https://bugs.mageia.org/show_bug.cgi?id=32996 - https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt - https://www.cve.org/CVERecord?id=CVE-2024-2357 SRPMS: - 9/core/libreswan-4.14-1.mga9 . A recent security patch for Libreswan tackles significant vulnerabilities that could result in Denial of Service attacks and connectivity disruptions.. Libreswan Security, Mageia Advisory, IKEv2 Vulnerability, Denial Of Service, Security Update. . LinuxSecurity.com Team

Calendar%202 Apr 06, 2024 Mageia
89

Fedora 40: FEDORA-2024-58c59bfa4c Moderate: iwd 2.15 Connection Issues

iwd 2.15: Fix issue with notice events for connection timeouts. Fix issue with reason code and deauthenticate event. Fix issue with handling basename() functionality. libell 0.63:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-58c59bfa4c 2024-03-23 00:20:56.396900 -------------------------------------------------------------------------------- Name : iwd Product : Fedora 40 Version : 2.15 Release : 1.fc40 URL : https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/ Summary : Wireless daemon for Linux Description : The daemon and utilities for controlling and configuring the Wi-Fi network hardware. -------------------------------------------------------------------------------- Update Information: iwd 2.15: Fix issue with notice events for connection timeouts. Fix issue with reason code and deauthenticate event. Fix issue with handling basename() functionality. libell 0.63: Fix issue with handling ending boundary of the PEM. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 28 2024 Peter Robinson - 2.15-1 - Update to 2.15 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2263042 - libell-0.63 is available https://bugzilla.redhat.com/show_bug.cgi?id=2263042 [ 2 ] Bug #2263573 - iwd-2.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=2263573 [ 3 ] Bug #2264597 - TRIAGE CVE-2023-52161 iwd: potential authorization bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264597 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-58c59bfa4c' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . iwd 2.15 for Fedora 40 resolves critical problems such as connection drops and disassociation events.. iwd update, Fedora wireless, Fedora advisory, iwd 2.15, libell fixes. . LinuxSecurity.com Team

Calendar%202 Mar 23, 2024 Fedora
89

Fedora: 28-38faa9a2a8 Critical: iwd Connection Issues Fix

iwd 2.15: Fix issue with notice events for connection timeouts. Fix issue with reason code and deauthenticate event. Fix issue with handling basename() functionality. libell 0.63:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-38faa9a2a8 2024-03-08 01:53:53.708420 -------------------------------------------------------------------------------- Name : iwd Product : Fedora 38 Version : 2.15 Release : 1.fc38 URL : https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/ Summary : Wireless daemon for Linux Description : The daemon and utilities for controlling and configuring the Wi-Fi network hardware. -------------------------------------------------------------------------------- Update Information: iwd 2.15: Fix issue with notice events for connection timeouts. Fix issue with reason code and deauthenticate event. Fix issue with handling basename() functionality. libell 0.63: Fix issue with handling ending boundary of the PEM. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 28 2024 Peter Robinson - 2.15-1 - Update to 2.15 * Sat Feb 10 2024 Peter Robinson - 2.14-1 - Update to 2.14 * Wed Jan 24 2024 Fedora Release Engineering - 2.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jan 20 2024 Fedora Release Engineering - 2.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 14 2024 Peter Robinson - 2.13-1 - Update to 2.13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2264597 - TRIAGE CVE-2023-52161 iwd: potential authorization bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264597 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2024-38faa9a2a8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Critical update for Fedora 38 with iwd version 2.15, addressing timeout issues and preventing deauthentication errors.. Fedora Updates, Wi-Fi Daemon, iwd Fixes, Networking Issues. . LinuxSecurity.com Team

Calendar%202 Mar 08, 2024 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here