Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (4)

Important (1)

Ubuntu (4966)

alsa-lib (6)

arbitrary code (885)

denial of service (18331)

important (27833)

security advisory (115124)

input validation (443)

node-shell-quote (1)

Mageia (2420)

Suricata (34)

Fedora (5)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.54%)

78.54% votes

Formal training or courses (4.29%)

4.29% votes

A job that required it (4.86%)

4.86% votes

Other (12.3%)

12.3% votes

[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -4 articles for you...

security advisoryFedoraupdate information

Fedora 32: FEDORA-2020-088196d926 Critical: Drupal 7.74 Security Advisory

- - - - . --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-088196d926 2020-11-27 01:11:05.570415 --------------------------------------------------------------------------------Name : drupal7 Product : Fedora 32 Version : 7.74 Release : 1.fc32 URL : Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. --------------------------------------------------------------------------------Update Information: - - - - --------------------------------------------------------------------------------ChangeLog: * Wed Nov 18 2020 Shawn Iwinski - 7.74-1 - Update to 7.74 - SA-CORE-2020-007 / CVE-2020-13666 - SA-CORE-2020-012 / CVE-2020-13671 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-088196d926' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora Package Alert for drupal 7.74 features critical security patches and detailed upgrade guidelines. Safeguard your environment.. Drupal Security Fixes, Fedora Updates, Content Management System. . Severity: Critical. LinuxSecurity.com Team

Nov 26, 2020 •Critical Fedora

security advisorycritical issuesoftware update

Fedora 32: 2020-09-13 Critical Drupal 7.72 CSRF Security Advisory

- https://www.drupal.org/project/drupal/releases/7.72 - [Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - [Drupal core -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-0b32a59b54 2020-09-13 14:27:05.374728 --------------------------------------------------------------------------------Name : drupal7 Product : Fedora 32 Version : 7.72 Release : 1.fc32 URL : https://www.drupal.org Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. --------------------------------------------------------------------------------Update Information: - https://www.drupal.org/project/drupal/releases/7.72 - [Drupal core -Critical - Cross Site Request Forgery - SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 -https://www.drupal.org/project/drupal/releases/7.71 -https://www.drupal.org/project/drupal/releases/7.70 - [Drupal core -Moderately critical - Cross Site Scripting - SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-002) / CVE-2020-11022 / CVE-2020-11023 - [Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-003) / CVE-2020-13662 --------------------------------------------------------------------------------ChangeLog: * Fri Sep 4 2020 Shawn Iwinski - 7.72-1 - Update to 7.72 - SA-CORE-2020-004/CVE-2020-13663 (RHBZ #1860912, #1860913) * Mon Jul 27 2020 Fedora Release Engineering - 7.70-3 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1828417 - CVE-2020-11022 drupal7: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1828417 [ 2 ] Bug #1850013 - CVE-2020-11023 drupal7: jQuery: passing HTML containing elements to manipulation methods could result in untrusted code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1850013 [ 3 ] Bug #1850023 - CVE-2020-11023 drupal7: jQuery: passing HTML containing elements to manipulation methods could result in untrusted code execution [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1850023 [ 4 ] Bug #1860912 - CVE-2020-13663 drupal7: Form API does not properly handle certain form input from cross-site requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1860912 [ 5 ] Bug #1860913 - CVE-2020-13663 drupal7: Form API does not properly handle certain form input from cross-site requests [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1860913 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-0b32a59b54' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora System Alert for Drupal 7.72 focusing on urgent cross-site request forgery vulnerabilities and patches.. Drupal 7.72 update, Fedora security advisory, Cross Site Forgery fix. . Severity: Critical. LinuxSecurity.com Team

Sep 13, 2020 •Critical Fedora

security advisoryupdateFedora

Debian: 2023-2145fcdbe3 Important: Drupal8 Vulnerability Resolution

- - . --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-143886fdbd 2018-04-10 19:09:15.785773 --------------------------------------------------------------------------------Name : drupal7 Product : Fedora 27 Version : 7.58 Release : 1.fc27 URL : Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. --------------------------------------------------------------------------------Update Information: - - --------------------------------------------------------------------------------References: [ 1 ] Bug #1548190 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548190 [ 2 ] Bug #1547793 - drupal7-7.57 is available https://bugzilla.redhat.com/show_bug.cgi?id=1547793 [ 3 ] Bug #1548324 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548324 [ 4 ] Bug #1548201 - drupal7: drupal: External link injection on 404 pages when linking to the current page [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548201 [ 5 ] Bug #1548197 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548197 [ 6 ] Bug #1548195 - drupal7: drupal: Private file access bypass in Drupal private file system [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548195 [ 7 ] Bug #1561801 - drupal7-7.58 is available https://bugzilla.redhat.com/show_bug.cgi?id=1561801 [ 8 ] Bug #1548191 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548191 [ 9 ] Bug #1548326 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548326 [ 10 ] Bug #1548202 - drupal7: drupal: External link injection on 404 pages when linking to the current page [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548202 [ 11 ] Bug #1548198 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548198 [ 12 ] Bug #1548194 - drupal7: drupal: Private file access bypass in Drupal private file system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548194 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade drupal7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . This Fedora upgrade outlines patches for WordPress, rectifying CSS vulnerabilities and enhancing site maintenance security.. Drupal Security Update, Fedora Drupal Fixes, Fedora Security Patch. . Severity: Important. LinuxSecurity.comTeam

Apr 10, 2018 •Important Fedora

security advisoryupdatecritical

Fedora 23: Drupal6 Critical Security Fix for Multiple Issues

Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately]() after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003]() No. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-14443 2015-09-06 17:04:34.358707 -------------------------------------------------------------------------------- Name : drupal6 Product : Fedora 23 Version : 6.37 Release : 1.fc23 URL : Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately]() after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003]() No other fixes are included. No changes have been made to the .htaccess, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary. #### Known issues: None. #### Major changes since 6.36: * For security reasons, the autocomplete system now makes Ajax requests to non-clean URLs only, although protection is also in place for custom code that does so using clean URLs. There is a new form API #process function on autocomplete-enabled text fields that is required for the autocomplete functionality to work; custom and contributed modules should ensure that they are not overriding this #process function accidentally when altering textfields on forms. Part of the security fix also includes changes to theme_textfield(); it is recommended that sites which override this theme function make those changes as well (see the theme_textfield section of this diff for details). * When form API token validation fails (for example, when a cross-site request forgery attempt is detected, or a user tries to submit a form after having logged out and back in again in the meantime), the form API now skips calling form element value callbacks, except for a select list of callbacks provided by Drupal core that are known to be safe. In rare cases, this could lead to data loss when a user submits a form and receives a token validation error, but the overall effect is expected to be minor. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1255662 - CVE-2015-6658 CVE-2015-6659 CVE-2015-6660 CVE-2015-6661 CVE-2015-6665 drupal: Several issues in 6.x and 7.x (SA-CORE-2015-003) https://bugzilla.redhat.com/show_bug.cgi?id=1255662 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update drupal6' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Fedora's latest Security Update highlights critical vulnerabilities in Drupal 6. Webmasters need to upgrade their sites immediately to protect user data and ensure site integrity. drupal6 update,Fedora security,CMS security,open source CMS. . Severity: Critical.LinuxSecurity.com Team

Sep 06, 2015 •Critical Fedora

security advisorycriticalFedora

Fedora 23: 2015-14443 Critical Update For Drupal6 Security

Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately]() after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003]() No. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-14443 2015-09-06 01:09:10.074356 -------------------------------------------------------------------------------- Name : drupal6 Product : Fedora 23 Version : 6.37 Release : 1.fc23 URL : Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately]() after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003]() No other fixes are included. No changes have been made to the .htaccess, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary. #### Known issues: None. #### Major changes since 6.36: * For security reasons, the autocomplete system now makes Ajax requests to non-clean URLs only, although protection is also in place for custom code that does so using clean URLs. There is a new form API #process function on autocomplete-enabled text fields that is required for the autocomplete functionality to work; custom and contributed modules should ensure that they are not overriding this #process function accidentally when altering textfields on forms. Part of the security fix also includes changes to theme_textfield(); it is recommended that sites which override this theme function make those changes as well (see the theme_textfield section of this diff for details). * When form API token validation fails (for example, when a cross-site request forgery attempt is detected, or a user tries to submit a form after having logged out and back in again in the meantime), the form API now skips calling form element value callbacks, except for a select list of callbacks provided by Drupal core that are known to be safe. In rare cases, this could lead to data loss when a user submits a form and receives a token validation error, but the overall effect is expected to be minor. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1255662 - CVE-2015-6658 CVE-2015-6659 CVE-2015-6660 CVE-2015-6661 CVE-2015-6665 drupal: Several issues in 6.x and 7.x (SA-CORE-2015-003) https://bugzilla.redhat.com/show_bug.cgi?id=1255662 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update drupal6' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Ubuntu patch provides crucial enhancements for WordPress 5. Users advised to implement upgrades after consulting essential notice information.. Drupal6 Security Update, Fedora 23, Security Release, Maintenance Release. . Severity: Critical. LinuxSecurity.com Team

Sep 06, 2015 •Critical Fedora

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.54%)

78.54% votes

Formal training or courses (4.29%)

4.29% votes

A job that required it (4.86%)

4.86% votes

Other (12.3%)

12.3% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 32: FEDORA-2020-088196d926 Critical: Drupal 7.74 Security Advisory

Fedora 32: 2020-09-13 Critical Drupal 7.72 CSRF Security Advisory

Debian: 2023-2145fcdbe3 Important: Drupal8 Vulnerability Resolution

Fedora 23: Drupal6 Critical Security Fix for Multiple Issues

Fedora 23: 2015-14443 Critical Update For Drupal6 Security

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!