Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdateDebian

Debian: DSA-5460-1 Moderate: Curl File Path Handling Flaw

It was discovered that Curl performed incorrect file path handling when saving cookies to files, which could lead to the creation or overwriting of files. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5460-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff July 26, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2023-32001 It was discovered that Curl performed incorrect file path handling when saving cookies to files, which could lead to the creation or overwriting of files. The oldstable distribution (bullseye) is not affected. For the stable distribution (bookworm), this problem has been fixed in version 7.88.1-10+deb12u1. We recommend that you upgrade your curl packages. For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/curl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . There is a vulnerability related to path management in Curl as highlighted in Debian security notice DSA-5460-1; it is crucial to upgrade your curl software immediately.. Curl Security Update, Debian Advisory, File Path Handling, Cookie Management. . LinuxSecurity.com Team

Calendar 2 Jul 26, 2023 Debian
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicefirefox

Ubuntu 20.04: USN-6201-1 Critical: Firefox Denial Of Service Threat

Several security issues were fixed in Firefox.. =========================================================================Ubuntu Security Notice USN-6201-1 July 05, 2023 firefox vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Firefox. Software Description: - firefox: Mozilla Open Source web browser Details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-37201, CVE-2023-37202, CVE-2023-37205, CVE-2023-37207, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212) Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage. (CVE-2023-3482) Paul Nickerson discovered that Firefox did have insufficient validation in the Drag and Drop API. If a user were tricked into creating a shortcut to local system files, an attacker could execute arbitrary code. (CVE-2023-37203) Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using an option element having an expensive computational function. An attacker could potentially exploit this issue to perform spoofing attacks. (CVE-2023-37204) Ameen Basha M K discovered that Firefox did not properly validate symlinks in the FileSystem API. If a user were tricked into uploading a symlinked file to a malicious website, an attacker could obtain sensitive information. (CVE-2023-37206) Puf discovered that Firefox did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code.(CVE-2023-37208) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: firefox 115.0+build2-0ubuntu0.20.04.3 After a standard system update you need to restart Firefox to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6201-1 CVE-2023-3482, CVE-2023-37201, CVE-2023-37202, CVE-2023-37203, CVE-2023-37204, CVE-2023-37205, CVE-2023-37206, CVE-2023-37207, CVE-2023-37208, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212 Package Information: https://launchpad.net/ubuntu/+source/firefox/115.0+build2-0ubuntu0.20.04.3 . Explore the specifics of Ubuntu Security Notice USN-6201-1, addressing several vulnerabilities in Firefox. Learn about the impact of these issues and how to update your system. Ubuntu Firefox Update, Security Advisories, Firefox Exploits. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 05, 2023 Critical Ubuntu
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorybuffer overflowRed Hat Enterprise Linux

Red Hat Enterprise Linux 9: RHSA-2023:0965-01 Moderate: PHP Security Issues

An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: php security update Advisory ID: RHSA-2023:0965-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0965 Issue date: 2023-02-28 CVE Names: CVE-2022-31628 CVE-2022-31629 CVE-2022-31630 CVE-2022-31631 CVE-2022-37454 ==================================================================== 1. Summary: An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (8.0.27). (BZ#2161667) Security Fix(es): * XKCP: buffer overflow in the SHA-3 reference implementation (CVE-2022-37454) * php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications (CVE-2022-31629) * php: OOB read due to insufficient input validation in imageloadfont() (CVE-2022-31630) * php: Due to an integer overflow PDO::quote() may return unquoted string (CVE-2022-31631) * php: phar wrapper can occur dos when using quine gzip file (CVE-2022-31628) For more details aboutthe security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2133687 - CVE-2022-31629 php: standard insecure cookie could be treated as a '__Host-' or '__Secure-' cookie by PHP applications 2133688 - CVE-2022-31628 php: phar: infinite loop when decompressing quine gzip file 2139280 - CVE-2022-31630 php: OOB read due to insufficient input validation in imageloadfont() 2140200 - CVE-2022-37454 XKCP: buffer overflow in the SHA-3 reference implementation 2158791 - CVE-2022-31631 php: PDO::quote() may return unquoted string due to an integer overflow 6. Package List: Red Hat Enterprise Linux AppStream (v.9): Source: php-8.0.27-1.el9_1.src.rpm aarch64: php-8.0.27-1.el9_1.aarch64.rpm php-bcmath-8.0.27-1.el9_1.aarch64.rpm php-bcmath-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-cli-8.0.27-1.el9_1.aarch64.rpm php-cli-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-common-8.0.27-1.el9_1.aarch64.rpm php-common-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-dba-8.0.27-1.el9_1.aarch64.rpm php-dba-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-dbg-8.0.27-1.el9_1.aarch64.rpm php-dbg-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-debugsource-8.0.27-1.el9_1.aarch64.rpm php-devel-8.0.27-1.el9_1.aarch64.rpm php-embedded-8.0.27-1.el9_1.aarch64.rpm php-embedded-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-enchant-8.0.27-1.el9_1.aarch64.rpm php-enchant-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-ffi-8.0.27-1.el9_1.aarch64.rpm php-ffi-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-fpm-8.0.27-1.el9_1.aarch64.rpm php-fpm-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-gd-8.0.27-1.el9_1.aarch64.rpm php-gd-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-gmp-8.0.27-1.el9_1.aarch64.rpm php-gmp-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-intl-8.0.27-1.el9_1.aarch64.rpm php-intl-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-ldap-8.0.27-1.el9_1.aarch64.rpm php-ldap-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-mbstring-8.0.27-1.el9_1.aarch64.rpm php-mbstring-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-mysqlnd-8.0.27-1.el9_1.aarch64.rpm php-mysqlnd-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-odbc-8.0.27-1.el9_1.aarch64.rpm php-odbc-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-opcache-8.0.27-1.el9_1.aarch64.rpm php-opcache-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-pdo-8.0.27-1.el9_1.aarch64.rpm php-pdo-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-pgsql-8.0.27-1.el9_1.aarch64.rpm php-pgsql-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-process-8.0.27-1.el9_1.aarch64.rpm php-process-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-snmp-8.0.27-1.el9_1.aarch64.rpm php-snmp-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-soap-8.0.27-1.el9_1.aarch64.rpm php-soap-debuginfo-8.0.27-1.el9_1.aarch64.rpm php-xml-8.0.27-1.el9_1.aarch64.rpm php-xml-debuginfo-8.0.27-1.el9_1.aarch64.rpm ppc64le: php-8.0.27-1.el9_1.ppc64le.rpm php-bcmath-8.0.27-1.el9_1.ppc64le.rpm php-bcmath-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-cli-8.0.27-1.el9_1.ppc64le.rpm php-cli-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-common-8.0.27-1.el9_1.ppc64le.rpm php-common-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-dba-8.0.27-1.el9_1.ppc64le.rpm php-dba-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-dbg-8.0.27-1.el9_1.ppc64le.rpm php-dbg-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-debugsource-8.0.27-1.el9_1.ppc64le.rpm php-devel-8.0.27-1.el9_1.ppc64le.rpm php-embedded-8.0.27-1.el9_1.ppc64le.rpm php-embedded-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-enchant-8.0.27-1.el9_1.ppc64le.rpm php-enchant-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-ffi-8.0.27-1.el9_1.ppc64le.rpm php-ffi-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-fpm-8.0.27-1.el9_1.ppc64le.rpm php-fpm-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-gd-8.0.27-1.el9_1.ppc64le.rpm php-gd-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-gmp-8.0.27-1.el9_1.ppc64le.rpm php-gmp-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-intl-8.0.27-1.el9_1.ppc64le.rpm php-intl-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-ldap-8.0.27-1.el9_1.ppc64le.rpm php-ldap-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-mbstring-8.0.27-1.el9_1.ppc64le.rpm php-mbstring-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-mysqlnd-8.0.27-1.el9_1.ppc64le.rpm php-mysqlnd-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-odbc-8.0.27-1.el9_1.ppc64le.rpm php-odbc-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-opcache-8.0.27-1.el9_1.ppc64le.rpm php-opcache-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-pdo-8.0.27-1.el9_1.ppc64le.rpm php-pdo-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-pgsql-8.0.27-1.el9_1.ppc64le.rpm php-pgsql-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-process-8.0.27-1.el9_1.ppc64le.rpm php-process-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-snmp-8.0.27-1.el9_1.ppc64le.rpm php-snmp-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-soap-8.0.27-1.el9_1.ppc64le.rpm php-soap-debuginfo-8.0.27-1.el9_1.ppc64le.rpm php-xml-8.0.27-1.el9_1.ppc64le.rpm php-xml-debuginfo-8.0.27-1.el9_1.ppc64le.rpm s390x: php-8.0.27-1.el9_1.s390x.rpm php-bcmath-8.0.27-1.el9_1.s390x.rpm php-bcmath-debuginfo-8.0.27-1.el9_1.s390x.rpm php-cli-8.0.27-1.el9_1.s390x.rpm php-cli-debuginfo-8.0.27-1.el9_1.s390x.rpm php-common-8.0.27-1.el9_1.s390x.rpm php-common-debuginfo-8.0.27-1.el9_1.s390x.rpm php-dba-8.0.27-1.el9_1.s390x.rpm php-dba-debuginfo-8.0.27-1.el9_1.s390x.rpm php-dbg-8.0.27-1.el9_1.s390x.rpm php-dbg-debuginfo-8.0.27-1.el9_1.s390x.rpm php-debuginfo-8.0.27-1.el9_1.s390x.rpm php-debugsource-8.0.27-1.el9_1.s390x.rpm php-devel-8.0.27-1.el9_1.s390x.rpm php-embedded-8.0.27-1.el9_1.s390x.rpm php-embedded-debuginfo-8.0.27-1.el9_1.s390x.rpm php-enchant-8.0.27-1.el9_1.s390x.rpm php-enchant-debuginfo-8.0.27-1.el9_1.s390x.rpm php-ffi-8.0.27-1.el9_1.s390x.rpm php-ffi-debuginfo-8.0.27-1.el9_1.s390x.rpm php-fpm-8.0.27-1.el9_1.s390x.rpm php-fpm-debuginfo-8.0.27-1.el9_1.s390x.rpm php-gd-8.0.27-1.el9_1.s390x.rpm php-gd-debuginfo-8.0.27-1.el9_1.s390x.rpm php-gmp-8.0.27-1.el9_1.s390x.rpm php-gmp-debuginfo-8.0.27-1.el9_1.s390x.rpm php-intl-8.0.27-1.el9_1.s390x.rpm php-intl-debuginfo-8.0.27-1.el9_1.s390x.rpm php-ldap-8.0.27-1.el9_1.s390x.rpm php-ldap-debuginfo-8.0.27-1.el9_1.s390x.rpm php-mbstring-8.0.27-1.el9_1.s390x.rpm php-mbstring-debuginfo-8.0.27-1.el9_1.s390x.rpm php-mysqlnd-8.0.27-1.el9_1.s390x.rpm php-mysqlnd-debuginfo-8.0.27-1.el9_1.s390x.rpm php-odbc-8.0.27-1.el9_1.s390x.rpm php-odbc-debuginfo-8.0.27-1.el9_1.s390x.rpm php-opcache-8.0.27-1.el9_1.s390x.rpm php-opcache-debuginfo-8.0.27-1.el9_1.s390x.rpm php-pdo-8.0.27-1.el9_1.s390x.rpm php-pdo-debuginfo-8.0.27-1.el9_1.s390x.rpm php-pgsql-8.0.27-1.el9_1.s390x.rpm php-pgsql-debuginfo-8.0.27-1.el9_1.s390x.rpm php-process-8.0.27-1.el9_1.s390x.rpm php-process-debuginfo-8.0.27-1.el9_1.s390x.rpm php-snmp-8.0.27-1.el9_1.s390x.rpm php-snmp-debuginfo-8.0.27-1.el9_1.s390x.rpm php-soap-8.0.27-1.el9_1.s390x.rpm php-soap-debuginfo-8.0.27-1.el9_1.s390x.rpm php-xml-8.0.27-1.el9_1.s390x.rpm php-xml-debuginfo-8.0.27-1.el9_1.s390x.rpm x86_64: php-8.0.27-1.el9_1.x86_64.rpm php-bcmath-8.0.27-1.el9_1.x86_64.rpm php-bcmath-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-cli-8.0.27-1.el9_1.x86_64.rpm php-cli-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-common-8.0.27-1.el9_1.x86_64.rpm php-common-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-dba-8.0.27-1.el9_1.x86_64.rpm php-dba-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-dbg-8.0.27-1.el9_1.x86_64.rpm php-dbg-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-debugsource-8.0.27-1.el9_1.x86_64.rpm php-devel-8.0.27-1.el9_1.x86_64.rpm php-embedded-8.0.27-1.el9_1.x86_64.rpm php-embedded-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-enchant-8.0.27-1.el9_1.x86_64.rpm php-enchant-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-ffi-8.0.27-1.el9_1.x86_64.rpm php-ffi-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-fpm-8.0.27-1.el9_1.x86_64.rpm php-fpm-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-gd-8.0.27-1.el9_1.x86_64.rpm php-gd-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-gmp-8.0.27-1.el9_1.x86_64.rpm php-gmp-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-intl-8.0.27-1.el9_1.x86_64.rpm php-intl-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-ldap-8.0.27-1.el9_1.x86_64.rpm php-ldap-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-mbstring-8.0.27-1.el9_1.x86_64.rpm php-mbstring-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-mysqlnd-8.0.27-1.el9_1.x86_64.rpm php-mysqlnd-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-odbc-8.0.27-1.el9_1.x86_64.rpm php-odbc-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-opcache-8.0.27-1.el9_1.x86_64.rpm php-opcache-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-pdo-8.0.27-1.el9_1.x86_64.rpm php-pdo-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-pgsql-8.0.27-1.el9_1.x86_64.rpm php-pgsql-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-process-8.0.27-1.el9_1.x86_64.rpm php-process-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-snmp-8.0.27-1.el9_1.x86_64.rpm php-snmp-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-soap-8.0.27-1.el9_1.x86_64.rpm php-soap-debuginfo-8.0.27-1.el9_1.x86_64.rpm php-xml-8.0.27-1.el9_1.x86_64.rpm php-xml-debuginfo-8.0.27-1.el9_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-31628 https://access.redhat.com/security/cve/CVE-2022-31629 https://access.redhat.com/security/cve/CVE-2022-31630 https://access.redhat.com/security/cve/CVE-2022-31631 https://access.redhat.com/security/cve/CVE-2022-37454 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY/3zqtzjgjWX9erEAQiEmg/8DiV16MLSYFoS2n7tYRQXvQ+/l60jW42G Ds/rC8uRUg5LzUTO3u0t+FkwCSP1ps5G8XLALF4WfwX7vkit+V9ErMtFR5PE9oet tiarhzToWoGtJPWeXyrMP+WnZITy+47ixo+9zdOxyMWSr1Ao0odHR7HLHhKmE3kv Kb/SDYCkajPAzdGIO+Y3lfMgXh9P5mO5s+g1Jc1/TsOLvSGaXajYf2hL5YaRAgD4 GJOe7GPHXlrGiaX9Nniaz91AIIAeLcQmuZDp94rZAA2nFn7voqzSadW8A+mJCBKe wSsoNPsink8if1dWPrbiFvGboKy2fCYf3kE3Hh/DYNnwLUTzQhEYcvo1+XNDYpwh KyrB/+eXHqTE8m82MRJnRo2l9dZiMiMBIosqVvntBDjVhYg0QtDxRcPI3rf+nzUf 0LszdIGI/ys5ZHsFdQl3FNk32kdRRyWmJuNIS5dZL7tMcNbpM8erwth1JKFQvscf idehpSoKByU1g5hLfUSzfIflAKfR7xC7bGBipYYCurqhhqSVK5kCmGJUwuuby/gi TI2W6SQPlKHsAP464s3FhdYWWcOwv5RKf6ZYWYMywObBHcrYWZGkJ1ZIMly7M0Q3 oX7MvpuA3n+bdzxO6RwaYyae6dbfpGTW2QETag+y8EYSvxoNJVZ4XqvaEhxZ7IQl PS+JU7EtUsg=dSKt -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . This notice outlines a significant security enhancement for PHP concerning Red Hat Enterprise Linux 9, tackling several vulnerabilities.. PHP Security Update, Red Hat Advisory, Moderate Security Fix. . LinuxSecurity.com Team

Calendar 2 Feb 28, 2023 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatearbitrary code execution

Red Hat Enterprise Linux 9 RHSA-2022:8054 security update for webkit2gtk3

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2022:8054-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:8054 Issue date: 2022-11-15 CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 ==================================================================== 1. Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628) * webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629) * webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662) * webkitgtk: Memory corruption issue leading to arbitrary codeexecution (CVE-2022-26700) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719) * webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2061996 - Upgrade WebKitGTK for RHEL 9.1 2073893 - CVE-2022-22624 webkitgtk: Use-after-free leading to arbitrary code execution 2073896 - CVE-2022-22628 webkitgtk: Use-after-free leading to arbitrary code execution 2073899 - CVE-2022-22629 webkitgtk: Buffer overflow leading to arbitrary code execution 2082548 - CVE-2022-30293 webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution 2092732 - CVE-2022-26700 webkitgtk: Memory corruption issue leading to arbitrary code execution 2092733 - CVE-2022-26709 webkitgtk: Use-after-free leading to arbitrary code execution 2092734 - CVE-2022-26716 webkitgtk: Memory corruption issue leading to arbitrary code execution 2092735 - CVE-2022-26717 webkitgtk: Use-after-free leading to arbitrary code execution 2092736 - CVE-2022-26719 webkitgtk: Memory corruption issue leading to arbitrarycode execution 2104787 - CVE-2022-22662 webkitgtk: Cookie management issue leading to sensitive user information disclosure 2104789 - CVE-2022-26710 webkitgtk: Use-after-free leading to arbitrary code execution 6. Package List: Red Hat Enterprise Linux AppStream (v.9): Source: webkit2gtk3-2.36.7-1.el9.src.rpm aarch64: webkit2gtk3-2.36.7-1.el9.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el9.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el9.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el9.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el9.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el9.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el9.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el9.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el9.aarch64.rpm ppc64le: webkit2gtk3-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el9.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el9.ppc64le.rpm s390x: webkit2gtk3-2.36.7-1.el9.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el9.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el9.s390x.rpm webkit2gtk3-devel-2.36.7-1.el9.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el9.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el9.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el9.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el9.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el9.s390x.rpm x86_64: webkit2gtk3-2.36.7-1.el9.i686.rpm webkit2gtk3-2.36.7-1.el9.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el9.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el9.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el9.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el9.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el9.i686.rpm webkit2gtk3-devel-2.36.7-1.el9.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el9.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el9.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el9.i686.rpm webkit2gtk3-jsc-2.36.7-1.el9.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el9.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el9.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el9.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el9.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el9.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3PhNNzjgjWX9erEAQjsxA//e3e3o5MsuGWIcDr3QU3zPT+1zQymzdZX X0oSq7JCHRFVefNXaiVxl0WEaxVTQcenhr/A7SaX4Ma6Hy/B64yzRShe60OO3IFm xsuLDaist0ol9Tyay1lPwhI6HqwCvZd7u+7P8iMKZyGynM56hVlOKW9YDal+a4u8 Nsxp2svs6Yq3rif40CSuuYdpAQ54Tiduz4mjGaD8eGStOUKeQ2SldrbwUFZJn5wR zI6f0B3eY6gWb64xkhX5G4OzC7KzI/gnFJls15mece5L8NiNpz6znRKEjo0mlMzN nAkTk4/E2bPUJwrB6FNJvOZhpOnr86fxezIzRIstzXRovkPQbubpC6AVCkrTNXnM cdh0tYzts6TJ4Pdlbti7pq2hoKkTfagdMGfftZwowvlhpl+7xaK+LwnivK885atz jw/2QztgTQfrgw0/B/ZoqzoRhm9ExcViYgPtIYiAWGd4d7HLgBROGtjWS7rMKrSV mCjE/AKfgtJsnMyBRpqCcpz5qWQdGEvpaU+ZieeL9ygOdh1qg66ZRlEO7yuQDCTE mC4Snqzi5mRu6K/b66nlzlA1/jWs+/vOgfiXs+V43S1mN16B+cRbXLJhPCXJAxnY g1QwMmc4xjIKauClchw/kokItJvJLYdqlsae7nI95qTD+WBtEmvh8k19JtUi7jG6 dICPDYbUcGQ=qQaN -----END PGP SIGNATURE----- -- RHSA-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant webkit2gtk3 upgrade bolsters protection measures for CentOS Stream. Major improvements tackle vulnerability issues and beyond.. Red Hat Enterprise Linux, webkit2gtk3 update, security patch, arbitrary code execution. . LinuxSecurity.com Team

Calendar 2 Nov 15, 2022 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantcurl

openSUSE 13.1 12.3: 2014:1140-2 Critical: Curl Session Vulnerabilities

An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available.. openSUSE Security Update: curl ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:1139-1 Rating: important References: #894575 #895991 Cross-References: CVE-2014-3613 CVE-2014-3620 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: libcurl was updated to fix security issues: CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned or used for other numeric IP hosts if portions of the numerics were the same. CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains, making them to broad. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-547 - openSUSE 12.3: zypper in -t patch openSUSE-2014-547 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): curl-7.32.0-2.27.1 curl-debuginfo-7.32.0-2.27.1 curl-debugsource-7.32.0-2.27.1 libcurl-devel-7.32.0-2.27.1 libcurl4-7.32.0-2.27.1 libcurl4-debuginfo-7.32.0-2.27.1 - openSUSE 13.1 (x86_64): libcurl4-32bit-7.32.0-2.27.1 libcurl4-debuginfo-32bit-7.32.0-2.27.1 - openSUSE 12.3 (i586 x86_64): curl-7.28.1-4.43.1 curl-debuginfo-7.28.1-4.43.1 curl-debugsource-7.28.1-4.43.1 libcurl-devel-7.28.1-4.43.1 libcurl4-7.28.1-4.43.1 libcurl4-debuginfo-7.28.1-4.43.1 - openSUSE 12.3 (x86_64): libcurl4-32bit-7.28.1-4.43.1 libcurl4-debuginfo-32bit-7.28.1-4.43.1 References: https://www.suse.com/security/cve/CVE-2014-3613.html https://www.suse.com/security/cve/CVE-2014-3620.html . The latest openSUSE update addresses critical vulnerabilities in curl that impact various versions. Detailed guidance for applying the patch is provided.. openSUSE Update, Curl Security, Libcurl Issues, Cookie Management. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 17, 2014 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here