Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticalattack

Mageia: 2022-0455 Urgent: SQL Injection Vulnerability in Python

If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If . MGASA-2022-0454 - Updated ruby packages fix security vulnerability Publication date: 13 Dec 2022 URL: https://advisories.mageia.org/MGASA-2022-0454.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-33621 If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If an application creates a CGI::Cookie object based on user input, an attacker may exploit it to inject invalid attributes in Set-Cookie header. Such applications are unlikely, but a change is included to check arguments for CGI::Cookie#initialize preventatively. References: - https://bugs.mageia.org/show_bug.cgi?id=31187 - https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/YACE6ORF2QBXXBK2V2CM36D7TZMEJVAS/ - https://www.cve.org/CVERecord?id=CVE-2021-33621 SRPMS: - 8/core/ruby-2.7.7-33.6.mga8 . Mageia's most recent security notice outlines a vital patch for a ruby flaw impacting HTTP replies and cookie handling.. Ruby Security Threats,Mageia Updates,CGI Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 13, 2022 Important Mageia
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydirectory traversalmoderate severity

SUSE: 2022:3347-1 Moderate: Rubygem-Rack Directory And Cookie Fix

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for rubygem-rack ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3347-1 Rating: moderate References: #1172037 #1173351 Cross-References: CVE-2020-8161 CVE-2020-8184 CVSS scores: CVE-2020-8161 (NVD) : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N CVE-2020-8161 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-8184 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-8184 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15-SP1 SUSE Linux Enterprise High Availability 15-SP2 SUSE Linux Enterprise High Availability 15-SP3 SUSE Linux Enterprise High Availability 15-SP4 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15-SP1 SUSE Linux Enterprise High Performance Computing 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15-SP1 SUSE Linux Enterprise Server 15-SP2 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15-SP1 SUSE Linux Enterprise Server for SAP Applications 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.0 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.0 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.0 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rubygem-rack fixes the following issues: - CVE-2020-8184: Fixed vulnerability where percent-encoded cookies can be used to overwrite existing prefixed cookie names (bsc#1173351). - CVE-2020-8161: Fixed directory traversal in Rack:Directory (bsc#1172037). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3347=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3347=1 - SUSE Linux Enterprise High Availability 15-SP4: zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-3347=1 - SUSE Linux Enterprise High Availability 15-SP3: zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3347=1 - SUSE Linux Enterprise High Availability 15-SP2: zypper in -t patchSUSE-SLE-Product-HA-15-SP2-2022-3347=1 - SUSE Linux Enterprise High Availability 15-SP1: zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-3347=1 - SUSE Linux Enterprise High Availability 15: zypper in -t patch SUSE-SLE-Product-HA-15-2022-3347=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 ruby2.5-rubygem-rack-doc-2.0.8-150000.3.9.1 ruby2.5-rubygem-rack-testsuite-2.0.8-150000.3.9.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 ruby2.5-rubygem-rack-doc-2.0.8-150000.3.9.1 ruby2.5-rubygem-rack-testsuite-2.0.8-150000.3.9.1 - SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 - SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 - SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 - SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-rack-2.0.8-150000.3.9.1 References: https://www.suse.com/security/cve/CVE-2020-8161.html https://www.suse.com/security/cve/CVE-2020-8184.html https://bugzilla.suse.com/1172037 https://bugzilla.suse.com/1173351 . A new version of rubygem-rack has been released addressing a pair of bugs. Refer to SUSE-SU-2022:3348-1 for more information.. rubygem-rack security,SUSE Linux update,directory traversal fix,cookie vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 23, 2022 Important SuSE
Banner 2 1028x280 1708121730 1 1771599631
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysoftware patchmageia

Mageia 7: MGASA-2020-0306 Moderate: Ruby-Rack Cookie Issue

A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3 that makes it is possible for an attacker to forge a secure or host-only cookie prefix (CVE-2020-8184). References: . MGASA-2020-0306 - Updated ruby-rack packages fix security vulnerability Publication date: 31 Jul 2020 URL: https://advisories.mageia.org/MGASA-2020-0306.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-8184 A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3 that makes it is possible for an attacker to forge a secure or host-only cookie prefix (CVE-2020-8184). References: - https://bugs.mageia.org/show_bug.cgi?id=26952 - https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html - https://www.cve.org/CVERecord?id=CVE-2020-8184 SRPMS: - 7/core/ruby-rack-2.0.8-2.mga7 . Mageia 2020-0306 resolves an issue with cookie validation in ruby-rack packages. Users with affected systems should apply the update.. mageia security advisory,ruby-rack cookie flaw,mageia update,security patch. . LinuxSecurity.com Team

Calendar 2 Jul 31, 2020 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here