Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
89
security advisoryfedoraupdateFedora 43: Firefox Update 2025-f20b9f321d - Aarch64 Crashes Fixed
Fixed aarch64 crashes Updated to latest upstream (146.0). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-f20b9f321d 2025-12-15 01:27:35.835730+00:00 -------------------------------------------------------------------------------- Name : firefox Product : Fedora 43 Version : 146.0 Release : 3.fc43 URL : https://www.firefox.com/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: Fixed aarch64 crashes Updated to latest upstream (146.0) -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 11 2025 Martin Stransky - 146.0-3 - Added aarch64 crash fix - Fixed rawhide gcc build (kudos to jhorak who hacked it! He's just awesome.) * Mon Dec 8 2025 Martin Stransky - 146.0-2 - Updated to 146.0 build 2 * Wed Dec 3 2025 Martin Stransky - 146.0-1 - Updated to 146.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f20b9f321d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 15, 2025
•Informational
Fedora
89
security advisoryfedoraupdateFedora 41: Firefox 145.0 Critical DoS Update 2025-ba7105c612
Updated to latest upstream (145.0) Added fix for mzbz#1990430 (crashes) Updated to latest upstream (144.0). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ba7105c612 2025-11-19 01:21:16.309055+00:00 -------------------------------------------------------------------------------- Name : firefox Product : Fedora 41 Version : 145.0 Release : 2.fc41 URL : https://www.firefox.com/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: Updated to latest upstream (145.0) Added fix for mzbz#1990430 (crashes) Updated to latest upstream (144.0) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2025 Martin Stransky - 145.0-2 - Updated to 145.0 B2 * Wed Nov 5 2025 Martin Stransky - 145.0-1 - Updated to 145.0 * Thu Oct 30 2025 Martin Stransky - 144.0.2-1 - Updated to 144.0.2 * Thu Oct 16 2025 Martin Stransky - 144.0-3 - Add fix for mzbz#1990430 * Mon Oct 13 2025 Martin Stransky - 144.0-2 - Updated to 144.0 (b2) * Thu Oct 9 2025 Martin Stransky - 144.0-1 - Updated to 144.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ba7105c612' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Nov 19, 2025
•Important
Fedora
89
security advisoryupdatecriticalFedora 38: FEDORA-2024-ca3f071aea Critical WebKitGTK Fixes
Fix webkit_web_context_allow_tls_certificate_for_host to handle IPv6 URIs produced by SoupURI. Ignore stops with offset zero before last one when rendering gradients with cairo. Write bwrapinfo.json to disk for xdg-desktop-portal.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ca3f071aea 2024-02-11 05:38:48.506345 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 38 Version : 2.42.5 Release : 1.fc38 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Fix webkit_web_context_allow_tls_certificate_for_host to handle IPv6 URIs produced by SoupURI. Ignore stops with offset zero before last one when rendering gradients with cairo. Write bwrapinfo.json to disk for xdg-desktop-portal. Fix gamepads detection by correctly handling focused window in GTK4. Fix several crashes and rendering issues. Fix CVE-2024-23222, CVE-2024-23206, CVE-2024-23213 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 5 2024 Michael Catanzaro - 2.42.5-1 - Update to WebKitGTK 2.42.5 * Fri Dec 15 2023 Michael Catanzaro - 2.42.4-1 - Update to 2.42.4 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ca3f071aea' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 11, 2024
•Critical
Fedora
89
security advisorymoderatefedoraFedora 36: 2022-ce32af66d6 Moderate: Webkit2gtk3 Fixes and Updates
* Fix scrolling issues in some sites having fixed background. * Fix prolonged buffering during progressive live playback. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-ce32af66d6 2022-11-09 11:20:02.682775 --------------------------------------------------------------------------------Name : webkit2gtk3 Product : Fedora 36 Version : 2.38.2 Release : 1.fc36 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. --------------------------------------------------------------------------------Update Information: * Fix scrolling issues in some sites having fixed background. * Fix prolonged buffering during progressive live playback. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824 --------------------------------------------------------------------------------ChangeLog: * Fri Nov 4 2022 Michael Catanzaro 2.38.2-1 - Update to 2.38.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2140511 - CVE-2022-42799 webkit2gtk3: webkitgtk: a issue was addressed with improved UI handling [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2140511 [ 2 ] Bug #2140517 - CVE-2022-42824 webkit2gtk3: webkitgtk: A logic issue was addressed with improved state management [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2140517 [ 3 ] Bug #2140523 - CVE-2022-42823 webkit2gtk3: webkitgtk: A type confusion issue was addressed with improved memory handling [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2140523 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-ce32af66d6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 09, 2022
Fedora
89
security advisoryFedorasecurity fixFedora 34: FEDORA-2022-1daf93c51d Moderate: Wireshark Infinite Loop Issues
New version 3.6.1, Security fix for CVE-2021-4181, CVE-2021-4182, CVE-2021-4183, CVE-2021-4184, CVE-2021-4185, CVE-2021-4186, CVE-2021-4190. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-1daf93c51d 2022-01-20 08:31:04.549420 --------------------------------------------------------------------------------Name : wireshark Product : Fedora 34 Version : 3.6.1 Release : 1.fc34 URL : https://www.wireshark.org/ Summary : Network traffic analyzer Description : Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. --------------------------------------------------------------------------------Update Information: New version 3.6.1, Security fix for CVE-2021-4181, CVE-2021-4182, CVE-2021-4183, CVE-2021-4184, CVE-2021-4185, CVE-2021-4186, CVE-2021-4190 --------------------------------------------------------------------------------ChangeLog: * Wed Jan 12 2022 Michal Ruprich - 1:3.6.1-1 - New version 3.6.1 - Fix for CVE-2021-4181, CVE-2021-4182, CVE-2021-4183, CVE-2021-4184, CVE-2021-4185, CVE-2021-4190 --------------------------------------------------------------------------------References: [ 1 ] Bug #2039000 - CVE-2021-4181 wireshark: Sysdig Event dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=2039000 [ 2 ] Bug #2039005 - CVE-2021-4182 wireshark: RFC 7468 file parser infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=2039005 [ 3 ] Bug#2039009 - CVE-2021-4184 wireshark: BitTorrent DHT dissector infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=2039009 [ 4 ] Bug #2039011 - CVE-2021-4185 wireshark: RTMPT dissector infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=2039011 [ 5 ] Bug #2039013 - CVE-2021-4186 wireshark: Gryphon dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=2039013 [ 6 ] Bug #2039027 - CVE-2021-4183 wireshark: pcapng file parser crash https://bugzilla.redhat.com/show_bug.cgi?id=2039027 [ 7 ] Bug #2039029 - CVE-2021-4190 wireshark: Kafka dissector infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=2039029 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-1daf93c51d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 20, 2022
Fedora
203
security advisorycriticalinformation disclosureMageia 7: 2020-0476 Critical Advisory: Jack2 Double Close Issue and Fix
posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file . MGASA-2020-0476 - Updated jackit packages fix security vulnerability Publication date: 29 Dec 2020 URL: https://advisories.mageia.org/MGASA-2020-0476.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-13351 posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file descriptor (CVE-2019-13351). References: - https://bugs.mageia.org/show_bug.cgi?id=27775 - - https://www.cve.org/CVERecord?id=CVE-2019-13351 SRPMS: - 7/core/jackit-1.9.12-2.1.mga7 . Mageia 2021-1023 resolves a vulnerability found in the OpenSSL component, mitigating risks of data corruption and unauthorized access.. Jack2 Security Update, Mageia 2020-0476, libjack Issue, Crash Prevention, Info Leak Mitigation. . Severity: Critical. LinuxSecurity.com Team
Dec 29, 2020
•Critical
Mageia
89
security advisoryFedorasecurity fixFedora 30: FEDORA-2020-4d11d35a1f Moderate: webkit2gtk3 Crashes
* Always use a light theme for rendering form controls. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-4d11d35a1f 2020-02-23 01:09:04.861399 --------------------------------------------------------------------------------Name : webkit2gtk3 Product : Fedora 30 Version : 2.26.4 Release : 1.fc30 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. --------------------------------------------------------------------------------Update Information: * Always use a light theme for rendering form controls. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868 --------------------------------------------------------------------------------ChangeLog: * Fri Feb 14 2020 Michael Catanzaro - 2.26.4-1 - Update to 2.26.4 - Add GPG verification of tarball * Thu Jan 23 2020 Eike Rathke - 2.26.3-1 - Update to 2.26.3 * Fri Nov 8 2019 Eike Rathke - 2.26.2-1 - Update to 2.26.2 * Mon Oct 28 2019 Michael Catanzaro - 2.26.1-3 - Disable broken WPE renderer * Wed Oct 23 2019 Eike Rathke - 2.26.1-2 - Rebase to 2.26.1 * Wed Aug 28 2019 Tomas Popela - 2.24.4-1 - Update to 2.24.4 * Tue Jul 2 2019 Tomas Popela - 2.24.3-1 - Update to 2.24.3 * Fri May 17 2019 Eike Rathke - 2.24.2-1 - Update to 2.24.2 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-4d11d35a1f' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 22, 2020
Fedora
99
security advisorysecurity fixslackwareSlackware: 2018-233-01 Moderate LibX11 Flaws Include Crashes
New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libX11 (SSA:2018-233-01) New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/libX11-1.6.6-i586-1_slack14.2.txz: Upgraded. This update fixes some security issues: Fixed crash on invalid reply (CVE-2018-14598). Fixed off-by-one writes (CVE-2018-14599). Fixed out of boundary write (CVE-2018-14600). For more information, see: https://www.cve.org/CVERecord?id=CVE-2018-14598 https://www.cve.org/CVERecord?id=CVE-2018-14599 https://www.cve.org/CVERecord?id=CVE-2018-14600 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 14.0: Updated package for Slackware x86_64 14.0: Updated package for Slackware 14.1: Updated package for Slackware x86_64 14.1: Updated package for Slackware 14.2: Updated package for Slackware x86_64 14.2: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 14.0 package: 9bb8475057d8a2608b2fd12c0a1cbd21 libX11-1.6.6-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 58161eb995afd54e46c54ac7f8514863 libX11-1.6.6-x86_64-1_slack14.0.txz Slackware 14.1 package: 12b07f273428650137f8f1ed7e8a47ee libX11-1.6.6-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 9e3744bcdbeb040bf74e1cf60e65a6e3 libX11-1.6.6-x86_64-1_slack14.1.txz Slackware 14.2 package: e8dce4b7c0084e08cf5e98b01623e96d libX11-1.6.6-i586-1_slack14.2.txz Slackwarex86_64 14.2 package: 0066b709becabab5661427863f9cbc37 libX11-1.6.6-x86_64-1_slack14.2.txz Slackware -current package: 6ec3f2b5f2f314f5e9360e54864c70e5 x/libX11-1.6.6-i586-1.txz Slackware x86_64 -current package: 44e4bd7fd0842ff5f980d812828e78e9 x/libX11-1.6.6-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libX11-1.6.6-i586-1_slack14.2.txz +-----+ . Recently released libX11 updates for Slackware address vulnerabilities including potential crashes and out-of-bounds writes. Users are advised to upgrade.. libx11, security update, package management, slackware. . Severity: Important. LinuxSecurity.com Team
Aug 21, 2018
•Important
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!