Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 21 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 42 k9s Update 0.50.18 Advisory FEDORA-2026-a74aa25180

Update to 0.50.18. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a74aa25180 2026-03-09 01:01:24.903121+00:00 -------------------------------------------------------------------------------- Name : k9s Product : Fedora 42 Version : 0.50.18 Release : 1.fc42 URL : https://github.com/derailed/k9s Summary : Kubernetes CLI To Manage Your Clusters In Style Description : Kubernetes CLI To Manage Your Clusters In Style! -------------------------------------------------------------------------------- Update Information: Update to 0.50.18 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 28 2026 blinxen - 0.50.18-1 - Update to version 0.50.18 (rhbz#2428576) * Fri Jan 16 2026 Fedora Release Engineering - 0.50.16-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2417127 - CVE-2025-65965 k9s: Grype has a credential disclosure vulnerability in Grype JSON output [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417127 [ 2 ] Bug #2419013 - CVE-2024-25621 k9s: containerd local privilege escalation [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2419013 [ 3 ] Bug #2420597 - CVE-2025-47913 k9s: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2420597 [ 4 ] Bug #2424014 - [Minor Incident] CVE-2025-52881 k9s: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2424014 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a74aa25180'at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Upgrade to k9s 0.50.18 on Fedora 42. Addresses potential DoS and credential exposure.. Fedora k9s update, Kubernetes CLI security, package upgrade. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 09, 2026 Important Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity updatedebian

Debian LTS: DLA-4096-1: librabbitmq Security Advisory Updates

An issue has been found in librabbitmq, a AMQP client library and tools written in C. The issue is related to credential visibility when . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4096-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz March 30, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : librabbitmq Version : 0.10.0-1+deb11u1 CVE ID : CVE-2023-35789 An issue has been found in librabbitmq, a AMQP client library and tools written in C. The issue is related to credential visibility when using the tools on the command line. For Debian 11 bullseye, this problem has been fixed in version 0.10.0-1+deb11u1. We recommend that you upgrade your librabbitmq packages. For the detailed security status of librabbitmq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/librabbitmq Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A security advisory for librabbitmq addresses credential visibility issues in Debian LTS. Update required for protection.. found, librabbitmq, client, library, tools, written. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 29, 2025 Important Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorysecurity issueimportant update

Rocky Linux 9 RLSA-2025:0674 critical: docker daemon security risk

Important: git-lfs security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2025:0673", "synopsis": "Important: git-lfs security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for git-lfs.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.\n\nSecurity Fix(es):\n\n* git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs (CVE-2024-53263)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2338002", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2338002", "description": ""}], "cves": [{"name": "CVE-2024-53263", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-53263", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2025-02-13T20:35:44.459056Z", "rpms": {"Rocky Linux 9": {"nvras": ["git-lfs-0:3.4.1-4.el9_4.aarch64.rpm", "git-lfs-0:3.4.1-4.el9_4.ppc64le.rpm", "git-lfs-0:3.4.1-4.el9_4.s390x.rpm", "git-lfs-0:3.4.1-4.el9_4.src.rpm", "git-lfs-0:3.4.1-4.el9_4.x86_64.rpm", "git-lfs-debuginfo-0:3.4.1-4.el9_4.aarch64.rpm", "git-lfs-debuginfo-0:3.4.1-4.el9_4.ppc64le.rpm", "git-lfs-debuginfo-0:3.4.1-4.el9_4.s390x.rpm", "git-lfs-debuginfo-0:3.4.1-4.el9_4.x86_64.rpm", "git-lfs-debugsource-0:3.4.1-4.el9_4.aarch64.rpm", "git-lfs-debugsource-0:3.4.1-4.el9_4.ppc64le.rpm", "git-lfs-debugsource-0:3.4.1-4.el9_4.s390x.rpm", "git-lfs-debugsource-0:3.4.1-4.el9_4.x86_64.rpm"]}},"rebootSuggested": false, "buildReferences": []}. Critical update issued for git-lfs on Rocky Linux 9 tackles issues related to credential exposures swiftly.. Git LFS security, Rocky Linux security update, credential protection, security patch, software updates. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 13, 2025 Important Rocky Linux
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorybuffer overflowDebian

Debian 11: DLA-4031-1 moderate: git credential exposure

Multiple vulnerabilities were discovered in git, a fast, scalable and distributed revision control system. CVE-2024-50349 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4031-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Sean Whitton January 28, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : git Version : 1:2.30.2-1+deb11u4 CVE ID : CVE-2024-50349 CVE-2024-52006 Debian Bug : 1093042 Multiple vulnerabilities were discovered in git, a fast, scalable and distributed revision control system. CVE-2024-50349 When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This could allow attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. CVE-2024-52006 Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. For Debian 11 bullseye, these problems have been fixed in version 1:2.30.2-1+deb11u4. We recommend that you upgrade your git packages. For the detailed security status of git please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/git Further information aboutDebian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Notice DLA-4032-2 tackles severe vulnerabilities in git. Update promptly to reduce exposure.. Debian LTS Advisory, git updates, security flaws, credential exposure. . LinuxSecurity.com Team

Calendar 2 Jan 28, 2025 Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderateDebian

Debian 10 Buster DLA-3695-1 moderate: Ansible credential exposure

Ansible a configuration management, deployment, and task execution system was affected by multiple vulnerabilities. CVE-2019-10206 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3695-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Bastien Roucariès December 28, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : ansible Version : 2.7.7+dfsg-1+deb10u2 CVE ID : CVE-2019-10206 CVE-2021-3447 CVE-2021-3583 CVE-2021-3620 CVE-2021-20178 CVE-2021-20191 CVE-2022-3697 CVE-2023-5115 Debian Bug : 1053693 Ansible a configuration management, deployment, and task execution system was affected by multiple vulnerabilities. CVE-2019-10206 Fix a regression in test suite of CVE-2019-10206. CVE-2021-3447 A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality CVE-2021-3583 A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity. CVE-2021-3620 Aflaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality. CVE-2021-20178 A flaw was found in ansible module snmp_fact where credentials are disclosed in the console log by default and not protected by the security feature This flaw allows an attacker to steal privkey and authkey credentials. The highest threat from this vulnerability is to confidentiality. CVE-2021-20191 A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using Cisco nxos moduel. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. CVE-2022-3697 A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs. CVE-2023-5115 An absolute path traversal attack existed in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. For Debian 10 buster, these problems have been fixed in version 2.7.7+dfsg-1+deb10u2. We recommend that you upgrade your ansible packages. For the detailed security status of ansible please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/ansible Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at:https://wiki.debian.org/LTS . Multiple security vulnerabilities in Ansible have been addressed in Debian LTS Notice DLA-3695-2, urging package updates.. Ansible Security, Debian Updates, Security Advisories, Credential Exposure, Configuration Management. . LinuxSecurity.com Team

Calendar 2 Dec 28, 2023 Debian LTS
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycritical issuesecurity update

Mageia 8 MGASA-2023-0210 Critical: Python-Requests Exposes Credentials

Forwarding proxy credentials to the destination server unintentionally (CVE-2023-32681) References: - https://bugs.mageia.org/show_bug.cgi?id=32032 . MGASA-2023-0210 - Updated python-requests packages fix security vulnerability Publication date: 28 Jun 2023 URL: https://advisories.mageia.org/MGASA-2023-0210.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-32681 Forwarding proxy credentials to the destination server unintentionally (CVE-2023-32681) References: - https://bugs.mageia.org/show_bug.cgi?id=32032 - https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html - https://ubuntu.com/security/notices/USN-6155-1 - https://www.cve.org/CVERecord?id=CVE-2023-32681 SRPMS: - 8/core/python-requests-2.25.1-1.2.mga8 . MGASA-2023-0211 addresses a vulnerability in python-urllib3 to remediate severe credential leakage risk on Mageia.. Mageia Security Update, Python Requests Vulnerability, Credential Exposure Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 28, 2023 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryUbuntunetwork threat

Ubuntu: USN-6189-1 Critical: etcd Credential Exposure Over Network

etcd could be made to expose sensitive information over the network.. =========================================================================Ubuntu Security Notice USN-6189-1 June 28, 2023 etcd vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.10 Summary: etcd could be made to expose sensitive information over the network. Software Description: - etcd: highly-available key value store -- client Details: It was discovered that etcd leaked credentials when debugging was enabled. This allowed remote attackers to discover etcd authentication credentials and possibly escalate privileges on systems using etcd. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: etcd-client 3.4.23-4ubuntu0.1 etcd-server 3.4.23-4ubuntu0.1 Ubuntu 22.10: etcd-client 3.3.25+dfsg-7ubuntu0.22.10.2 etcd-server 3.3.25+dfsg-7ubuntu0.22.10.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6189-1 CVE-2021-28235 Package Information: https://launchpad.net/ubuntu/+source/etcd/3.4.23-4ubuntu0.1 https://launchpad.net/ubuntu/+source/etcd/3.3.25+dfsg-7ubuntu0.22.10.2 . Critical advisory concerning etcd security flaw on Ubuntu 23.04 and 22.10 to avert unauthorized credential sharing across networks.. etcd Vulnerability, Ubuntu Security, Credential Exposure. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 28, 2023 Critical Ubuntu
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticaldata confidentiality

Mageia: 2021-0420 Critical Security Advisory for Ansible Risks

A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. . MGASA-2021-0420 - Updated ansible packages fix security vulnerability Publication date: 23 Sep 2021 URL: https://advisories.mageia.org/MGASA-2021-0420.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-3447, CVE-2021-3583 A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2 (CVE-2021-3447). A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity (CVE-2021-3583). References: - https://bugs.mageia.org/show_bug.cgi?id=28832 - https://access.redhat.com/errata/RHSA-2021:1342 - https://access.redhat.com/errata/RHSA-2021:2664 - https://github.com/ansible/ansible/blob/v2.9.24/changelogs/CHANGELOG-v2.9.rst - https://www.cve.org/CVERecord?id=CVE-2021-3447 - https://www.cve.org/CVERecord?id=CVE-2021-3583 SRPMS: - 8/core/ansible-2.9.24-1.mga8 . MGASA-2021-0421 tackles potential vulnerabilitiesrelated to system integrity and user management, delivering patches for Mageia packages.. Ansible Security Update, Mageia Packages, Data Confidentiality Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 23, 2021 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here