Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (1)

Important (2)

Dovecot (141)

debian (8034)

denial of service (18299)

important (27751)

information leak (1384)

security advisory (114945)

critical (18622)

gsasl (5)

security update (9017)

SuSE (3977)

Debian (1)

Mageia (1)

SuSE (2)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -5 articles for you...

100

security advisoryimportantthreat mitigation

SUSE: 2025:0144-1 important: git credential issues and security updates

* bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-50349 . # Security update for git Announcement ID: SUSE-SU-2025:0144-1 Release Date: 2025-01-16T13:30:38Z Rating: important References: * bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-50349 * CVE-2024-52006 CVSS scores: * CVE-2024-50349 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-50349 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52006 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-52006 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE ManagerServer 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). * CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-144=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-144=1 * SUSE Linux Enterprise Server forSAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-144=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-144=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-144=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-144=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-144=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-credential-libsecret-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-credential-gnome-keyring-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * git-p4-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 *git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise HighPerformance Computing LTSS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 *git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 *perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) *git-doc-2.35.3-150300.10.48.1 * SUSE Manager Proxy 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Enterprise Storage 7.1 (noarch) * git-doc-2.35.3-150300.10.48.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50349.html * https://www.suse.com/security/cve/CVE-2024-52006.html * https://bugzilla.suse.com/show_bug.cgi?id=1235600 * https://bugzilla.suse.com/show_bug.cgi?id=1235601 . Essential patch for git on SUSE addresses significant vulnerabilities and authentication concerns across various distributions and versions.. git security update, SUSE important advisory, credential issue git, password handling vulnerability. . Severity: Important. LinuxSecurity.com Team

Jan 16, 2025 •Important SuSE

203

security advisoryupdatenetwork issues

Mageia 7: 2020-0069 Moderate: Java-1.8.0-OpenJDK Update

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) . MGASA-2020-0069 - Updated java-1.8.0-openjdk packages fix security vulnerabilities Publication date: 30 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0069.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-2590, CVE-2020-2583, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2659 The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659) References: - https://bugs.mageia.org/show_bug.cgi?id=26075 - https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA - https://access.redhat.com/errata/RHSA-2020:0202 - https://www.cve.org/CVERecord?id=CVE-2020-2590 - https://www.cve.org/CVERecord?id=CVE-2020-2583 - https://www.cve.org/CVERecord?id=CVE-2020-2593 - https://www.cve.org/CVERecord?id=CVE-2020-2601 - https://www.cve.org/CVERecord?id=CVE-2020-2604 - https://www.cve.org/CVERecord?id=CVE-2020-2654 - https://www.cve.org/CVERecord?id=CVE-2020-2659 SRPMS: - 7/core/java-1.8.0-openjdk-1.8.0.242-1.b08.2.mga7 . Implementing security enhancements for java-1.8.0-openjdk in Mageia to bolster overall system security and ensure integrity.. java update, security enhancements, Mageiapackages, openjdk, patch notes. . LinuxSecurity.com Team

Jan 30, 2020 Mageia

100

security advisorykernel patchSUSE

SUSE: 2019:3232-1 Important Linux Kernel Security Patch Fix

An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:3232-1 Rating: important References: #1153108 #1156321 #1156331 Cross-References: CVE-2018-20856 CVE-2019-10220 CVE-2019-13272 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP2-LTSS ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.121-92_101 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331). - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321). - CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-3232=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-3232=1 Package List: - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): kgraft-patch-4_4_121-92_101-default-7-2.5 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le x86_64): kgraft-patch-4_4_121-92_101-default-7-2.5 References: https://www.suse.com/security/cve/CVE-2018-20856.html https://www.suse.com/security/cve/CVE-2019-10220.html https://www.suse.com/security/cve/CVE-2019-13272.html https://bugzilla.suse.com/1153108 https://bugzilla.suse.com/1156321 https://bugzilla.suse.com/1156331 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . A critical update from Oracle addresses significant vulnerabilities within the Solaris Kernel for Solaris 11.4, enhancing overall system integrity and protection.. Linux Kernel Patch, SUSE Security Update, Credential Handling Fix. . Severity: Important. LinuxSecurity.com Team

Dec 10, 2019 •Important SuSE

security advisorycriticaldebian

Ubuntu: USN-4786-1 Urgent: Ruby-on-Rails Security Vulnerabilities

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems: . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3544-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2016-2512 CVE-2016-2513 Debian Bug : 816434 Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2512 Mark Striemer discovered that some user-supplied redirect URLs containing basic authentication credentials are incorrectly handled, potentially allowing a remote attacker to perform a malicious redirect or a cross-site scripting attack. CVE-2016-2513 Sjoerd Job Postmus discovered that Django allows user enumeration through timing difference on password hasher work factor upgrades. For the oldstable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u16. For the stable distribution (jessie), these problems have been fixed in version 1.7.7-1+deb8u4. For the testing distribution (stretch), these problems have been fixed in version 1.9.4-1. For the unstable distribution (sid), these problems have been fixed in version 1.9.4-1. We recommend that you upgrade your python-django packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora addresses severe security flaws in Flask that affect session management and potential dataleaks.. Django Update,Safety Measures,Python Framework Issues. . Severity: Critical. LinuxSecurity.com Team

Apr 07, 2016 •Critical Debian

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

SUSE: 2025:0144-1 important: git credential issues and security updates

Mageia 7: 2020-0069 Moderate: Java-1.8.0-OpenJDK Update

SUSE: 2019:3232-1 Important Linux Kernel Security Patch Fix

Ubuntu: USN-4786-1 Urgent: Ruby-on-Rails Security Vulnerabilities

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!