Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 43 perl-libwww-perl Critical Credential Leakage Fix CVE-2026-8368

Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects (a different scheme, host, or port) to prevent credential leakage to the redirect target. Same-origin redirects retain. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3b48ba7dc7 2026-06-05 04:07:33.979902+00:00 -------------------------------------------------------------------------------- Name : perl-libwww-perl Product : Fedora 43 Version : 6.83 Release : 1.fc43 URL : https://metacpan.org/release/libwww-perl Summary : A Perl interface to the World-Wide Web Description : The libwww-perl collection is a set of Perl modules which provides a simple and consistent application programming interface to the World-Wide Web. The main focus of the library is to provide classes and functions that allow you to write WWW clients. The library also contain modules that are of more general use and even classes that help you implement simple HTTP servers. -------------------------------------------------------------------------------- Update Information: Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects (a different scheme, host, or port) to prevent credential leakage to the redirect target. Same-origin redirects retain credentials. Opt out with allow_credentialed_redirects => 1. CVE-2026-8368 reported by Kai Zen; PoC and initial patch by Stig Palmquist. - LWP::UserAgent now refuses https to http redirects by default to prevent leaking remaining request headers and bodies over plaintext. Opt in with allow_downgrade => 1. Related hardening alongside CVE-2026-8368; PoC by Stig Palmquist. -------------------------------------------------------------------------------- ChangeLog: * Tue May 19 2026 Michal Josef Špaček - 6.83-1 - 6.83bump -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3b48ba7dc7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Learn about critical updates in the perl-libwww-perl package for Fedora 43 to prevent credential leakage and enhance security.. Fedora 43 perl-libwww-perl updates, credential leakage prevention, security patch Fedora. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 05, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 44 perl-libwww-perl Critical Credentials Leak Fix CVE-2026-8368

Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects (a different scheme, host, or port) to prevent credential leakage to the redirect target. Same-origin redirects retain. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8d1333fb52 2026-05-31 00:55:16.967014+00:00 -------------------------------------------------------------------------------- Name : perl-libwww-perl Product : Fedora 44 Version : 6.83 Release : 1.fc44 URL : https://metacpan.org/release/libwww-perl Summary : A Perl interface to the World-Wide Web Description : The libwww-perl collection is a set of Perl modules which provides a simple and consistent application programming interface to the World-Wide Web. The main focus of the library is to provide classes and functions that allow you to write WWW clients. The library also contain modules that are of more general use and even classes that help you implement simple HTTP servers. -------------------------------------------------------------------------------- Update Information: Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects (a different scheme, host, or port) to prevent credential leakage to the redirect target. Same-origin redirects retain credentials. Opt out with allow_credentialed_redirects => 1. CVE-2026-8368 reported by Kai Zen; PoC and initial patch by Stig Palmquist. - LWP::UserAgent now refuses https to http redirects by default to prevent leaking remaining request headers and bodies over plaintext. Opt in with allow_downgrade => 1. Related hardening alongside CVE-2026-8368; PoC by Stig Palmquist. -------------------------------------------------------------------------------- ChangeLog: * Tue May 19 2026 Michal Josef \u0160pa\u010dek - 6.83-1 - 6.83bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #2476481 - perl-libwww-perl-6.83 is available https://bugzilla.redhat.com/show_bug.cgi?id=2476481 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8d1333fb52' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 44 on perl-libwww-perl enhances security by preventing credential leakage during redirects and reinforces HTTPS standards.. perl-libwww-perl Fedora critical update security http leak. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 31, 2026 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 44 libsoup3 Important Credential Leakage Patch CVE-2026-1539

Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-55dabf3975 2026-03-30 00:14:59.309220+00:00 -------------------------------------------------------------------------------- Name : libsoup3 Product : Fedora 44 Version : 3.6.6 Release : 6.fc44 URL : https://wiki.gnome.org/Projects/libsoup Summary : Soup, an HTTP library implementation Description : Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. -------------------------------------------------------------------------------- Update Information: Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 19 2026 Milan Crha - 3.6.6-6 - Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect) - Resolves: rhbz#2433867 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433867 - CVE-2026-1539 libsoup3: libsoup: Credential leakage via HTTP redirects [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2433867 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2026-55dabf3975' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Libsoup3 in Fedora 44 receives an important update for fixed CVE-2026-1539 against credential leakage in HTTP redirects.. Fedora 44, libsoup3, credential leakage, HTTP library, security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 30, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 43 libsoup3 Moderate Credential Leak Patch CVE-2026-1539

Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f029d04054 2026-03-21 00:54:25.948645+00:00 -------------------------------------------------------------------------------- Name : libsoup3 Product : Fedora 43 Version : 3.6.6 Release : 2.fc43 URL : https://wiki.gnome.org/Projects/libsoup Summary : Soup, an HTTP library implementation Description : Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. -------------------------------------------------------------------------------- Update Information: Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 19 2026 Milan Crha - 3.6.6-2 - Add patch for CVE-2026-1539 (Also remove Proxy-Authorization header on cross origin redirect) - Resolves: rhbz#2433867 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2433867 - CVE-2026-1539 libsoup3: libsoup: Credential leakage via HTTP redirects [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2433867 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2026-f029d04054' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update fixes CVE-2026-1539 in libsoup3 addressing credential leakage on HTTP redirects for Fedora 43 users.. libsoup3 update Fedora 43 CVE-2026-1539 credential leak. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 21, 2026 Important Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 42: Critical URI Leakage DoS Mitigation CVE-2025-61594 Update

Upgrade to Ruby 3.4.7. Fix URI Credential Leakage Bypass previous fixes. Resolves: CVE-2025-61594 Fix REXML denial of service. Resolves: rhbz#2396204. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5805ed7a8f 2025-11-12 01:12:56.764993+00:00 -------------------------------------------------------------------------------- Name : ruby Product : Fedora 42 Version : 3.4.7 Release : 26.fc42 URL : https://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- Update Information: Upgrade to Ruby 3.4.7. Fix URI Credential Leakage Bypass previous fixes. Resolves: CVE-2025-61594 Fix REXML denial of service. Resolves: rhbz#2396204 Resolves: CVE-2025-58767 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 31 2025 Jun Aruga - 3.4.7-26 - Upgrade to Ruby 3.4.7. - Fix URI Credential Leakage Bypass previous fixes. Resolves: CVE-2025-61594 - Fix REXML denial of service. Resolves: rhbz#2396204 Resolves: CVE-2025-58767 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2396204 - CVE-2025-58767 ruby: REXML denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2396204 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5805ed7a8f' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fix URI leakage and REXML DoS in Ruby for Fedora 42. See advisory for update instructions and details.. Ruby Update, Fedora Security Advisory, Credential Leakage Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 12, 2025 Important Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSuSE

SUSE Advisory 2025:02289-2 on Docker Credential Leakage & DOM Risks

* bsc#1239765 * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 . # Security update for docker Announcement ID: SUSE-SU-2025:02289-2 Release Date: 2025-07-16T15:48:13Z Rating: moderate References: * bsc#1239765 * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 * bsc#1244035 * jsc#PED-12534 * jsc#PED-8905 Cross-References: * CVE-2025-0495 * CVE-2025-22872 CVSS scores: * CVE-2025-0495 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-0495 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N * CVE-2025-0495 ( NVD ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Serverfor SAP Applications 15 SP5 An update that solves two vulnerabilities, contains two features and has four security fixes can now be installed. ## Description: This update for docker fixes the following issues: Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114): * CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765) * CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830). Other fixes: * Update to docker-buildx v0.22.0. * Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035). * Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534) * Now that the only blocker for docker-buildx support was removed for SLE-16, enable docker-buildx for SLE-16 as well. (jsc#PED-8905) * SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2289=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2289=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2289=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2289=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2289=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2289=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2289=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2289=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2289=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) *docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Enterprise Storage 7.1 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 *docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 *docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * docker-stable-24.0.9_ce-150000.1.22.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0495.html * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1239765 * https://bugzilla.suse.com/show_bug.cgi?id=1240150 * https://bugzilla.suse.com/show_bug.cgi?id=1241830 * https://bugzilla.suse.com/show_bug.cgi?id=1242114 * https://bugzilla.suse.com/show_bug.cgi?id=1243833 * https://bugzilla.suse.com/show_bug.cgi?id=1244035 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-12534&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-8905&page_caps=&user_role= . SUSE has published a security advisory announcing a moderate update for Docker that resolves concerns related to credential exposure and issues within the Document Object Model (DOM).. Docker Update, SUSE Security, Vulnerability Fix, Linux Administration, Threat Mitigation. . LinuxSecurity.com Team

Calendar 2 Jul 16, 2025 SuSE
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 11: DLA-4239-1 critical: thunderbird security issues

Multiple vulnerabilities have been fixed in the email, calendar and contacts client Thunderbird. CVE-2025-5986 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4239-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk July 11, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : thunderbird Version : 1:128.12.0esr-1~deb11u1 CVE ID : CVE-2025-5986 CVE-2025-6424 CVE-2025-6425 CVE-2025-6429 CVE-2025-6430 Multiple vulnerabilities have been fixed in the email, calendar and contacts client Thunderbird. CVE-2025-5986 Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links CVE-2025-6424 Use-after-free in FontFaceSet CVE-2025-6425 The WebCompat WebExtension shipped exposed a persistent UUID CVE-2025-6429 Incorrect parsing of URLs could have allowed embedding of youtube.com CVE-2025-6430 Content-Disposition header ignored when a file is included in an embed or object tag For Debian 11 bullseye, these problems have been fixed in version 1:128.12.0esr-1~deb11u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/thunderbird Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . To optimize your Thunderbird setup on Debian LTS and address the security flaws outlined in the advisory DLA-4239-1, follow these steps to ensure a robust and secure email experience.. Debian LTS, Thunderbird Security, Mail Client Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 Critical Debian LTS
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateOpenSUSE

openSUSE Security Update: 2025:02289-1 Addresses Docker Vulnerabilities

An update that solves two vulnerabilities, contains two features and has four security fixes can now be installed.. # Security update for docker Announcement ID: SUSE-SU-2025:02289-1 Release Date: 2025-07-11T11:13:10Z Rating: moderate References: * bsc#1239765 * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 * bsc#1244035 * jsc#PED-12534 * jsc#PED-8905 Cross-References: * CVE-2025-0495 * CVE-2025-22872 CVSS scores: * CVE-2025-0495 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-0495 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N * CVE-2025-0495 ( NVD ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP6 * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities, contains two features and has four security fixes can now be installed. ##Description: This update for docker fixes the following issues: Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114): * CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765) * CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830). Other fixes: * Update to docker-buildx v0.22.0. * Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035). * Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534) * Now that the only blocker for docker-buildx support was removed for SLE-16, enable docker-buildx for SLE-16 as well. (jsc#PED-8905) * SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2289=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2289=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2289=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2289=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2289=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2289=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2289=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2289=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-2289=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patchSUSE-SUSE-MicroOS-5.1-2025-2289=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2289=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2289=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-stable-24.0.9_ce-150000.1.22.1 * docker-28.2.2_ce-150000.227.1 * openSUSE Leap 15.6 (noarch) * docker-stable-rootless-extras-24.0.9_ce-150000.1.22.1 * docker-stable-zsh-completion-24.0.9_ce-150000.1.22.1 * docker-stable-fish-completion-24.0.9_ce-150000.1.22.1 * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * docker-fish-completion-28.2.2_ce-150000.227.1 * docker-zsh-completion-28.2.2_ce-150000.227.1 * docker-rootless-extras-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-debuginfo-28.2.2_ce-150000.227.1 *docker-stable-24.0.9_ce-150000.1.22.1 * docker-28.2.2_ce-150000.227.1 * Containers Module 15-SP6 (noarch) * docker-rootless-extras-28.2.2_ce-150000.227.1 * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * Containers Module 15-SP7 (noarch) * docker-rootless-extras-28.2.2_ce-150000.227.1 * docker-bash-completion-28.2.2_ce-150000.227.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.22.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-stable-debuginfo-24.0.9_ce-150000.1.22.1 * docker-stable-24.0.9_ce-150000.1.22.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * docker-debuginfo-28.2.2_ce-150000.227.1 * docker-28.2.2_ce-150000.227.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0495.html * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1239765 * https://bugzilla.suse.com/show_bug.cgi?id=1240150 * https://bugzilla.suse.com/show_bug.cgi?id=1241830 * https://bugzilla.suse.com/show_bug.cgi?id=1242114 * https://bugzilla.suse.com/show_bug.cgi?id=1243833 * https://bugzilla.suse.com/show_bug.cgi?id=1244035 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-12534&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-8905&page_caps=&user_role= . The recent update for Kubernetes addresses medium-risk flaws including credential leaks and issues with API response formatting.. openSUSE docker security, moderate security update, Linux package patch. . LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here