Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisoryremote accessimportantSUSE Linux Micro: 2025:20826-1 Kernel Livepatch Important Bug Fix
* bsc#1237048 * bsc#1240744 * bsc#1243650 * bsc#1245509 * bsc#1247315 . # Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Announcement ID: SUSE-SU-2025:20826-1 Release Date: 2025-10-07T15:38:32Z Rating: important References: * bsc#1237048 * bsc#1240744 * bsc#1243650 * bsc#1245509 * bsc#1247315 Cross-References: * CVE-2024-53168 * CVE-2025-21692 * CVE-2025-21791 * CVE-2025-38089 * CVE-2025-38477 CVSS scores: * CVE-2024-53168 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53168 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53168 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53168 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21791 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes thefollowing issues: * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048) * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744) * CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650) * CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509) * CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-141=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_4-debugsource-10-1.1 * kernel-livepatch-6_4_0-22-rt-debuginfo-10-1.1 * kernel-livepatch-6_4_0-22-rt-10-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53168.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21791.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://bugzilla.suse.com/show_bug.cgi?id=1237048 * https://bugzilla.suse.com/show_bug.cgi?id=1240744 * https://bugzilla.suse.com/show_bug.cgi?id=1243650 * https://bugzilla.suse.com/show_bug.cgi?id=1245509 * https://bugzilla.suse.com/show_bug.cgi?id=1247315 . Explore the SUSE kernel-livepatch-MICRO security update addressing multiple vulnerabilities, ensuring system integrity.. SUSE Linux Micro,kernel livepatch,security update,vulnerability management,system integrity. . Severity: Important. LinuxSecurity.com Team
Oct 14, 2025
•Important
SuSE
89
security advisorysoftware updateFedoraImportant Announcement: Critical Bug Fixes for Fedora 37 PHP 8.1.20
**PHP version 8.1.20** (08 Jun 2023) **Core:** * Fixed bug [GH-9068](https://github.com/php/php-src/issues/9068) (Conditional jump or move depends on uninitialised value(s)). (nielsdos) * Fixed bug [GH-11189](https://github.com/php/php-src/issues/11189) (Exceeding memory limit in zend_hash_do_resize leaves the array in an invalid state). (Bob) * Fixed bug. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-2b7eeaaee5 2023-06-16 02:13:40.625154 --------------------------------------------------------------------------------Name : php Product : Fedora 37 Version : 8.1.20 Release : 1.fc37 URL : https://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. --------------------------------------------------------------------------------Update Information: **PHP version 8.1.20** (08 Jun 2023) **Core:** * Fixed bug [GH-9068](https://github.com/php/php-src/issues/9068) (Conditional jump or move depends on uninitialised value(s)). (nielsdos) * Fixed bug [GH-11189](https://github.com/php/php-src/issues/11189) (Exceeding memory limit in zend_hash_do_resize leaves the array in an invalid state). (Bob) * Fixed bug [GH-11222](https://github.com/php/php-src/issues/11222) (foreach by-ref may jump over keys during a rehash). (Bob) **Date:** * Fixed bug [GH-11281](https://github.com/php/php-src/issues/11281) (DateTimeZone::getName() does not include seconds in offset). (nielsdos) **Exif:** * Fixed bug [GH-10834](https://github.com/php/php-src/issues/10834) (exif_read_data()cannot read smaller stream wrapper chunk sizes). (nielsdos) **FPM:** * Fixed bug [GH-10461](https://github.com/php/php-src/issues/10461) (PHP-FPM segfault due to after free usage of child-> ev_std(out|err)). (Jakub Zelenka) * Fixed bug php#64539 (FPM status page: query_string not properly JSON encoded). (Jakub Zelenka) * Fixed memory leak for invalid primary script file handle. (Jakub Zelenka) **Hash:** * Fixed bug [GH-11180](https://github.com/php/php-src/issues/11180) (hash_file() appears to be restricted to 3 arguments). (nielsdos) **LibXML:** * Fixed bug [GH-11160](https://github.com/php/php-src/issues/11160) (Few tests failed building with new libxml 2.11.0). (nielsdos) **Opcache:** * Fixed bug [GH-11134](https://github.com/php/php-src/issues/11134) (Incorrect match default branch optimization). (ilutov) * Fixed too wide OR and AND range inference. (nielsdos) * Fixed bug [GH-11245](https://github.com/php/php-src/issues/11245) (In some specific cases SWITCH with one default statement will cause segfault). (nielsdos) **PGSQL:** * Fixed parameter parsing of pg_lo_export(). (kocsismate) **Phar:** * Fixed bug [GH-11099](https://github.com/php/php-src/issues/11099) (Generating phar.php during cross-compile can't be done). (peter279k) **Soap:** * Fixed bug [GHSA-76gg-c692-v2mw](https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw) (Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP). (nielsdos, timwolla) * Fixed bug [GH-8426](https://github.com/php/php-src/issues/8426) (make test fail while soap extension build). (nielsdos) **SPL:** * Fixed bug [GH-11178](https://github.com/php/php-src/issues/11178) (Segmentation fault in spl_array_it_get_current_data (PHP 8.1.18)). (nielsdos) **Standard:** * Fixed bug [GH-11138](https://github.com/php/php-src/issues/11138) (move_uploaded_file() emits open_basedir warning for source file). (ilutov) * Fixed bug [GH-11274](https://github.com/php/php-src/issues/11274) (POST/PATCH requestswitches to GET after a HTTP 308 redirect). (nielsdos) **Streams:** * Fixed bug [GH-10031](https://github.com/php/php-src/issues/10031) ([Stream] STREAM_NOTIFY_PROGRESS over HTTP emitted irregularly for last chunk of data). (nielsdos) * Fixed bug [GH-11175](https://github.com/php/php-src/issues/11175) (Stream Socket Timeout). (nielsdos) * Fixed bug [GH-11177](https://github.com/php/php-src/issues/11177) (ASAN UndefinedBehaviorSanitizer when timeout = -1 passed to stream_socket_accept/stream_socket_client). (nielsdos) --------------------------------------------------------------------------------ChangeLog: * Wed Jun 7 2023 Remi Collet - 8.1.20-1 - Update to 8.1.20 - https://www.php.net/releases/8_1_20.php --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2b7eeaaee5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 16, 2023
•Important
Fedora
89
security advisorybuffer overflowFedoraFedora: FEDORA-2022-f204e1d0ed Critical: PHP Buffer Overflow
**PHP version 8.1.12** (27 Oct 2022) **Core:** * Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier) **Fileinfo:** * Fixed bug [GH-8805](https://github.com/php/php-src/issues/8805) (finfo returns wrong mime type for woff/woff2 files). (Anatol) **GD:** * Fixed bug php#81739: OOB read due to insufficient input validation in imageloadfont(). (**CVE-2022-31630**). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-f204e1d0ed 2022-11-10 22:04:44.634259 --------------------------------------------------------------------------------Name : php Product : Fedora 37 Version : 8.1.12 Release : 1.fc37 URL : https://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. --------------------------------------------------------------------------------Update Information: **PHP version 8.1.12** (27 Oct 2022) **Core:** * Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier) **Fileinfo:** * Fixed bug [GH-8805](https://github.com/php/php-src/issues/8805) (finfo returns wrong mime type for woff/woff2 files). (Anatol) **GD:** * Fixed bug php#81739: OOB read due to insufficient input validation in imageloadfont(). (**CVE-2022-31630**) (cmb) **Hash:** * Fixed bug php#81738: buffer overflow in hash_update() on long parameter. (**CVE-2022-37454**) (nicky at mouha dot be) **MBString:** -Fixed bug [GH-9683](https://github.com/php/php-src/issues/9683) (Problem when ISO-2022-JP-MS is specified in mb_ encode_mimeheader). (Alex Dowad) **Opcache:** * Added indirect call reduction for jit on x86 architectures. (wxue1) **Session:** * Fixed bug [GH-9583](https://github.com/php/php-src/issues/9583) (session_create_id() fails with user defined save handler that doesn't have a validateId() method). (Girgias) **Streams:** * Fixed bug [GH-9590](https://github.com/php/php-src/issues/9590) (stream_select does not abort upon exception or empty valid fd set). (Arnaud) ---- **PHP version 8.1.11** (29 Sep 2022) **Core:** * Fixed bug php#81726: phar wrapper: DOS when using quine gzip file. (**CVE-2022-31628**). (cmb) * Fixed bug php#81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. (**CVE-2022-31629**). (Derick) * Fixed bug [GH-9323](https://github.com/php/php-src/issues/9323) (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling) * Fixed bug [GH-9361](https://github.com/php/php-src/issues/9361) (Segmentation fault on script exit php#9379). (cmb, Christian Schneider) * Fixed bug [GH-9447](https://github.com/php/php-src/issues/9447) (Invalid class FQN emitted by AST dump for new and class constants in constant expressions). (ilutov) **DOM:** * Fixed bug php#79451 (DOMDocument-> replaceChild on doctype causes double free). (Nathan Freeman) **FPM:** * Fixed bug [GH-8885](https://github.com/php/php-src/issues/8885) (FPM access.log with stderr begins to write logs to error_log after daemon reload). (Dmitry Menshikov) * Fixed bug php#77780 ("Headers already sent..." when previous connection was aborted). (Jakub Zelenka) **GMP** * Fixed bug [GH-9308](https://github.com/php/php-src/issues/9308) (GMP throws the wrong error when a GMP object is passed to gmp_init()). (Girgias) **Intl** * Fixed bug [GH-9421](https://github.com/php/php-src/issues/9421) (Incorrect argument number for ValueError in NumberFormatter). (Girgias) **PCRE:** * Fixed pcre.jit on Apple Silicon. (Niklas Keller) **PDO_PGSQL:** * Fixed bug [GH-9411](https://github.com/php/php-src/issues/9411) (PgSQL largeobject resource is incorrectly closed). (Yurunsoft) **Reflection:** * Fixed bug [GH-8932](https://github.com/php/php-src/issues/8932) (ReflectionFunction provides no way to get the called class of a Closure). (cmb, Nicolas Grekas) **Streams:** * Fixed bug [GH-9316](https://github.com/php/php-src/issues/9316) ($http_response_header is wrong for long status line). (cmb, timwolla) --------------------------------------------------------------------------------ChangeLog: * Wed Oct 26 2022 Remi Collet - 8.1.12-1 - Update to 8.1.12 - https://www.php.net/releases/8_1_12.php * Wed Sep 28 2022 Remi Collet - 8.1.11-1 - Update to 8.1.11 - https://www.php.net/releases/8_1_11.php --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-f204e1d0ed' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 10, 2022
•Critical
Fedora
100
security advisorysoftware patchDoSSUSE: 2022:3654-1 Important: Amazon SSM Agent Critical Bug Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for amazon-ssm-agent ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3654-1 Rating: important References: #1196556 Cross-References: CVE-2022-29527 CVSS scores: CVE-2022-29527 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-29527 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for amazon-ssm-agent fixes the following issues: - Update to version 3.1.1260.0 - CVE-2022-29527: Fixed a bug which creates world-writable sudoers file during runtime. (bsc#1196556) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2022-3654=1 Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (aarch64 x86_64): amazon-ssm-agent-3.1.1260.0-4.27.2 References: https://www.suse.com/security/cve/CVE-2022-29527.html https://bugzilla.suse.com/1196556 . SUSE Security Patch for amazon-ssm-agent mitigates CVE-2022-29527. Apply promptly to resolve vulnerabilities efficiently.. SUSE Security Update, Amazon SSM Agent, Critical Bug Fix, Important Update, Software Patch. . Severity: Important. LinuxSecurity.com Team
Oct 19, 2022
•Important
SuSE
98
security advisoryprivilege escalationDoSRHEL 7 RHSA-2018:1524-01 Important: Virtualization Host Bug Fix Offense
Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now available. 2. Relevant releases/architectures: RHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: redhat-virtualization-host bug fix and enhancement update Advisory ID: RHSA-2018:1524-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2018:1524 Issue date: 2018-05-15 CVE Names: CVE-2018-1087 CVE-2018-1088 CVE-2018-1111 CVE-2018-8897 ==================================================================== 1. Summary: Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now available. 2. Relevant releases/architectures: RHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 7 - noarch 3. Description: The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897. A list of bugs fixed in this update is available in the Technical Notes book: ml/technical_notes/ 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/2974891 5. Bugs fixed(https://bugzilla.redhat.com/): 1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot 1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning 1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default 1422676 - [Test Only] Test Ansible playbook for registration 1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version} 1433394 - kdump could fill up /var filesystem while writing to /var/crash 1443965 - Libvirt is disabled on RHVH host 1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation 1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released 1489567 - Host Software tab does not show exact RHVH version anymore 1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2 1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest. 1503148 - [RFE] translate between basic ntp configurations and chrony configurations 1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete 1534855 - RHVH brand is missing on cockpit login screen. 1535791 - Upgrading node brings back previous hosted-engine configuration 1542833 - oVirt Node upgrade fails if SELINUX is disabled 1547864 - There is error report when upgrade to rhvh-4.1-20180218.0 / rhvh-4.2-20180218.0 1549630 - NGN upgrade should fail if it finds a badly placed local storage domain 1554186 - RHVH 4.2.2 version info is incorrect 1555243 - Consume updated cockpit-storaged packages 1555254 - "systemctl status lldpad.service" failed 1558721 - CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled 1561258 - grub2-mkconfig on node produce incorrect grub2.cfg if a local VG is present 1563530 - Include wrong kernel in redhat-virtualization-host-4.1-20180403.1 1565497 - Imgbase check FAILED inredhat-virtualization-host-4.2-20180409.1 1566837 - CVE-2018-1087 Kernel: KVM: error in exception handling leads to wrong debug stack value 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS 1567974 - CVE-2018-1111 dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script 1571134 - RHVH 4.2.3 version info is incorrect 6. Package List: Red Hat Virtualization 4 Hypervisor for RHEL 7: Source: redhat-virtualization-host-4.2-20180508.0.el7_5.src.rpm noarch: redhat-virtualization-host-image-update-4.2-20180508.0.el7_5.noarch.rpm RHEL 7-based RHEV-H for RHEV 4 (build requirements): Source: imgbased-1.0.16-0.1.el7ev.src.rpm ovirt-node-ng-4.2.0-0.20170814.0.el7.src.rpm redhat-release-virtualization-host-4.2-3.0.el7.src.rpm noarch: imgbased-1.0.16-0.1.el7ev.noarch.rpm ovirt-node-ng-nodectl-4.2.0-0.20170814.0.el7.noarch.rpm python-imgbased-1.0.16-0.1.el7ev.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.2-3.0.el7.noarch.rpm x86_64: redhat-release-virtualization-host-4.2-3.0.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-1087 https://access.redhat.com/security/cve/CVE-2018-1088 https://access.redhat.com/security/cve/CVE-2018-1111 https://access.redhat.com/security/cve/CVE-2018-8897 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBWvscLtzjgjWX9erEAQjjaw//ehQRiif4jLIKBvm16rBd2g8KnLdMbwKT 3nqEQ8CeRxGqh5zxmDamu1AYXVc7QoW1e/2Q2ZqQsjTLTxaITrSNALUV+mENOgt7 dMPnJ3W1AZNI1/fw3kclCA5+918IjXUR5pUrKzCA0dYs8rtD0uYDteUwEQT2Wgpp pkAtdfXNRgMY8l5RVk/vg6RCoJkKddN4ZYMwBz/c2ea9TBIcToI2QqTEI1UiRhHc +Yt85PV4VmTk6EPmlYxOG0YCNoeTUHliTdwBUQAZAia2uvFBelmPgdD8xiun7cb/ O+qaPGsSvAmGhdT8sSf6J9EkZ27RuMek07JyQfr263gW1s8TL6ccawiq91wbWiCE TR7W3AsSag0BSb3fvtCpKLvjONUmahU3J22wJLwuQI9ukxhJ23FPwrjrcd5mRnbd gI1aYerG/PZ/Q7112y48sL1JUBXng9SwuJwgK8zOfpAMYQSylNrcmy45Dq8S0nDj qVqLQTX5DlUuXS/7eY3Mtl03CF4N453cUW9h7R5rTDFoeh39rVOXK9GElBC0mS4a l0ixatGb63WZaS9roizwPgdU6b3PbGLQp1lzye+dnjOwtH72qFmk/KBWEalBBb0D c73ZAUCLdJ7pmXxB+4dQCpeHNdIKYqVv3RthzBXRpmEOJsYg+53kw47fV6iXCYrJ 7DQFY5NrRms=CE0W -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 15, 2018
•Important
Red Hat
89
security advisoryFedoraupdate informationFedora 28: FEDORA-2018-5926c0ffc8 Critical: Kernel Bug Fix
The v4.16.4 update contains fixes across the tree. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-5926c0ffc8 2018-04-27 23:05:32.368127 --------------------------------------------------------------------------------Name : kernel Product : Fedora 28 Version : 4.16.4 Release : 300.fc28 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package --------------------------------------------------------------------------------Update Information: The v4.16.4 update contains fixes across the tree --------------------------------------------------------------------------------ChangeLog: * Tue Apr 24 2018 Jeremy Cline - 4.16.4-300 - Linux v4.16.4 - Fix a regression in backlight interfaces for some laptops (rhbz 1571036) --------------------------------------------------------------------------------References: [ 1 ] Bug #1567306 - CVE-2018-1108 kernel: drivers: getrandom(2) unblocks too early after system boot https://bugzilla.redhat.com/show_bug.cgi?id=1567306 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-5926c0ffc8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Apr 27, 2018
•Critical
Fedora
89
security advisorysubversionsoftware updateFedora Core 3: 2005-307 Critical: Subversion 1.1.4 Bug Fixes
This update includes the latest release of Subversion 1.1, including a number of bug fixes.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-307 2005-04-06 ---------------------------------------------------------------------Product : Fedora Core 3 Name : subversion Version : 1.1.4 =20 Release : 1.1 =20 Summary : Modern Version Control System designed to replace CVS Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS. ---------------------------------------------------------------------Update Information: This update includes the latest release of Subversion 1.1, including a number of bug fixes. ---------------------------------------------------------------------* Tue Apr 5 2005 Joe Orton 1.1.4-1.1 - update to 1.1.4 ---------------------------------------------------------------------This update can be downloaded from: 7ffd158256a164b2b59fde07972fa395 SRPMS/subversion-1.1.4-1.1.src.rpm 507bf9503748d76252d6c02093554d76 x86_64/subversion-1.1.4-1.1.x86_64.rpm a0284d228d417d0b4213ad91baa3e7af x86_64/subversion-devel-1.1.4-1.1.x86_64.rpm 38b06f94d6b84251f6b0f98713a77492 x86_64/mod_dav_svn-1.1.4-1.1.x86_64.rpm 680cd64b43ac07b6c0c516eaa2c44e36 x86_64/subversion-perl-1.1.4-1.1.x86_64.rpm bea80c9b19ae11f5e0c4da69fcbfa493 x86_64/debug/subversion-debuginfo-1.1.4-1.1.x86_64.rpm 22c808058dd568b6d6b10ba1e7e9e234 i386/subversion-1.1.4-1.1.i386.rpm 5b920e50f46decdb9ebc7538063d9820 i386/subversion-devel-1.1.4-1.1.i386.rpm d20ea9c886833936c689a74c29f50b83 i386/mod_dav_svn-1.1.4-1.1.i386.rpm 71ec34a8f433edfce8ed00a08b09100c i386/subversion-perl-1.1.4-1.1.i386.rpm 0dcfc9a62d6fe50c93f7e2b45d504891 i386/debug/subversion-debuginfo-1.1.4-1.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. =20 -----------------------------------------------------------------------G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCVCjyR/aWnQ5EzwwRAnjiAJ4k498SwbTyVjR+9MfekBVKKO2G1ACgq9F+ DMwf6AC3SovjMkRPtz6nLBE=DTBe -----END PGP SIGNATURE-------G4iJoqBmSsgzjUCe-- --===============0889388894=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --fedora-announce-list mailing list
Apr 06, 2005
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!