Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryprivilege escalationUbuntu

Ubuntu 20.04 18.04 Linux Kernel Key Privilege Escalation Update USN-8280-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8280-1 May 19, 2026 linux, linux-aws, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-fips: Linux kernel with FIPS - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems - linux-ibm-5.4: Linux kernel for IBM cloud systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems Details: It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Packet sockets; - TLS protocol; (CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,CVE-2026-43077, CVE-2026-43078) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1077-xilinx-zynqmp 5.4.0-1077.81 Available with Ubuntu Pro linux-image-5.4.0-1105-ibm 5.4.0-1105.110 Available with Ubuntu Pro linux-image-5.4.0-1118-bluefield 5.4.0-1118.125 Available with Ubuntu Pro linux-image-5.4.0-1133-fips 5.4.0-1133.143 Available with Ubuntu Pro linux-image-5.4.0-1146-kvm 5.4.0-1146.155 Available with Ubuntu Pro linux-image-5.4.0-1157-oracle 5.4.0-1157.167 Available with Ubuntu Pro linux-image-5.4.0-1159-aws 5.4.0-1159.169 Available with Ubuntu Pro linux-image-5.4.0-1159-aws-fips 5.4.0-1159.169+fips1 Available with Ubuntu Pro linux-image-5.4.0-1162-gcp 5.4.0-1162.171 Available with Ubuntu Pro linux-image-5.4.0-1162-gcp-fips 5.4.0-1162.171+fips1 Available with Ubuntu Pro linux-image-5.4.0-230-generic 5.4.0-230.250 Available with Ubuntu Pro linux-image-5.4.0-230-generic-lpae 5.4.0-230.250 Available with Ubuntu Pro linux-image-5.4.0-230-lowlatency 5.4.0-230.250 Available with Ubuntu Pro linux-image-aws-5.4 5.4.0.1159.156 Available with Ubuntu Pro linux-image-aws-fips 5.4.0.1159.106 Available with Ubuntu Pro linux-image-aws-fips-5.4 5.4.0.1159.106 Available with Ubuntu Pro linux-image-aws-lts-20.04 5.4.0.1159.156 Available with Ubuntu Pro linux-image-bluefield 5.4.0.1118.114 Available with Ubuntu Pro linux-image-bluefield-5.4 5.4.0.1118.114 Available with Ubuntu Pro linux-image-fips 5.4.0.1133.130 Available with Ubuntu Pro linux-image-fips-5.4 5.4.0.1133.130 Available with Ubuntu Pro linux-image-gcp-5.4 5.4.0.1162.164 Available with Ubuntu Pro linux-image-gcp-fips 5.4.0.1162.104 Available with Ubuntu Pro linux-image-gcp-fips-5.4 5.4.0.1162.104 Available with Ubuntu Pro linux-image-gcp-lts-20.04 5.4.0.1162.164 Available with Ubuntu Pro linux-image-generic 5.4.0.230.222 Available with Ubuntu Pro linux-image-generic-5.4 5.4.0.230.222 Available with Ubuntu Pro linux-image-generic-lpae 5.4.0.230.222 Available with Ubuntu Pro linux-image-generic-lpae-5.4 5.4.0.230.222 Available with Ubuntu Pro linux-image-ibm-5.4 5.4.0.1105.134 Available with Ubuntu Pro linux-image-ibm-lts-20.04 5.4.0.1105.134 Available with Ubuntu Pro linux-image-kvm 5.4.0.1146.142 Available with Ubuntu Pro linux-image-kvm-5.4 5.4.0.1146.142 Available with Ubuntu Pro linux-image-lowlatency 5.4.0.230.222 Available with Ubuntu Pro linux-image-lowlatency-5.4 5.4.0.230.222 Available with Ubuntu Pro linux-image-oem 5.4.0.230.222 Available with Ubuntu Pro linux-image-oem-osp1 5.4.0.230.222 Available with Ubuntu Pro linux-image-oracle-5.4 5.4.0.1157.151 Available with Ubuntu Pro linux-image-oracle-lts-20.04 5.4.0.1157.151 Available with Ubuntu Pro linux-image-virtual 5.4.0.230.222 Available with Ubuntu Pro linux-image-virtual-5.4 5.4.0.230.222 Available with Ubuntu Pro linux-image-xilinx-zynqmp 5.4.0.1077.77 Available with Ubuntu Pro linux-image-xilinx-zynqmp-5.4 5.4.0.1077.77 Available with Ubuntu Pro Ubuntu 18.04 LTS linux-image-5.4.0-1105-ibm 5.4.0-1105.110~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1157-oracle 5.4.0-1157.167~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1162-gcp 5.4.0-1162.171~18.04.1 Available with Ubuntu Pro linux-image-gcp 5.4.0.1162.171~18.04.1 Available with Ubuntu Pro linux-image-gcp-5.4 5.4.0.1162.171~18.04.1 Available with Ubuntu Pro linux-image-ibm 5.4.0.1105.110~18.04.1 Available with Ubuntu Pro linux-image-ibm-5.4 5.4.0.1105.110~18.04.1 Available with Ubuntu Pro linux-image-oracle 5.4.0.1157.167~18.04.1 Available with Ubuntu Pro linux-image-oracle-5.4 5.4.0.1157.167~18.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessarychanges. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8280-1 CVE-2026-31431, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078 . Several security issues fixed in the Ubuntu Linux kernel, affecting LTS versions with critical updates recommended.. Ubuntu Linux, Kernel Security, Privilege Escalation, Security Flaws. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 19, 2026 Important Ubuntu
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatebug fix

Red Hat Enterprise Linux 8 RHSA-2020:3280-01 Moderate: NSS and NSPR Fix

An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: nss and nspr security, bug fix, and enhancement update Advisory ID: RHSA-2020:3280-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3280 Issue date: 2020-08-03 CVE Names: CVE-2019-11756 CVE-2019-17006 CVE-2019-17023 CVE-2020-12402 ==================================================================== 1. Summary: An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550) Security Fix(es): * nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: TLS 1.3HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Install of update of nss.x86_64 adds i686 into transaction (BZ#1663187) * NSS does not set downgrade sentinel in ServerHello.random for TLS 1.0 and TLS 1.1 (BZ#1691409) * TLS Keying Material Exporter is unsupported by command line tools (BZ#1691454) * TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible (BZ#1711375) * Make TLS 1.3 work in FIPS mode (BZ#1724250) * NSS rejects records with large padding with SHA384 HMAC (BZ#1750921) * NSS missing IKEv1 Quick Mode KDF (BZ#1809637) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (BZ#1825270) * FIPS needs nss to restrict valid dh primes to those primes that are approved. (BZ#1854564) * nss needs to comply to the new SP800-56A rev 3 requirements (BZ#1855825) Enhancement(s): * [RFE] nss should use AES for storage of keys (BZ#1723819) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. After installing this update, applications using NSPR (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1663187 - Install of update of nss.x86_64 adds i686 into transaction 1691454 - TLS Keying Material Exporter is unsupported by command line tools 1711375 - TLS_AES_256_GCM_SHA384 is not marked as FIPS compatible 1724250 - Make TLS 1.3 work in FIPS mode [rhel-8] 1750921 - NSS rejects records with large padding with SHA384 HMAC 1774835 - CVE-2019-11756 nss: UAF in sftk_FreeSession due to improper refcounting 1775916 - CVE-2019-17006 nss:Check length of inputs for cryptographic primitives 1791225 - CVE-2019-17023 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state 1809637 - NSS missing IKEv1 Quick Mode KDF 1825270 - Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name 1826231 - CVE-2020-12402 nss: Side channel vulnerabilities during RSA key generation 1854564 - FIPS needs nss to restrict valid dh primes to those primes that are approved. [rhel-8.2.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: nspr-4.25.0-2.el8_2.src.rpm nss-3.53.1-11.el8_2.src.rpm aarch64: nspr-4.25.0-2.el8_2.aarch64.rpm nspr-debuginfo-4.25.0-2.el8_2.aarch64.rpm nspr-debugsource-4.25.0-2.el8_2.aarch64.rpm nspr-devel-4.25.0-2.el8_2.aarch64.rpm nss-3.53.1-11.el8_2.aarch64.rpm nss-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-debugsource-3.53.1-11.el8_2.aarch64.rpm nss-devel-3.53.1-11.el8_2.aarch64.rpm nss-softokn-3.53.1-11.el8_2.aarch64.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-softokn-devel-3.53.1-11.el8_2.aarch64.rpm nss-softokn-freebl-3.53.1-11.el8_2.aarch64.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.aarch64.rpm nss-sysinit-3.53.1-11.el8_2.aarch64.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-tools-3.53.1-11.el8_2.aarch64.rpm nss-tools-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-util-3.53.1-11.el8_2.aarch64.rpm nss-util-debuginfo-3.53.1-11.el8_2.aarch64.rpm nss-util-devel-3.53.1-11.el8_2.aarch64.rpm ppc64le: nspr-4.25.0-2.el8_2.ppc64le.rpm nspr-debuginfo-4.25.0-2.el8_2.ppc64le.rpm nspr-debugsource-4.25.0-2.el8_2.ppc64le.rpm nspr-devel-4.25.0-2.el8_2.ppc64le.rpm nss-3.53.1-11.el8_2.ppc64le.rpm nss-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-debugsource-3.53.1-11.el8_2.ppc64le.rpm nss-devel-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-devel-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-freebl-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.ppc64le.rpm nss-sysinit-3.53.1-11.el8_2.ppc64le.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-tools-3.53.1-11.el8_2.ppc64le.rpm nss-tools-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-util-3.53.1-11.el8_2.ppc64le.rpm nss-util-debuginfo-3.53.1-11.el8_2.ppc64le.rpm nss-util-devel-3.53.1-11.el8_2.ppc64le.rpm s390x: nspr-4.25.0-2.el8_2.s390x.rpm nspr-debuginfo-4.25.0-2.el8_2.s390x.rpm nspr-debugsource-4.25.0-2.el8_2.s390x.rpm nspr-devel-4.25.0-2.el8_2.s390x.rpm nss-3.53.1-11.el8_2.s390x.rpm nss-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-debugsource-3.53.1-11.el8_2.s390x.rpm nss-devel-3.53.1-11.el8_2.s390x.rpm nss-softokn-3.53.1-11.el8_2.s390x.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-softokn-devel-3.53.1-11.el8_2.s390x.rpm nss-softokn-freebl-3.53.1-11.el8_2.s390x.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.s390x.rpm nss-sysinit-3.53.1-11.el8_2.s390x.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-tools-3.53.1-11.el8_2.s390x.rpm nss-tools-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-util-3.53.1-11.el8_2.s390x.rpm nss-util-debuginfo-3.53.1-11.el8_2.s390x.rpm nss-util-devel-3.53.1-11.el8_2.s390x.rpm x86_64: nspr-4.25.0-2.el8_2.i686.rpm nspr-4.25.0-2.el8_2.x86_64.rpm nspr-debuginfo-4.25.0-2.el8_2.i686.rpm nspr-debuginfo-4.25.0-2.el8_2.x86_64.rpm nspr-debugsource-4.25.0-2.el8_2.i686.rpm nspr-debugsource-4.25.0-2.el8_2.x86_64.rpm nspr-devel-4.25.0-2.el8_2.i686.rpm nspr-devel-4.25.0-2.el8_2.x86_64.rpm nss-3.53.1-11.el8_2.i686.rpm nss-3.53.1-11.el8_2.x86_64.rpm nss-debuginfo-3.53.1-11.el8_2.i686.rpm nss-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-debugsource-3.53.1-11.el8_2.i686.rpm nss-debugsource-3.53.1-11.el8_2.x86_64.rpm nss-devel-3.53.1-11.el8_2.i686.rpm nss-devel-3.53.1-11.el8_2.x86_64.rpm nss-softokn-3.53.1-11.el8_2.i686.rpm nss-softokn-3.53.1-11.el8_2.x86_64.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.i686.rpm nss-softokn-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-softokn-devel-3.53.1-11.el8_2.i686.rpm nss-softokn-devel-3.53.1-11.el8_2.x86_64.rpm nss-softokn-freebl-3.53.1-11.el8_2.i686.rpm nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.i686.rpm nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.i686.rpm nss-softokn-freebl-devel-3.53.1-11.el8_2.x86_64.rpm nss-sysinit-3.53.1-11.el8_2.x86_64.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.i686.rpm nss-sysinit-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-tools-3.53.1-11.el8_2.x86_64.rpm nss-tools-debuginfo-3.53.1-11.el8_2.i686.rpm nss-tools-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-util-3.53.1-11.el8_2.i686.rpm nss-util-3.53.1-11.el8_2.x86_64.rpm nss-util-debuginfo-3.53.1-11.el8_2.i686.rpm nss-util-debuginfo-3.53.1-11.el8_2.x86_64.rpm nss-util-devel-3.53.1-11.el8_2.i686.rpm nss-util-devel-3.53.1-11.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-11756 https://access.redhat.com/security/cve/CVE-2019-17006 https://access.redhat.com/security/cve/CVE-2019-17023 https://access.redhat.com/security/cve/CVE-2020-12402 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXygK2tzjgjWX9erEAQh0Aw/+LaczkzsxBl+tYKZywwODehAp/M3l8/jt fB2SDHzLAHWCW8rs6S0c9Xu2Bgny8JnCh3sqHHZU3FfUjc7sb1OXhLrBNpLBcuqi lEsVxW1DTDggVG+L6NPCttadHFiPofFW6uVAJe0PaZzsMxHwXCxL+YJriAIzt0vf /dTUEUPVo1erv/DjfI3jycgKwmgeVpsZEcame/vD0gcSx3nBvdjFsCpSU9lddcp4 ziKp5Dh/nHF50ARggt4xQcU5q6g6Zpd7qlp3NeWOZCPk/HidlVPO3ertrhcM4BzZ abND+jg3cPAu+drzlb0qhxDxrXLmGpK6JxcieMcj4Uqw117IxrSfep9AtFol7tjb it81cjQh8MOHxHisBMeiY9LM6Cqu6dED+CKynaBKSVJIjko0nzlzst0vVDAsvxB4 qQFD5kWJ47jEkH2E8sFIS2IU4+yASHiWi8D+ybZjz4uiQG3CtYgE7YTbowoE/Ecw bFigQXNmjj6np61h1Y7zMsZt2VRp4nQfk0tbmLgcdS/eRKBzs7nr0NfvTo/vWvQT /wRkDSf2DuoPgFYGIIc2OaMt3OCBZJsVWSIusmS3PmUglVIhHbbA5XacMLwJxzuz oHp62/RF0+yVfSQFggjn6lWqxqMCTvXbczH6yDSelxx6+4CLi88jjLh7ujr7mmnV WWt+Qo5f7BI=oabi -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A new version for nss and nspr has been released, classified as Moderate for Red Hat Enterprise Linux 8, which includes various security enhancements and bug resolutions.. nss Update, nspr Security,Red Hat Advisory, Linux Bug Fix, Moderate Security. . LinuxSecurity.com Team

Calendar 2 Aug 03, 2020 Red Hat
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatecryptographic issues

SUSE: 2019:3395-1 Moderate: Mozilla-NSPR and Mozilla-NSS Security Update

An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for mozilla-nspr, mozilla-nss ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:3395-1 Rating: moderate References: #1141322 #1158527 #1159819 Cross-References: CVE-2018-18508 CVE-2019-11745 CVE-2019-17006 Affected Products: SUSE Linux Enterprise Module for Server Applications 15-SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Basesystem 15-SP1 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). - CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527). - CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322). mozilla-nspr was updated to version 4.23: - Whitespace in C files was cleaned up and no longer uses tab characters for indenting. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15-SP1: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2019-3395=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3395=1 - SUSE LinuxEnterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2019-3395=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-3395=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15-SP1 (aarch64 ppc64le s390x x86_64): libfreebl3-hmac-3.47.1-3.22.1 libsoftokn3-hmac-3.47.1-3.22.1 mozilla-nss-debuginfo-3.47.1-3.22.1 mozilla-nss-debugsource-3.47.1-3.22.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (x86_64): libfreebl3-hmac-32bit-3.47.1-3.22.1 libsoftokn3-hmac-32bit-3.47.1-3.22.1 mozilla-nss-32bit-debuginfo-3.47.1-3.22.1 mozilla-nss-debugsource-3.47.1-3.22.1 mozilla-nss-sysinit-32bit-3.47.1-3.22.1 mozilla-nss-sysinit-32bit-debuginfo-3.47.1-3.22.1 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): libfreebl3-3.47.1-3.22.1 libfreebl3-debuginfo-3.47.1-3.22.1 libsoftokn3-3.47.1-3.22.1 libsoftokn3-debuginfo-3.47.1-3.22.1 mozilla-nspr-4.23-3.9.1 mozilla-nspr-debuginfo-4.23-3.9.1 mozilla-nspr-debugsource-4.23-3.9.1 mozilla-nspr-devel-4.23-3.9.1 mozilla-nss-3.47.1-3.22.1 mozilla-nss-certs-3.47.1-3.22.1 mozilla-nss-certs-debuginfo-3.47.1-3.22.1 mozilla-nss-debuginfo-3.47.1-3.22.1 mozilla-nss-debugsource-3.47.1-3.22.1 mozilla-nss-devel-3.47.1-3.22.1 mozilla-nss-sysinit-3.47.1-3.22.1 mozilla-nss-sysinit-debuginfo-3.47.1-3.22.1 mozilla-nss-tools-3.47.1-3.22.1 mozilla-nss-tools-debuginfo-3.47.1-3.22.1 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64): libfreebl3-32bit-3.47.1-3.22.1 libfreebl3-32bit-debuginfo-3.47.1-3.22.1 libsoftokn3-32bit-3.47.1-3.22.1 libsoftokn3-32bit-debuginfo-3.47.1-3.22.1 mozilla-nspr-32bit-4.23-3.9.1 mozilla-nspr-32bit-debuginfo-4.23-3.9.1 mozilla-nss-32bit-3.47.1-3.22.1 mozilla-nss-32bit-debuginfo-3.47.1-3.22.1 mozilla-nss-certs-32bit-3.47.1-3.22.1 mozilla-nss-certs-32bit-debuginfo-3.47.1-3.22.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): libfreebl3-3.47.1-3.22.1 libfreebl3-debuginfo-3.47.1-3.22.1 libfreebl3-hmac-3.47.1-3.22.1 libsoftokn3-3.47.1-3.22.1 libsoftokn3-debuginfo-3.47.1-3.22.1 libsoftokn3-hmac-3.47.1-3.22.1 mozilla-nspr-4.23-3.9.1 mozilla-nspr-debuginfo-4.23-3.9.1 mozilla-nspr-debugsource-4.23-3.9.1 mozilla-nspr-devel-4.23-3.9.1 mozilla-nss-3.47.1-3.22.1 mozilla-nss-certs-3.47.1-3.22.1 mozilla-nss-certs-debuginfo-3.47.1-3.22.1 mozilla-nss-debuginfo-3.47.1-3.22.1 mozilla-nss-debugsource-3.47.1-3.22.1 mozilla-nss-devel-3.47.1-3.22.1 mozilla-nss-sysinit-3.47.1-3.22.1 mozilla-nss-sysinit-debuginfo-3.47.1-3.22.1 mozilla-nss-tools-3.47.1-3.22.1 mozilla-nss-tools-debuginfo-3.47.1-3.22.1 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): libfreebl3-32bit-3.47.1-3.22.1 libfreebl3-32bit-debuginfo-3.47.1-3.22.1 libfreebl3-hmac-32bit-3.47.1-3.22.1 libsoftokn3-32bit-3.47.1-3.22.1 libsoftokn3-32bit-debuginfo-3.47.1-3.22.1 libsoftokn3-hmac-32bit-3.47.1-3.22.1 mozilla-nspr-32bit-4.23-3.9.1 mozilla-nspr-32bit-debuginfo-4.23-3.9.1 mozilla-nss-32bit-3.47.1-3.22.1 mozilla-nss-32bit-debuginfo-3.47.1-3.22.1 mozilla-nss-certs-32bit-3.47.1-3.22.1 mozilla-nss-certs-32bit-debuginfo-3.47.1-3.22.1 References: https://www.suse.com/security/cve/CVE-2018-18508.html https://www.suse.com/security/cve/CVE-2019-11745.html https://www.suse.com/security/cve/CVE-2019-17006.html https://bugzilla.suse.com/1141322 https://bugzilla.suse.com/1158527 https://bugzilla.suse.com/1159819 _______________________________________________ sle-security-updates mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Patch for Mozilla-NSPR and Mozilla-NSS remediate several concerns rated as moderately impactful.. SUSE Security Update, Mozilla-NSS, Mozilla-NSPR, Encryption Issues, Security Fixes. . LinuxSecurity.com Team

Calendar 2 Dec 30, 2019 SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote attack

Debian Lenny DSA-2123-1 Critical: NSS Remote Risk Advisory

Several vulnerabilities have been discovered in Mozilla's Network Security Services (NSS) library. The Common Vulnerabilities and Exposures project identifies the following problems: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2123-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer November 01, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : nss Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2010-3170 CVE-2010-3173 Several vulnerabilities have been discovered in Mozilla's Network Security Services (NSS) library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3170 NSS recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. CVE-2010-3173 NSS does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. For the stable distribution (lenny), these problems have been fixed in version 3.12.3.1-0lenny2. For the unstable distribution (sid) and the upcoming stable distribution (squeeze), these problems have been fixed in version 3.12.8-1. We recommend that you upgrade your NSS packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will installcorrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Source archives: Size/MD5 checksum: 1394 908a5e77c32e84069883a3cfb836eb24 Size/MD5 checksum: 53696 3d064b2d08ccc6a8ae11e1771379f1c7 Size/MD5 checksum: 5320607 750839c9c018a0984fd94f7a9cc3dd7f alpha architecture (DEC Alpha) Size/MD5 checksum: 273438 6a97ce0db5683e1b87c2a3debd4f0a2f Size/MD5 checksum: 3049536 4eaec5fabcab56b1fe06c2d6e0fa8574 Size/MD5 checksum: 342354 6bb6d7334e986265f9a1f6f0d6778d98 Size/MD5 checksum: 1207870 d84910b4354cdb1796dd3d5787cdcee8 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 3101238 6350cb985ded4fbc6fb4c65127f586da Size/MD5 checksum: 320840 7cc70e973254a99a76834a7febbadc67 Size/MD5 checksum: 1071354 1fb1921a73e16bfd2a4dc6925bdb8a7e Size/MD5 checksum: 262634 799e5eb80cf076fe34c9643b8078bb43 arm architecture (ARM) Size/MD5 checksum: 254618 0d553164d3d303e096efbac3ab2dcabe Size/MD5 checksum: 309000 edc68fa74a8b939293ca23f7aa3a6efd Size/MD5 checksum: 1011704 9b9e1459b833922e31510cefab0594c0 Size/MD5 checksum: 2901632 4ad15a531cdf51ef146f3337148a71d2 armel architecture (ARM EABI) Size/MD5 checksum: 2924760 f06d340c4aa9f4044d5a00df6617e624 Size/MD5 checksum: 1017348 3f72c2cb4d1d39d0fed98acd9d4409c3 Size/MD5 checksum: 308638 f81fb9ba70eb3e5b8f3117dba5c18a6b Size/MD5 checksum: 258562 2b0b270a34ce0bfa9b8d7589782a820d hppa architecture (HP PA RISC) Size/MD5 checksum: 262180 5bb31fdc16b4883f42f3d9a8db31b478 Size/MD5 checksum: 347268 025014303d4e266c8b3e7260022624e7 Size/MD5 checksum: 2946180 aff9d6ce1e1fefe47443116d9791eee7 Size/MD5 checksum: 1169546 e439f85cb7d5755488283b48c25213bc i386 architecture (Intel ia32) Size/MD5 checksum: 303718 a9bdcd4d31a594c196f18b916adcf29c Size/MD5 checksum: 259032 77d7d235c8395b14c47033158ca99a12 Size/MD5 checksum: 2915646 fdf2b28a0b482e9b5310a69e303162a9 Size/MD5 checksum: 958778 233e968682a24b1f7b8259552d869cc9 ia64 architecture (Intel ia64) Size/MD5 checksum: 272290 c833704551b7330ff002c7a486fd6326 Size/MD5 checksum: 410084 393d05ececb2b56c3e9cf8667bee6e37 Size/MD5 checksum: 1489784 30b154c46b4d3609a54f86bd2c9608d4 Size/MD5 checksum: 2800250 411058093b4bcf9cc241c97283b706f4 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 1039604 93dce812de2605a1decf3a91cf1fdcb6 Size/MD5 checksum: 3050894 433d8ac69c75486c3f4ef1a8e8b571fc Size/MD5 checksum: 262606 24bc492fd4fb188222ce9eeb1ff0c768 Size/MD5 checksum: 319884 a9f8a2f8b13d1bbd64ca5be52fafcdec mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 1028620 5373a76615b1208a0bcf648e1ac4d74d Size/MD5 checksum: 317226 528869d14dd652a8ff77a8d0949060ed Size/MD5 checksum: 257912 d4f5d5704b0137797635350ee6dbd74d Size/MD5 checksum: 3001244 09ffd9355ea180446462c4762118c0ea powerpc architecture (PowerPC) Size/MD5 checksum: 2948604 3378206f900751ead42c264fb889ded9 Size/MD5 checksum: 333556 11a62eebda4b15f09bc9923c0256d4b5 Size/MD5 checksum: 1031552 66e7ef314e0003a4626be23fdf7843f6 Size/MD5 checksum: 259498 af3924c5043f456484598d76d6a0ca1f s390 architecture (IBM S/390) Size/MD5 checksum: 263080 0675ec6c2daf678d558f529eb59c45e9 Size/MD5 checksum: 346292 1e77acadf630955325ad21d802512b39 Size/MD5 checksum: 3021080 a59b06101c7d226f6ca526164f92c5c7 Size/MD5 checksum: 1178440 a383e9a1ba4a2a8e1d8662031f2b7b0f sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 2713414 9fb579cb2a9729a7daa00472e4886c94 Size/MD5 checksum: 257226 32f907739b4b8712832ab3370616a6af Size/MD5 checksum: 997232 2803a67dba4eff8dff851f89a5363592 Size/MD5 checksum: 317520 32e167507b034ffc02a5371f46c968ea These files will probably be movedinto the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------. vulnerabilities, mozilla's, network, security, services, (nss), library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 01, 2010 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here