Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 17 articles for you...
89

Fedora 44 Hut Update Security Advisory 2026-ed208f5337 CVE Fixes

Update! Close Go standard library CVE bugs that are solved by a rebuild. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ed208f5337 2026-07-02 01:05:29.983895+00:00 -------------------------------------------------------------------------------- Name : hut Product : Fedora 44 Version : 0.8.0 Release : 1.fc44 URL : https://git.sr.ht/~xenrox/hut Summary : A CLI tool for Sourcehut Description : hut is a CLI tool for interacting with Sourcehut instances. It supports git.sr.ht as well as self-hosted Sourcehut instances. -------------------------------------------------------------------------------- Update Information: Update! Close Go standard library CVE bugs that are solved by a rebuild -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Javier Olaechea - 0.8.0-1 - Update to 0.8.0. Fixes rhbz#2451702. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2408304 - CVE-2025-58189 hut: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408304 [ 2 ] Bug #2408723 - CVE-2025-61725 hut: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408723 [ 3 ] Bug #2409777 - CVE-2025-61723 hut: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409777 [ 4 ] Bug #2410727 - CVE-2025-58185 hut: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410727 [ 5 ] Bug #2411623 - CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411623 [ 6 ] Bug #2412711- CVE-2025-58183 hut: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412711 [ 7 ] Bug #2451702 - hut-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451702 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ed208f5337' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Close Go standard library CVE bugs through a rebuild of hut in Fedora 44. Critical updates included.. Fedora security advisory,hut update,CVE fix,Fedora 44. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Important Fedora
89

Fedora 43 Major Update for nginx-mod-fancyindex Addresses CVE Issues

nginx-mod-headers-more: Rebuild for 1.30.3 nginx-mod-brotli: Rebuild for 1.30.3 nginx-mod-vts:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9d7328702e 2026-06-27 00:54:50.049683+00:00 -------------------------------------------------------------------------------- Name : nginx-mod-fancyindex Product : Fedora 43 Version : 0.6.0 Release : 6.fc43 URL : https://github.com/aperezdc/ngx-fancyindex Summary : Nginx FancyIndex module Description : The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: * Custom headers. Either local or stored remotely. * Custom footers. Either local or stored remotely. * Add you own CSS style rules. * Allow choosing to sort elements by name (default), modification time, or size; both ascending (default), or descending. -------------------------------------------------------------------------------- Update Information: nginx-mod-headers-more: Rebuild for 1.30.3 nginx-mod-brotli: Rebuild for 1.30.3 nginx-mod-vts: Rebuild for 1.30.3 nginx-mod-modsecurity: Rebuild for 1.30.3 nginx-mod-fancyindex: Rebuild for 1.30.3 nginx-mod-naxsi: Rebuild for 1.30.3 nginx: update to 1.30.3 fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 17 2026 Felix Kaechele - 0.6.0-6 - Rebuild for 1.30.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9d7328702e' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Enhance your Fedora 43 environment with key updates in nginx-mod-fancyindex and critical CVE fixes.. Fedora updates, nginx-mod-fancyindex, security patches, CVE fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Fedora
100

SUSE Important Security Update Xen Denial of Service CVE-2026-2613-1

An update that solves five vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:2613-1 Release Date: 2026-06-24T09:01:48Z Rating: important References: * bsc#1264066 * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2025-54518 * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42487 ( NVD ): 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42489 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42490 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise HighPerformance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264066). * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2613=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2613=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2613=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2613=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2613=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2613=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2613=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2613=1 * openSUSE Leap 15.4 zypper in -t patchSUSE-2026-2613=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * xen-4.16.7_10-150400.4.86.2 * xen-tools-domU-4.16.7_10-150400.4.86.2 * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-tools-debuginfo-4.16.7_10-150400.4.86.2 * xen-devel-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-tools-domU-debuginfo-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * xen-tools-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * xen-4.16.7_10-150400.4.86.2 * xen-tools-domU-4.16.7_10-150400.4.86.2 * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-tools-debuginfo-4.16.7_10-150400.4.86.2 * xen-devel-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-tools-domU-debuginfo-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * xen-tools-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * xen-4.16.7_10-150400.4.86.2 * xen-tools-domU-4.16.7_10-150400.4.86.2 * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-tools-debuginfo-4.16.7_10-150400.4.86.2 * xen-devel-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-tools-domU-debuginfo-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * xen-tools-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.7_10-150400.4.86.2 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-tools-debuginfo-4.16.7_10-150400.4.86.2 * xen-doc-html-4.16.7_10-150400.4.86.2 * xen-4.16.7_10-150400.4.86.2 *xen-tools-4.16.7_10-150400.4.86.2 * openSUSE Leap 15.4 (aarch64 i586 x86_64) * xen-tools-domU-4.16.7_10-150400.4.86.2 * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-devel-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * xen-tools-domU-debuginfo-4.16.7_10-150400.4.86.2 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-debuginfo-4.16.7_10-150400.4.86.2 * xen-libs-32bit-4.16.7_10-150400.4.86.2 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-4.16.7_10-150400.4.86.2 * xen-libs-64bit-debuginfo-4.16.7_10-150400.4.86.2 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * xen-4.16.7_10-150400.4.86.2 * xen-tools-domU-4.16.7_10-150400.4.86.2 * xen-libs-debuginfo-4.16.7_10-150400.4.86.2 * xen-tools-debuginfo-4.16.7_10-150400.4.86.2 * xen-devel-4.16.7_10-150400.4.86.2 * xen-debugsource-4.16.7_10-150400.4.86.2 * xen-tools-domU-debuginfo-4.16.7_10-150400.4.86.2 * xen-libs-4.16.7_10-150400.4.86.2 * xen-tools-4.16.7_10-150400.4.86.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.16.7_10-150400.4.86.2 ## References: *https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1264066 * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 . Update mitigates five critical issues in SUSE for xen, focusing on security threats and important patches.. SUSE update,xen software,security patch,system vulnerabilities,SUSE security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 Important SuSE
219

Rocky Linux 9 libpng15 Moderate Code Execution Issue RLSA-2026-28244

Moderate: libpng15 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:28244", "synopsis": "Moderate: libpng15 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for libpng15.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG (Portable Network Graphics) image format files. This version should be used only if you are unable to use the current version of libpng.\n\nSecurity Fix(es):\n\n* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2451805", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451805", "description": ""}], "cves": [{"name": "CVE-2026-33416", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}], "references": [], "publishedAt": "2026-06-24T12:03:26.635873Z", "rpms": {"Rocky Linux 9": {"nvras": ["libpng15-0:1.5.30-15.el9_8.1.aarch64.rpm", "libpng15-0:1.5.30-15.el9_8.1.i686.rpm", "libpng15-0:1.5.30-15.el9_8.1.ppc64le.rpm", "libpng15-0:1.5.30-15.el9_8.1.s390x.rpm", "libpng15-0:1.5.30-15.el9_8.1.src.rpm", "libpng15-0:1.5.30-15.el9_8.1.x86_64.rpm", "libpng15-debuginfo-0:1.5.30-15.el9_8.1.aarch64.rpm", "libpng15-debuginfo-0:1.5.30-15.el9_8.1.i686.rpm", "libpng15-debuginfo-0:1.5.30-15.el9_8.1.ppc64le.rpm", "libpng15-debuginfo-0:1.5.30-15.el9_8.1.s390x.rpm","libpng15-debuginfo-0:1.5.30-15.el9_8.1.x86_64.rpm", "libpng15-debugsource-0:1.5.30-15.el9_8.1.aarch64.rpm", "libpng15-debugsource-0:1.5.30-15.el9_8.1.i686.rpm", "libpng15-debugsource-0:1.5.30-15.el9_8.1.ppc64le.rpm", "libpng15-debugsource-0:1.5.30-15.el9_8.1.s390x.rpm", "libpng15-debugsource-0:1.5.30-15.el9_8.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate security update for libpng15 on Rocky Linux addresses arbitrary code execution risk due to a use-after-free issue. Update advised.. libpng15 update, Rocky Linux security, use-after-free issue, update libpng, security advisory. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 moderate Rocky Linux
89

Fedora 44 perl-ExtUtils-Builder-Compiler Critical CVE-2026-8463 Advisory

Update to 0.031 #2477035 #2481131 fixes CVE-2026-8463. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-dafdad8fd3 2026-06-05 04:25:00.358941+00:00 -------------------------------------------------------------------------------- Name : perl-ExtUtils-Builder-Compiler Product : Fedora 44 Version : 0.036 Release : 1.fc44 URL : https://metacpan.org/dist/ExtUtils-Builder-Compiler Summary : Interface around different compilers Description : This is an interface wrapping around different compilers. It's usually not used directly but by a portability layer like ExtUtils::Builder::Autodetect::C. -------------------------------------------------------------------------------- Update Information: Update to 0.031 #2477035 #2481131 fixes CVE-2026-8463 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 22 2026 Charles R. Anderson 0.036-1 - Update to 0.036 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-dafdad8fd3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for perl-ExtUtils-Builder-Compiler in Fedora 44 fixes critical CVE-2026-8463 vulnerability to enhance security.. Fedora security update, Perl package fix, CVE-2026-8463, Compiler updates, Fedora package management. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 Critical Fedora
89

Fedora 43 Kernel 7.0.6 Important Update for CVE-2026-46300 Advisory

The 7.0.6 stable kernel update contains a number of important fixes across the tree. It also contains a fix for the Fragnesia CVE-2026-46300. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cccb681166 2026-05-14 00:41:12.640505+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 43 Version : 7.0.6 Release : 100.fc43 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.0.6 stable kernel update contains a number of important fixes across the tree. It also contains a fix for the Fragnesia CVE-2026-46300 -------------------------------------------------------------------------------- ChangeLog: * Wed May 13 2026 Justin M. Forbes [7.0.6-0] - net: skbuff: propagate shared-frag marker through pskb_copy() (Hyunwoo Kim) - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) - Add BugsFixed for 7.0.7 (Justin M. Forbes) - ovl: fix verity lazy-load guard broken by fsverity_active() semantic change (Colin Walters) - Revert rxrpc dirtyfrag fix in favor of version which landed upstream (Justin M. Forbes) - Re-enable Intel MEI for Fedora x86 (Justin M. Forbes) - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present (Hyunwoo Kim) - Linux v7.0.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2468594 - overlayfs+fsverity-require (composefs) broken in 7.x - just needs cherry pick https://bugzilla.redhat.com/show_bug.cgi?id=2468594 [ 2 ] Bug #2468995 - Regression: Intel MEI modules missing in kernel 7.0.4-200.fc44 causing i915 / Meteor Lake system freezes https://bugzilla.redhat.com/show_bug.cgi?id=2468995 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cccb681166' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Discover critical fixes in Fedora 43 kernel update addressing CVE-2026-46300 for enhanced security and stability.. Fedora Kernel Fixes, CVE-2026-46300 Updates, Security Advisory Fedora. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 14, 2026 Important Fedora
89

Fedora 42 polkit Fix for Critical CVE-2026-4897 Unsanitized Getline Issue

CVE-2026-4897 aisle.com fix of unsanitized getline. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-1774635f74 2026-04-13 00:49:53.479885+00:00 -------------------------------------------------------------------------------- Name : polkit Product : Fedora 42 Version : 126 Release : 3.fc42.2 URL : https://github.com/polkit-org/polkit Summary : An authorization framework Description : polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. -------------------------------------------------------------------------------- Update Information: CVE-2026-4897 aisle.com fix of unsanitized getline -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Jan Rybar - 126-3.2 - CVE-2026-4897 aisle.com fix of unsanitized getline -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-1774635f74' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 42 polkit patch fixes CVE-2026-4897 for unsanitized getline, improving authorization security.. Fedora 42 polkit patch CVE-2026-4897 unsanitized getline authorization. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 Critical Fedora
202

openSUSE Tumbleweed pnpm Moderate Security Update CVE-2026-24842

An update that solves one vulnerability can now be installed.. # pnpm-10.32.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10410-1 Rating: moderate Cross-References: * CVE-2026-24842 CVSS scores: * CVE-2026-24842 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-24842 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the pnpm-10.32.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * pnpm 10.32.1-1.1 * pnpm-bash-completion 10.32.1-1.1 * pnpm-fish-completion 10.32.1-1.1 * pnpm-zsh-completion 10.32.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24842.html . An update for openSUSE Tumbleweed to address a moderate security issue in pnpm 10.32.1-1.1 with CVE-2026-24842.. openSUSE pnpm security update CVE-2026-24842 moderate. . LinuxSecurity.com Team

Calendar%202 Mar 25, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200