Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
100
security advisorymoderateSuSEImmediate Attention Required: libcrypto Package for Ubuntu Server 22.04 LTS
An update that solves one vulnerability can now be installed.. # Security update for libsodium Announcement ID: SUSE-SU-2026:0223-1 Release Date: 2026-01-22T12:18:06Z Rating: moderate References: * bsc#1256070 Cross-References: * CVE-2025-15444 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libsodium fixes the following issues: * CVE-2025-15444: fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-223=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-223=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-223=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-223=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-223=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-223=1 * SUSE LinuxEnterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-223=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-223=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-223=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium-devel-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * openSUSE Leap 15.6 (x86_64) * libsodium23-32bit-1.0.18-150000.4.11.1 * libsodium23-32bit-debuginfo-1.0.18-150000.4.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 *libsodium23-1.0.18-150000.4.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsodium-debugsource-1.0.18-150000.4.11.1 * libsodium-devel-1.0.18-150000.4.11.1 * libsodium23-1.0.18-150000.4.11.1 * libsodium23-debuginfo-1.0.18-150000.4.11.1 * Basesystem Module 15-SP7 (x86_64) * libsodium23-32bit-1.0.18-150000.4.11.1 * libsodium23-32bit-debuginfo-1.0.18-150000.4.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15444.html * https://bugzilla.suse.com/show_bug.cgi?id=1256070 . Update resolves a cryptographic bypass issue in libsodium with a moderate severity rating, follow installation instructions for protection.. SUSE libsodium update Linux security cryptographic patch. . LinuxSecurity.com Team
Jan 22, 2026
SuSE
203
security advisorymoderatesecurity updateMageia 9: MGASA-2024-0381 moderate: iptraf-ng security patch
The updated package fixes a security vulnerability: CVE-2024-52949. References: - https://bugs.mageia.org/show_bug.cgi?id=33799 - . MGASA-2024-0381 - Updated iptraf-ng packages fix security vulnerability Publication date: 27 Nov 2024 URL: https://advisories.mageia.org/MGASA-2024-0381.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-52949 The updated package fixes a security vulnerability: CVE-2024-52949. References: - https://bugs.mageia.org/show_bug.cgi?id=33799 - - https://www.cve.org/CVERecord?id=CVE-2024-52949 SRPMS: - 9/core/iptraf-ng-1.2.2-1.mga9 . Recent revisions to iptraf-ng packages resolve a security vulnerability identified as CVE-2024-52949 for Mageia 9 users. For detailed information, refer to the advisory.. Mageia Security, iptraf-ng Update, CVE Fixes, Security Patch. . LinuxSecurity.com Team
Nov 27, 2024
Mageia
172
security advisorydenial of serviceUbuntuUbuntu 22.04: USN-6502-3 Critical: Linux-NVIDIA Kernel Threats
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6502-3 November 28, 2023 linux-nvidia-6.2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-nvidia-6.2: Linux kernel for NVIDIA systems Details: Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-31085) Manfred Rudigier discovered that the Intel(R) PCI-Express Gigabit (igb) Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-45871) Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service (host kernel crash). (CVE-2023-5090) It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-5345) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-6.2.0-1012-nvidia 6.2.0-1012.12 linux-image-6.2.0-1012-nvidia-64k 6.2.0-1012.12 linux-image-nvidia-6.2 6.2.0.1012.14 linux-image-nvidia-64k-6.2 6.2.0.1012.14 linux-image-nvidia-64k-hwe-22.04 6.2.0.1012.14 linux-image-nvidia-hwe-22.04 6.2.0.1012.14 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6502-3 https://ubuntu.com/security/notices/USN-6502-1 CVE-2023-25775, CVE-2023-31085, CVE-2023-45871, CVE-2023-5090, CVE-2023-5345 Package Information: https://launchpad.net/ubuntu/+source/linux-nvidia-6.2/6.2.0-1012.12 . Several critical security flaws affecting the Linux kernel on Ubuntu 22.04 LTS are being addressed with essential system protection updates.. Linux Kernel, Ubuntu Security, NVIDIA Driver Issues. . Severity: Critical. LinuxSecurity.com Team
Nov 28, 2023
•Critical
Ubuntu
203
security advisorysecurity issuecriticalMageia: 2021-0102 Critical Update for Kernel-Linus Security Issues
This kernel-linus update is based on upstream 5.10.19 and fixes atleast the following security issues: An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant . MGASA-2021-0102 - Updated kernel-linus packages fix security vulnerabilities Publication date: 04 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0102.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-26930, CVE-2021-26931, CVE-2021-26932 This kernel-linus update is based on upstream 5.10.19 and fixes atleast the following security issues: An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error (CVE-2021-26930). An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though (CVE-2021-26931). An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation.Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable (CVE-2021-26932). It also adds the following fixes: - enable ACPI_EC_DEBUGFS (mga#28415) For other upstream fixes, see the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=28471 - https://bugs.mageia.org/show_bug.cgi?id=28415 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.17 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.18 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.19 - https://www.cve.org/CVERecord?id=CVE-2021-26930 - https://www.cve.org/CVERecord?id=CVE-2021-26931 - https://www.cve.org/CVERecord?id=CVE-2021-26932 SRPMS: - 8/core/kernel-linus-5.10.19-1.mga8 . Mageia 2021-0102 enhances kernel-linus to address vital security vulnerabilities, improving overall system resilience to attacks.. Kernel-Linus Security, Mageia Updates, System Vulnerability Fix. . Severity: Critical. LinuxSecurity.com Team
Mar 04, 2021
•Critical
Mageia
203
security advisoryhigh severitypackage updateMageia 7 MGASA-2020-0033 High Severity: phpMyAdmin SQL Injection Fix
Updated phpmyadmin package fix security vulnerability: A SQL injection flaw has been discovered in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL . MGASA-2020-0033 - Updated phpmyadmin packages fix security vulnerability Publication date: 11 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0033.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-5504 Updated phpmyadmin package fix security vulnerability: A SQL injection flaw has been discovered in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server (CVE-2020-5504). References: - https://bugs.mageia.org/show_bug.cgi?id=26036 - https://www.phpmyadmin.net/news/2020/1/8/phpmyadmin-494-and-501-are-released/ - https://www.phpmyadmin.net/security/PMASA-2020-1/ - https://www.cve.org/CVERecord?id=CVE-2020-5504 SRPMS: - 7/core/phpmyadmin-4.9.4-1.mga7 . The phpmyadmin software package addresses an SQL injection vulnerability in Mageia 7, with the fix implemented on January 11, 2020.. SQL Injection Fix, Mageia Security Advisory, phpMyAdmin Exploit, Security Update January 2020. . LinuxSecurity.com Team
Jan 11, 2020
Mageia
89
security advisoryFedoraXSSFedora 23: 2016-afdedc8da9 Moderate: Openvas Libraries XSS Threat
Bump to latest upstream bugfix releases. Contains Security fix for CVE-2016-1926. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-afdedc8da9 2016-05-01 19:39:42.660814 -------------------------------------------------------------------------------- Name : openvas-libraries Product : Fedora 23 Version : 8.0.7 Release : 2.fc23 URL : Summary : Support libraries for Open Vulnerability Assessment (OpenVAS) Scanner Description : openvas-libraries is the base library for the OpenVAS network security scanner. -------------------------------------------------------------------------------- Update Information: Bump to latest upstream bugfix releases. Contains Security fix for CVE-2016-1926 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1300683 - CVE-2016-1926 openvas-gsa: XSS vulnerability due to improper handling of the parameters of get_aggregate command https://bugzilla.redhat.com/show_bug.cgi?id=1300683 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update openvas-libraries' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
May 01, 2016
Fedora
98
security advisoryRed HatimportantRed Hat: RHSA-2011:1282-01 Important: nss and nspr Certificate Trust Issue
Updated nss and nspr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: nss and nspr security update Advisory ID: RHSA-2011:1282-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1282.html Issue date: 2011-09-12 ==================================================================== 1. Summary: Updated nss and nspr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) providesplatform independence for non-GUI operating system facilities. It was found that a Certificate Authority (CA) issued fraudulent HTTPS certificates. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. (BZ#734316) Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token. These updated packages upgrade NSS to version 3.12.10 on Red Hat Enterprise Linux 4 and 5. As well, they upgrade NSPR to version 4.8.8 on Red Hat Enterprise Linux 4 and 5, as required by the NSS update. The packages for Red Hat Enterprise Linux 6 include a backported patch. All NSS and NSPR users should upgrade to these updated packages, which correct this issue. After installing the update, applications using NSS and NSPR must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 734316 - Fraudulent certificates signed by DigiNotar CA certificate (MFSA 2011-34) 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: nspr-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-devel-4.8.8-1.el4.i386.rpm nss-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-devel-3.12.10-4.el4.i386.rpm nss-tools-3.12.10-4.el4.i386.rpm ia64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.ia64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.ia64.rpm nspr-devel-4.8.8-1.el4.ia64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.ia64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.ia64.rpm nss-devel-3.12.10-4.el4.ia64.rpm nss-tools-3.12.10-4.el4.ia64.rpm ppc: nspr-4.8.8-1.el4.ppc.rpm nspr-4.8.8-1.el4.ppc64.rpm nspr-debuginfo-4.8.8-1.el4.ppc.rpm nspr-debuginfo-4.8.8-1.el4.ppc64.rpm nspr-devel-4.8.8-1.el4.ppc.rpm nss-3.12.10-4.el4.ppc.rpm nss-3.12.10-4.el4.ppc64.rpm nss-debuginfo-3.12.10-4.el4.ppc.rpm nss-debuginfo-3.12.10-4.el4.ppc64.rpm nss-devel-3.12.10-4.el4.ppc.rpm nss-tools-3.12.10-4.el4.ppc.rpm s390: nspr-4.8.8-1.el4.s390.rpm nspr-debuginfo-4.8.8-1.el4.s390.rpm nspr-devel-4.8.8-1.el4.s390.rpm nss-3.12.10-4.el4.s390.rpm nss-debuginfo-3.12.10-4.el4.s390.rpm nss-devel-3.12.10-4.el4.s390.rpm nss-tools-3.12.10-4.el4.s390.rpm s390x: nspr-4.8.8-1.el4.s390.rpm nspr-4.8.8-1.el4.s390x.rpm nspr-debuginfo-4.8.8-1.el4.s390.rpm nspr-debuginfo-4.8.8-1.el4.s390x.rpm nspr-devel-4.8.8-1.el4.s390x.rpm nss-3.12.10-4.el4.s390.rpm nss-3.12.10-4.el4.s390x.rpm nss-debuginfo-3.12.10-4.el4.s390.rpm nss-debuginfo-3.12.10-4.el4.s390x.rpm nss-devel-3.12.10-4.el4.s390x.rpm nss-tools-3.12.10-4.el4.s390x.rpm x86_64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.x86_64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.x86_64.rpm nspr-devel-4.8.8-1.el4.x86_64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.x86_64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.x86_64.rpm nss-devel-3.12.10-4.el4.x86_64.rpm nss-tools-3.12.10-4.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: nspr-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-devel-4.8.8-1.el4.i386.rpm nss-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-devel-3.12.10-4.el4.i386.rpm nss-tools-3.12.10-4.el4.i386.rpm x86_64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.x86_64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.x86_64.rpm nspr-devel-4.8.8-1.el4.x86_64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.x86_64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.x86_64.rpm nss-devel-3.12.10-4.el4.x86_64.rpm nss-tools-3.12.10-4.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: nspr-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-devel-4.8.8-1.el4.i386.rpm nss-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-devel-3.12.10-4.el4.i386.rpm nss-tools-3.12.10-4.el4.i386.rpm ia64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.ia64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.ia64.rpm nspr-devel-4.8.8-1.el4.ia64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.ia64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.ia64.rpm nss-devel-3.12.10-4.el4.ia64.rpm nss-tools-3.12.10-4.el4.ia64.rpm x86_64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.x86_64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.x86_64.rpm nspr-devel-4.8.8-1.el4.x86_64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.x86_64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.x86_64.rpm nss-devel-3.12.10-4.el4.x86_64.rpm nss-tools-3.12.10-4.el4.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: nspr-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-devel-4.8.8-1.el4.i386.rpm nss-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-devel-3.12.10-4.el4.i386.rpm nss-tools-3.12.10-4.el4.i386.rpm ia64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.ia64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.ia64.rpm nspr-devel-4.8.8-1.el4.ia64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.ia64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.ia64.rpm nss-devel-3.12.10-4.el4.ia64.rpm nss-tools-3.12.10-4.el4.ia64.rpm x86_64: nspr-4.8.8-1.el4.i386.rpm nspr-4.8.8-1.el4.x86_64.rpm nspr-debuginfo-4.8.8-1.el4.i386.rpm nspr-debuginfo-4.8.8-1.el4.x86_64.rpm nspr-devel-4.8.8-1.el4.x86_64.rpm nss-3.12.10-4.el4.i386.rpm nss-3.12.10-4.el4.x86_64.rpm nss-debuginfo-3.12.10-4.el4.i386.rpm nss-debuginfo-3.12.10-4.el4.x86_64.rpm nss-devel-3.12.10-4.el4.x86_64.rpm nss-tools-3.12.10-4.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: nspr-4.8.8-1.el5_7.i386.rpm nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nss-3.12.10-4.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-tools-3.12.10-4.el5_7.i386.rpm x86_64: nspr-4.8.8-1.el5_7.i386.rpm nspr-4.8.8-1.el5_7.x86_64.rpm nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nspr-debuginfo-4.8.8-1.el5_7.x86_64.rpm nss-3.12.10-4.el5_7.i386.rpm nss-3.12.10-4.el5_7.x86_64.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.x86_64.rpm nss-tools-3.12.10-4.el5_7.x86_64.rpm RHEL Desktop Workstation (v. 5client): Source: i386: nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nspr-devel-4.8.8-1.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-devel-3.12.10-4.el5_7.i386.rpm nss-pkcs11-devel-3.12.10-4.el5_7.i386.rpm x86_64: nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nspr-debuginfo-4.8.8-1.el5_7.x86_64.rpm nspr-devel-4.8.8-1.el5_7.i386.rpm nspr-devel-4.8.8-1.el5_7.x86_64.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.x86_64.rpm nss-devel-3.12.10-4.el5_7.i386.rpm nss-devel-3.12.10-4.el5_7.x86_64.rpm nss-pkcs11-devel-3.12.10-4.el5_7.i386.rpm nss-pkcs11-devel-3.12.10-4.el5_7.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: nspr-4.8.8-1.el5_7.i386.rpm nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nspr-devel-4.8.8-1.el5_7.i386.rpm nss-3.12.10-4.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-devel-3.12.10-4.el5_7.i386.rpm nss-pkcs11-devel-3.12.10-4.el5_7.i386.rpm nss-tools-3.12.10-4.el5_7.i386.rpm ia64: nspr-4.8.8-1.el5_7.i386.rpm nspr-4.8.8-1.el5_7.ia64.rpm nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nspr-debuginfo-4.8.8-1.el5_7.ia64.rpm nspr-devel-4.8.8-1.el5_7.ia64.rpm nss-3.12.10-4.el5_7.i386.rpm nss-3.12.10-4.el5_7.ia64.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.ia64.rpm nss-devel-3.12.10-4.el5_7.ia64.rpm nss-pkcs11-devel-3.12.10-4.el5_7.ia64.rpm nss-tools-3.12.10-4.el5_7.ia64.rpm ppc: nspr-4.8.8-1.el5_7.ppc.rpm nspr-4.8.8-1.el5_7.ppc64.rpm nspr-debuginfo-4.8.8-1.el5_7.ppc.rpm nspr-debuginfo-4.8.8-1.el5_7.ppc64.rpm nspr-devel-4.8.8-1.el5_7.ppc.rpm nspr-devel-4.8.8-1.el5_7.ppc64.rpm nss-3.12.10-4.el5_7.ppc.rpm nss-3.12.10-4.el5_7.ppc64.rpm nss-debuginfo-3.12.10-4.el5_7.ppc.rpm nss-debuginfo-3.12.10-4.el5_7.ppc64.rpm nss-devel-3.12.10-4.el5_7.ppc.rpm nss-devel-3.12.10-4.el5_7.ppc64.rpm nss-pkcs11-devel-3.12.10-4.el5_7.ppc.rpm nss-pkcs11-devel-3.12.10-4.el5_7.ppc64.rpm nss-tools-3.12.10-4.el5_7.ppc.rpm s390x: nspr-4.8.8-1.el5_7.s390.rpm nspr-4.8.8-1.el5_7.s390x.rpm nspr-debuginfo-4.8.8-1.el5_7.s390.rpm nspr-debuginfo-4.8.8-1.el5_7.s390x.rpm nspr-devel-4.8.8-1.el5_7.s390.rpm nspr-devel-4.8.8-1.el5_7.s390x.rpm nss-3.12.10-4.el5_7.s390.rpm nss-3.12.10-4.el5_7.s390x.rpm nss-debuginfo-3.12.10-4.el5_7.s390.rpm nss-debuginfo-3.12.10-4.el5_7.s390x.rpm nss-devel-3.12.10-4.el5_7.s390.rpm nss-devel-3.12.10-4.el5_7.s390x.rpm nss-pkcs11-devel-3.12.10-4.el5_7.s390.rpm nss-pkcs11-devel-3.12.10-4.el5_7.s390x.rpm nss-tools-3.12.10-4.el5_7.s390x.rpm x86_64: nspr-4.8.8-1.el5_7.i386.rpm nspr-4.8.8-1.el5_7.x86_64.rpm nspr-debuginfo-4.8.8-1.el5_7.i386.rpm nspr-debuginfo-4.8.8-1.el5_7.x86_64.rpm nspr-devel-4.8.8-1.el5_7.i386.rpm nspr-devel-4.8.8-1.el5_7.x86_64.rpm nss-3.12.10-4.el5_7.i386.rpm nss-3.12.10-4.el5_7.x86_64.rpm nss-debuginfo-3.12.10-4.el5_7.i386.rpm nss-debuginfo-3.12.10-4.el5_7.x86_64.rpm nss-devel-3.12.10-4.el5_7.i386.rpm nss-devel-3.12.10-4.el5_7.x86_64.rpm nss-pkcs11-devel-3.12.10-4.el5_7.i386.rpm nss-pkcs11-devel-3.12.10-4.el5_7.x86_64.rpm nss-tools-3.12.10-4.el5_7.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: i386: nss-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-sysinit-3.12.9-12.el6_1.i686.rpm nss-tools-3.12.9-12.el6_1.i686.rpm x86_64: nss-3.12.9-12.el6_1.i686.rpm nss-3.12.9-12.el6_1.x86_64.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-sysinit-3.12.9-12.el6_1.x86_64.rpm nss-tools-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm x86_64: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.x86_64.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: nss-3.12.9-12.el6_1.i686.rpm nss-3.12.9-12.el6_1.x86_64.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-sysinit-3.12.9-12.el6_1.x86_64.rpm nss-tools-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.x86_64.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: nss-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-sysinit-3.12.9-12.el6_1.i686.rpm nss-tools-3.12.9-12.el6_1.i686.rpm ppc64: nss-3.12.9-12.el6_1.ppc.rpm nss-3.12.9-12.el6_1.ppc64.rpm nss-debuginfo-3.12.9-12.el6_1.ppc.rpm nss-debuginfo-3.12.9-12.el6_1.ppc64.rpm nss-devel-3.12.9-12.el6_1.ppc.rpm nss-devel-3.12.9-12.el6_1.ppc64.rpm nss-sysinit-3.12.9-12.el6_1.ppc64.rpm nss-tools-3.12.9-12.el6_1.ppc64.rpm s390x: nss-3.12.9-12.el6_1.s390.rpm nss-3.12.9-12.el6_1.s390x.rpm nss-debuginfo-3.12.9-12.el6_1.s390.rpm nss-debuginfo-3.12.9-12.el6_1.s390x.rpm nss-devel-3.12.9-12.el6_1.s390.rpm nss-devel-3.12.9-12.el6_1.s390x.rpm nss-sysinit-3.12.9-12.el6_1.s390x.rpm nss-tools-3.12.9-12.el6_1.s390x.rpm x86_64: nss-3.12.9-12.el6_1.i686.rpm nss-3.12.9-12.el6_1.x86_64.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.x86_64.rpm nss-sysinit-3.12.9-12.el6_1.x86_64.rpm nss-tools-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm ppc64: nss-debuginfo-3.12.9-12.el6_1.ppc.rpm nss-debuginfo-3.12.9-12.el6_1.ppc64.rpm nss-pkcs11-devel-3.12.9-12.el6_1.ppc.rpm nss-pkcs11-devel-3.12.9-12.el6_1.ppc64.rpm s390x: nss-debuginfo-3.12.9-12.el6_1.s390.rpm nss-debuginfo-3.12.9-12.el6_1.s390x.rpm nss-pkcs11-devel-3.12.9-12.el6_1.s390.rpm nss-pkcs11-devel-3.12.9-12.el6_1.s390x.rpm x86_64: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: nss-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-sysinit-3.12.9-12.el6_1.i686.rpm nss-tools-3.12.9-12.el6_1.i686.rpm x86_64: nss-3.12.9-12.el6_1.i686.rpm nss-3.12.9-12.el6_1.x86_64.rpm nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-devel-3.12.9-12.el6_1.i686.rpm nss-devel-3.12.9-12.el6_1.x86_64.rpm nss-sysinit-3.12.9-12.el6_1.x86_64.rpm nss-tools-3.12.9-12.el6_1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm x86_64: nss-debuginfo-3.12.9-12.el6_1.i686.rpm nss-debuginfo-3.12.9-12.el6_1.x86_64.rpm nss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm nss-pkcs11-devel-3.12.9-12.el6_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. . Red Hat has issued a significant security advisory highlighting enhancements for nss and nspr, addressing vulnerabilities related to certificate validation across multiple RHEL iterations.. Red Hat Enterprise Linux,nss security,nspr advisory. . Severity: Important. LinuxSecurity.com Team
Sep 12, 2011
•Important
Red Hat
200
security advisorysoftware updatebindScientific Linux: 3.0.x Important BIND Security Update for DoS Issue
Important: bind security and bug fix update. Date: Thu, 30 Jul 2009 15:09:30 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: Security ERRATA Important: bind for SL 3.0.x on i386/x86_64 Comments: To: scientific Synopsis: Important: bind security and bug fix update CVE Names: CVE-2009-0696 CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets A flaw was found in the way BIND handles dynamic update message packets containing the "ANY" record type. A remote attacker could use this flaw to send a specially-crafted dynamic update packet that could cause named to exit with an assertion failure. (CVE-2009-0696) Note: even if named is not configured for dynamic updates, receiving such a specially-crafted dynamic update packet could still cause named to exit unexpectedly. This update also fixes the following bug: * the following message could have been logged: "internal_accept: fcntl() failed: Too many open files". With these updated packages, timeout queries are aborted in order to reduce the number of open UDP sockets, and when the accept() function returns an EMFILE error value, that situation is now handled gracefully, thus resolving the issue. (BZ#498164) After installing the update, the BIND daemon (named) will be restarted automatically. SRPM: bind-9.2.4-25.el3.src.rpm i386: bind-9.2.4-25.el3.i386.rpm bind-chroot-9.2.4-25.el3.i386.rpm bind-devel-9.2.4-25.el3.i386.rpm bind-libs-9.2.4-25.el3.i386.rpm bind-utils-9.2.4-25.el3.i386.rpm x86_64: bind-9.2.4-25.el3.x86_64.rpm bind-chroot-9.2.4-25.el3.x86_64.rpm bind-devel-9.2.4-25.el3.x86_64.rpm bind-libs-9.2.4-25.el3.x86_64.rpm bind-utils-9.2.4-25.el3.x86_64.rpm -Connie Sieh -Troy Dawson . BIND security update for CentOS tackles DoS through CVE-2009-0696 affecting 3.0.x versions on x86/x64 architectures.. BIND Security Update, DoS Fix, Scientific Linux Advisory, Critical Updates. . Severity: Important. LinuxSecurity.com Team
Jul 30, 2009
•Important
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!