Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 39: FEDORA-2024-0c063be1cc Critical: frr Buffer Overflow

New version 8.5.5. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-0c063be1cc 2024-08-11 03:29:03.062220 -------------------------------------------------------------------------------- Name : frr Product : Fedora 39 Version : 8.5.5 Release : 1.fc39 URL : http://www.frrouting.org Summary : Routing daemon Description : FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga. -------------------------------------------------------------------------------- Update Information: New version 8.5.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 31 2024 Michal Ruprich - 8.5.5-1 - New version 8.5.5 * Wed Jan 3 2024 Michal Ruprich - 8.5.4-1 - New version 8.5.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2273983 - CVE-2024-31948 frr: bgpd daemon crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2273983 [ 2 ] Bug #2273996 - CVE-2024-31950 frr: buffer overflow and daemon crash in ospf_te_parse_ri [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2273996 [ 3 ] Bug #2274000 - CVE-2024-31951 frr: buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2274000 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-0c063be1cc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . The Fedora 39 release featuring frr version 8.5.5 brings essential bug resolutions and improvements across various routing protocols.. Fedora 39,frr,security update,routing protocols,buffer overflow. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 11, 2024 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 40: FEDORA-2024-e60ca8feb0 Moderate: FRRouting Buffer Overflow

New version 9.1.1. Includes fixes for CVE-2024-31950, CVE-2024-31951 and CVE-2024-31949.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-e60ca8feb0 2024-08-09 02:53:27.282333 -------------------------------------------------------------------------------- Name : frr Product : Fedora 40 Version : 9.1.1 Release : 1.fc40 URL : http://www.frrouting.org Summary : Routing daemon Description : FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga. -------------------------------------------------------------------------------- Update Information: New version 9.1.1. Includes fixes for CVE-2024-31950, CVE-2024-31951 and CVE-2024-31949. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 31 2024 Michal Ruprich - 9.1.1-1 - New version 9.1.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2273993 - CVE-2024-31949 frr: infinite loop [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2273993 [ 2 ] Bug #2273996 - CVE-2024-31950 frr: buffer overflow and daemon crash in ospf_te_parse_ri [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2273996 [ 3 ] Bug #2274000 - CVE-2024-31951 frr: buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2274000 [ 4 ] Bug #2274057 - frr-10.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2274057 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-e60ca8feb0' at the command line.For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Ubuntu 22.04 kernel 5.15.0 patch resolves memory leak and deadlock scenarios, enhancing performance reliability.. Fedora Security Updates, FRRouting, Open Source Routing, Buffer Overflow Fix, Linux Security. . LinuxSecurity.com Team

Calendar 2 Aug 09, 2024 Fedora
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorybuffer overflownetwork service

Mageia 9 MGASA-2024-0173 Moderate: glibc Stack-Based Overflow Risk

Stack-based buffer overflow in netgroup cache: If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. (CVE-2024-33599) Null pointer crashes after notfound response: If the Name Service Cache . MGASA-2024-0173 - Updated glibc packages fix security vulnerabilities Publication date: 10 May 2024 URL: https://advisories.mageia.org/MGASA-2024-0173.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 Stack-based buffer overflow in netgroup cache: If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. (CVE-2024-33599) Null pointer crashes after notfound response: If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. (CVE-2024-33600) Netgroup cache may terminate daemon on memory allocation failure: The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. (CVE-2024-33601) Netgroup cache assumes NSS callback uses in-buffer strings: The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. (CVE-2024-33602) References: - https://bugs.mageia.org/show_bug.cgi?id=33185 - https://www.cve.org/CVERecord?id=CVE-2024-33599 - https://www.cve.org/CVERecord?id=CVE-2024-33600 - https://www.cve.org/CVERecord?id=CVE-2024-33601 - https://www.cve.org/CVERecord?id=CVE-2024-33602 SRPMS: - 9/core/glibc-2.36-54.mga9 . Enhanced glibc versions rectify severe vulnerabilities in Mageia, mitigating overflow threats and service failures.. glibc Updates, MageiaSecurity, Buffer Overflow, Network Services, Daemon Issues. . LinuxSecurity.com Team

Calendar 2 May 10, 2024 Mageia
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Mageia 7 & 8 MGASA-2021-0110 Moderate: BIND Daemon Crash Risk

A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, which could result in denial of service (daemon crash), or potentially the execution of arbitrary code (CVE-2020-8625). . MGASA-2021-0110 - Updated bind packages fix security vulnerability Publication date: 04 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0110.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-8625 A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, which could result in denial of service (daemon crash), or potentially the execution of arbitrary code (CVE-2020-8625). The default configuration is not vulnerable to this issue, but it is if the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options are set. References: - https://bugs.mageia.org/show_bug.cgi?id=28394 - https://kb.isc.org/docs/cve-2020-8625 - https://lists.debian.org/debian-security-announce/2021/msg00038.html - https://www.cve.org/CVERecord?id=CVE-2020-8625 SRPMS: - 7/core/bind-9.11.6-1.3.mga7 - 8/core/bind-9.11.27-1.1.mga8 . A vulnerability in the implementation of SPNEGO within BIND may result in service interruption and poses a risk for potential unauthorized code execution.. Mageia BIND Security Update, SPNEGO Buffer Overflow, Denial Of Service. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 04, 2021 Important Mageia
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryremote exploitOpenLDAP

Mageia 7: 2020-0407 Moderate: OpenLDAP Denial of Service Risk

A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet (CVE-2020-25692). . MGASA-2020-0407 - Updated openldap packages fix a security vulnerability Publication date: 10 Nov 2020 URL: https://advisories.mageia.org/MGASA-2020-0407.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-25692 A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet (CVE-2020-25692). Also, the PID file path in the systemd service was fixed to use /run as the$ parent, rather than /var/run, eliminating warning messages in the logs. References: - https://bugs.mageia.org/show_bug.cgi?id=26768 - https://bugs.openldap.org/show_bug.cgi?id=9370 - https://lists.debian.org/debian-security-announce/2020/msg00189.html - https://www.cve.org/CVERecord?id=CVE-2020-25692 SRPMS: - 7/core/openldap-2.4.50-1.2.mga7 . A security bulletin has been issued for recent Mageia updates regarding OpenLDAP, addressing a significant denial of service vulnerability associated with the slapd daemon.. OpenLDAP Security Update, Mageia 7 Advisory, Denial of Service, Normalization Vulnerability. . LinuxSecurity.com Team

Calendar 2 Nov 10, 2020 Mageia
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote issue

Debian: DSA-2381-1 Critical: Squid3 Invalid Pointer Daemon Crash

It was discovered that the IPv6 support code in Squid does not properly handle certain DNS responses, resulting in deallocation of an invalid pointer and a daemon crash. . -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 - -------------------------------------------------------------------------Debian Security Advisory DSA-2381-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer January 06, 2012 http://www.debian.org/security/faq - -------------------------------------------------------------------------Package : squid3 Vulnerability : invalid memory deallocation Problem type : remote Debian-specific: no CVE ID : CVE-2011-4096 It was discovered that the IPv6 support code in Squid does not properly handle certain DNS responses, resulting in deallocation of an invalid pointer and a daemon crash. The squid package and the version of squid3 shipped in lenny lack IPv6 support and are not affected by this issue. For the stable distribution (squeeze), this problem has been fixed in version 3.1.6-1.2+squeeze2. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 3.1.18-1. We recommend that you upgrade your squid3 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Important notice for squid3 users on Debian pertaining to improper pointer management that results in potential service interruption. An update is strongly advised.. squid3 update, debian security advisory, invalid memory handling, networking issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 25, 2020 Critical Debian
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity issuesoftware update

SUSE: 2020:1289-1 Critical Update: Resolution for Libvirt Daemon Crash

An update that solves one vulnerability and has 6 fixes is now available. . SUSE Security Update: Security update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1289-1 Rating: important References: #1133719 #1137137 #1138734 #1145586 #1149100 #1154093 #1168683 Cross-References: CVE-2020-10703 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Server 12-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has 6 fixes is now available. Description: This update for libvirt fixes the following issues: Security issue fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths (bsc#1168683). Non-security issues fixed: - apparmor: avoid copying empty profile name (bsc#1149100). - logging: ensure virtlogd rollover takes priority over logrotate (bsc#1137137). - qemu: Add support for overriding max threads per process limit (bsc#1133719). - util: fix copying bitmap to larger data buffer (bsc#1138734). - virsh: support for setting precopy bandwidth in migrate (bsc#1145586). - virsh: use upstream name for migration precopy bandwidth parameter (bsc#1145586). - virt-create-rootfs: add SLE 15 and SLE 12 service packs support (bsc#1154093). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1289=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1289=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP4(aarch64 ppc64le s390x x86_64): libvirt-debugsource-4.0.0-8.20.2 libvirt-devel-4.0.0-8.20.2 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libvirt-4.0.0-8.20.2 libvirt-admin-4.0.0-8.20.2 libvirt-admin-debuginfo-4.0.0-8.20.2 libvirt-client-4.0.0-8.20.2 libvirt-client-debuginfo-4.0.0-8.20.2 libvirt-daemon-4.0.0-8.20.2 libvirt-daemon-config-network-4.0.0-8.20.2 libvirt-daemon-config-nwfilter-4.0.0-8.20.2 libvirt-daemon-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-interface-4.0.0-8.20.2 libvirt-daemon-driver-interface-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-lxc-4.0.0-8.20.2 libvirt-daemon-driver-lxc-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-network-4.0.0-8.20.2 libvirt-daemon-driver-network-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-nodedev-4.0.0-8.20.2 libvirt-daemon-driver-nodedev-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-nwfilter-4.0.0-8.20.2 libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-qemu-4.0.0-8.20.2 libvirt-daemon-driver-qemu-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-secret-4.0.0-8.20.2 libvirt-daemon-driver-secret-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-storage-4.0.0-8.20.2 libvirt-daemon-driver-storage-core-4.0.0-8.20.2 libvirt-daemon-driver-storage-core-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-storage-disk-4.0.0-8.20.2 libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-storage-iscsi-4.0.0-8.20.2 libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-storage-logical-4.0.0-8.20.2 libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-storage-mpath-4.0.0-8.20.2 libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-8.20.2 libvirt-daemon-driver-storage-scsi-4.0.0-8.20.2 libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-8.20.2 libvirt-daemon-hooks-4.0.0-8.20.2 libvirt-daemon-lxc-4.0.0-8.20.2 libvirt-daemon-qemu-4.0.0-8.20.2 libvirt-debugsource-4.0.0-8.20.2 libvirt-doc-4.0.0-8.20.2 libvirt-libs-4.0.0-8.20.2 libvirt-libs-debuginfo-4.0.0-8.20.2 libvirt-lock-sanlock-4.0.0-8.20.2 libvirt-lock-sanlock-debuginfo-4.0.0-8.20.2 libvirt-nss-4.0.0-8.20.2 libvirt-nss-debuginfo-4.0.0-8.20.2 - SUSE Linux Enterprise Server 12-SP4 (aarch64 x86_64): libvirt-daemon-driver-storage-rbd-4.0.0-8.20.2 libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-8.20.2 - SUSE Linux Enterprise Server 12-SP4 (x86_64): libvirt-daemon-driver-libxl-4.0.0-8.20.2 libvirt-daemon-driver-libxl-debuginfo-4.0.0-8.20.2 libvirt-daemon-xen-4.0.0-8.20.2 References: https://www.suse.com/security/cve/CVE-2020-10703.html https://bugzilla.suse.com/1133719 https://bugzilla.suse.com/1137137 https://bugzilla.suse.com/1138734 https://bugzilla.suse.com/1145586 https://bugzilla.suse.com/1149100 https://bugzilla.suse.com/1154093 https://bugzilla.suse.com/1168683 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . Red Hat security patch for OpenSSL addresses a severe vulnerability in encryption processes and features essential updates for reliable functionality.. SUSE Linux, libvirt update, daemon crash, security update, software fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 15, 2020 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantmemory leak

SUSE Linux: 2020:1277-1 Important: Libvirt Daemon Crash and Leak Fix

An update that solves two vulnerabilities and has four fixes is now available. . SUSE Security Update: Security update for libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1277-1 Rating: important References: #1157490 #1161883 #1162160 #1167007 #1168683 #1170765 Cross-References: CVE-2020-10703 CVE-2020-12430 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: This update for libvirt fixes the following issues: Security issues fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths (bsc#1168683). - CVE-2020-12430: Fixed a memory leak in qemuDomainGetStatsIOThread (bsc#1170765). Non-security issues fixed: - Support setting credit2 scheduler parameters for xen (bsc#1162160). - Enable use of newer libxl APIs for retrieving memory statistics (bsc#1157490, bsc#1167007). - Create multipath targets for qemu PR (bsc#1161883). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1277=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1277=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libvirt-debugsource-5.1.0-13.6.2 libvirt-devel-5.1.0-13.6.2 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libvirt-5.1.0-13.6.2 libvirt-admin-5.1.0-13.6.2 libvirt-admin-debuginfo-5.1.0-13.6.2 libvirt-client-5.1.0-13.6.2 libvirt-client-debuginfo-5.1.0-13.6.2 libvirt-daemon-5.1.0-13.6.2 libvirt-daemon-config-network-5.1.0-13.6.2 libvirt-daemon-config-nwfilter-5.1.0-13.6.2 libvirt-daemon-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-interface-5.1.0-13.6.2 libvirt-daemon-driver-interface-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-lxc-5.1.0-13.6.2 libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-network-5.1.0-13.6.2 libvirt-daemon-driver-network-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-nodedev-5.1.0-13.6.2 libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-nwfilter-5.1.0-13.6.2 libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-qemu-5.1.0-13.6.2 libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-secret-5.1.0-13.6.2 libvirt-daemon-driver-secret-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-storage-5.1.0-13.6.2 libvirt-daemon-driver-storage-core-5.1.0-13.6.2 libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-storage-disk-5.1.0-13.6.2 libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-storage-iscsi-5.1.0-13.6.2 libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-storage-logical-5.1.0-13.6.2 libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-storage-mpath-5.1.0-13.6.2 libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.6.2 libvirt-daemon-driver-storage-scsi-5.1.0-13.6.2 libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.6.2 libvirt-daemon-hooks-5.1.0-13.6.2 libvirt-daemon-lxc-5.1.0-13.6.2 libvirt-daemon-qemu-5.1.0-13.6.2 libvirt-debugsource-5.1.0-13.6.2 libvirt-doc-5.1.0-13.6.2 libvirt-libs-5.1.0-13.6.2 libvirt-libs-debuginfo-5.1.0-13.6.2 libvirt-lock-sanlock-5.1.0-13.6.2 libvirt-lock-sanlock-debuginfo-5.1.0-13.6.2 libvirt-nss-5.1.0-13.6.2 libvirt-nss-debuginfo-5.1.0-13.6.2 - SUSE Linux Enterprise Server 12-SP5 (aarch64 x86_64): libvirt-daemon-driver-storage-rbd-5.1.0-13.6.2 libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.6.2 - SUSE Linux Enterprise Server 12-SP5 (x86_64): libvirt-daemon-driver-libxl-5.1.0-13.6.2 libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.6.2 libvirt-daemon-xen-5.1.0-13.6.2 References: https://www.suse.com/security/cve/CVE-2020-10703.html https://www.suse.com/security/cve/CVE-2020-12430.html https://bugzilla.suse.com/1157490 https://bugzilla.suse.com/1161883 https://bugzilla.suse.com/1162160 https://bugzilla.suse.com/1167007 https://bugzilla.suse.com/1168683 https://bugzilla.suse.com/1170765 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . A critical advisory from SUSE concerning two vulnerabilities within libvirt, featuring corrections for security enhancements and operational optimizations.. SUSE Security, Libvirt Update, Daemon Fix, Memory Management. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 14, 2020 Important SuSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here