Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE libsoup Critical HTTP Vulnerabilities Addressed in 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateimportant

RedHat: RHSA-2020:2321-01 Important: Data Grid 7.3.6 Security Update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Data Grid 7.3.6 security update Advisory ID: RHSA-2020:2321-01 Product: Red Hat JBoss Data Grid Advisory URL: https://access.redhat.com/errata/RHSA-2020:2321 Issue date: 2020-05-26 CVE Names: CVE-2018-10862 CVE-2019-0205 CVE-2019-0210 CVE-2019-10086 CVE-2019-10219 CVE-2019-14540 CVE-2019-16869 CVE-2019-16942 CVE-2019-16943 CVE-2019-17267 CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 ==================================================================== 1. Summary: An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.6 serves as a replacement for Red Hat Data Grid 7.3.5 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Security Fix(es): * wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip) (CVE-2018-10862) * apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086) * netty: HTTP request smuggling by mishandled whitespacebefore the colon in HTTP headers (CVE-2019-16869) * netty: HTTP request smuggling (CVE-2019-20444) * netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445) * netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238) * thrift: Endless loop when feed with specific input data (CVE-2019-0205) * thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210) * hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219) * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540) * jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942) * jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943) * jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: To install this update, do the following: 1. Download the Data Grid 7.3.6 server patch from the customer portal. See the download link in the References section. 2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on. 3. Install the Data Grid 7.3.6 server patch. Refer to the 7.3 Release Notes for patching instructions. 4. Restart Data Grid to ensure the changes take effect. 4. Bugs fixed (https://bugzilla.redhat.com/): 1593527 - CVE-2018-10862 wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip) 1738673 - CVE-2019-10219 hibernate-validator: safeHTML validator allows XSS 1755849 - CVE-2019-14540 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 1758167 - CVE-2019-17267 jackson-databind: Serialization gadgets in classes of the ehcachepackage 1758187 - CVE-2019-16942 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 1758191 - CVE-2019-16943 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 1758619 - CVE-2019-16869 netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers1764607 - CVE-2019-0210 thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol 1764612 - CVE-2019-0205 thrift: Endless loop when feed with specific input data 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 1796225 - CVE-2020-7238 netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling 1798509 - CVE-2019-20445 netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header 1798524 - CVE-2019-20444 netty: HTTP request smuggling 5. References: https://access.redhat.com/security/cve/CVE-2018-10862 https://access.redhat.com/security/cve/CVE-2019-0205 https://access.redhat.com/security/cve/CVE-2019-0210 https://access.redhat.com/security/cve/CVE-2019-10086 https://access.redhat.com/security/cve/CVE-2019-10219 https://access.redhat.com/security/cve/CVE-2019-14540 https://access.redhat.com/security/cve/CVE-2019-16869 https://access.redhat.com/security/cve/CVE-2019-16942 https://access.redhat.com/security/cve/CVE-2019-16943 https://access.redhat.com/security/cve/CVE-2019-17267 https://access.redhat.com/security/cve/CVE-2019-20444 https://access.redhat.com/security/cve/CVE-2019-20445 https://access.redhat.com/security/cve/CVE-2020-7238 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid&downloadType=patches&version=7.3 https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html-single/red_hat_data_grid_7.3_release_notes/index 6. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXs0/WtzjgjWX9erEAQj6YBAAprUkyGaWcz+RYX6fFXboPsTp+DryzK86 I0qkM7+AcdotKa113mC6JYxxCdTScRDpEMro4hlhgdk1tkFKarlT0ygK8pQiR0JP lQ6Orkf267u6Dgl/WcycTYhmWL3ZnBujKf+Lw9hrI5BqHMCHkxUYTJtQoolqfEHR Kjm84Ztf3xb29Olrcho4AkQQruHdoc9BYDN0cVdLcO4cprYhBFxU7PFXZy6+YtiJ 5QJwfeGnHIQcSLfaGjsLno2K4ZxRfwMX04xWn7hAaYRQV7CIfcPjqj0mCyEVfDND 0a3WbgiMwMvkT6B0E9e7fQy02nlQbPKvsTBcvb4f0a0iJ5fJYljMowcWl0j+7Jtj CCdlaMEcVnk/ABF5ShP7HdB3gbEnPPQrFMIcpOwYDBxxnpR0PwqL8mGSroJD1Pp9 S2OLc0HxqMEKmiqtJWY74+ltCSIFx0GwdkimhWJ7wnQitpIFRNeWyAMdz9IuqVXX Tcyys8aKXk+vZAYrCSckD4JFvguUPMcp9XJ7wANkHVlBgW0pcTdbro6jIii/xRZa v4mWhkNkw9qr3aIkOZ+FdcNxDkhWWq8INV5+4I8ueqebBUibl6KLptcgbs5aUauz KYhyKl0qcAczrmDGZK3EhvZzCWCm/NfLG8Mv9+YgIdErJg8xgeLceaoKlwDtbsWm ajI0qVNl6Bs=dbVJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The Security Team at Red Hat has issued a critical update for Data Grid version 7.3.6, which resolves numerous vulnerabilities.. Red Hat Data Grid, Security Update, Patch, Network Security, Data Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 26, 2020 Important Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here