Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
100
security advisorymoderateDenial of ServiceSUSE: 2025:20067-1 moderate: libdb-4_8 DoS Security Fix
* bsc#1174414 Cross-References: * CVE-2019-2708 . # Security update for libdb-4_8 Announcement ID: SUSE-SU-2025:20067-1 Release Date: 2025-02-03T09:01:27Z Rating: moderate References: * bsc#1174414 Cross-References: * CVE-2019-2708 CVSS scores: * CVE-2019-2708 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2019-2708 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for libdb-4_8 fixes the following issues: CVE-2019-2708: Fixed data store execution leading to partial DoS (bsc#1174414) Changes: * libdb: Data store execution leads to partial DoS * Backport the upsteam commits: * Fixed several possible crashes when running db_verify on a corrupted database. [#27864] * Fixed several possible hangs when running db_verify on a corrupted database. [#27864] * Added a warning message when attempting to verify a queue database which has many extent files. Verification will take a long time if there are many extent files. [#27864] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-118=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libdb-4_8-4.8.30-7.1 * libdb-4_8-debugsource-4.8.30-7.1 * libdb-4_8-debuginfo-4.8.30-7.1 ## References: * https://www.suse.com/security/cve/CVE-2019-2708.html * https://bugzilla.suse.com/show_bug.cgi?id=1174414 . A minor security patch for openSUSE aimed at resolving a database vulnerability that might trigger a limited Denial of Service.. SUSE Linux Micro, libdb-4_8, Denial of Service, security update. . LinuxSecurity.com Team
Jun 04, 2025
SuSE
203
security advisorymoderateDoSMageia 7: 2021-0057 Moderate Threat from DB53 Partial DoS Attack
Vulnerability in the Data Store component of Oracle Berkeley DB. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data . MGASA-2021-0057 - Updated db53 packages fix a security vulnerability Publication date: 29 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0057.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-2708 Vulnerability in the Data Store component of Oracle Berkeley DB. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store (CVE-2019-2708). References: - https://bugs.mageia.org/show_bug.cgi?id=27960 - https://www.oracle.com/security-alerts/cpuapr2019.html - https://lists.fedoraproject.org/archives/list/
Jan 29, 2021
Mageia
98
security advisorymoderatesecurity issueRedHat: RHSA-2020-3626-01 Moderate: Data Grid 8.1.0 Security Update
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Data Grid 8.1.0 Security Update Advisory ID: RHSA-2020:3626-01 Product: Red Hat JBoss Data Grid Advisory URL: https://access.redhat.com/errata/RHSA-2020:3626 Issue date: 2020-09-03 CVE Names: CVE-2020-9488 CVE-2020-11612 ==================================================================== 1. Summary: An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Data Grid is a distributed, in-memory datastore. This release of Red Hat Data Grid 8.1.0 replaces Red Hat Data Grid 8.0, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section. Security Fix(es): * netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612) * log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Refer to the Data Grid 8.1 Upgrade Guide for instructions on upgrading to this version. The References section of this erratum contains a download link (you must log in to download the update). 4. Bugs fixed(https://bugzilla.redhat.com/): 1816216 - CVE-2020-11612 netty: compression/decompression codecs don't enforce limits on buffer allocation sizes 1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender 5. References: https://access.redhat.com/security/cve/CVE-2020-9488 https://access.redhat.com/security/cve/CVE-2020-11612 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=data.grid&version=8.1 https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.1/html-single/red_hat_data_grid_8.1_release_notes/ https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.1/html-single/upgrading_data_grid/index 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1EfBdzjgjWX9erEAQh2NxAAhk1r2q/pgVR+t1757Y3Rq/iwswJCJDmL y37x7Ys5Fzj0rNJRg7WC4rW6qtE/F2Y9iLTYpokm4sRkOVtsMjutUu4JPs6SfHVw fFYbbONnJyXLOfOSQCnkCWRGOaubvSdzjoCxFCOFCcDk4sZJenNfqRc2+IF9dyyH JI93yIcHJ//rciap6zhOZjVGqIOI0bmBcrSwypGT/QnHoAGhUSXHUt+gqiWeRhyQ 9kmdPjDpV6pGNvwiKznHIhSXKd1ku1CEzrkcGrhKYYQgVBQOwsN758dQ6eo/8rwO VxWSYbQDMcj2FoYzkehu/9J/LYXxawcxpBqjRk1U+5hfblV8gSMYMWZWpmANXMYb fVyUrjvQpHlMRgAxL6FgFhRuk/wBoJgiR1m83csGxV7aHRDNn1JeD5hlJLh998SN zmMynNoYm5vF7Kv+bNG19GUZ0UqTutB2fBgnYy/nqWV1dNw0MOaLhZ+6C8Be3Xtq tmxpOWbcLB4QjhuYCSiDW9RwFl6a2fTPmsn9aXVnHjEN7Eo6dVjU1oJdRDdyULkQ /34miNIuCDKMTH0mZ/Q0Yl4G48bAvGul2zoJ+xY9RZTR6k36CRRzsrc+ex3K2OCo iJJYJzlxFOjQ1u+nqT6savVqbJSjNV2GuQd9D8SeejgQlHQwnnoQQ9MQziXWxVec P7LcCejdY3k=E2u2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 03, 2020
Red Hat
89
security advisorycritical issuesecurity updateUbuntu 20.04: 2020:01a2bcdef3 Important: PostgreSQL Security Patch
Upstream 4.0.10 release.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-31f5fe58f7 2018-06-23 20:45:47.528676 --------------------------------------------------------------------------------Name : redis Product : Fedora 28 Version : 4.0.10 Release : 1.fc28 URL : https://redis.io/ Summary : A persistent key-value database Description : Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Redis also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Redis behave like a cache. You can use Redis from most programming languages also. --------------------------------------------------------------------------------Update Information: Upstream 4.0.10 release. --------------------------------------------------------------------------------ChangeLog: * Thu Jun 14 2018 Nathan Scott - 4.0.10-1 - Upstream 4.0.10 release. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-31f5fe58f7' at the command line. For more information, refer to the dnfdocumentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 23, 2018
•Important
Fedora
89
security advisoryupdatecriticalFedora 24: 2017-4b176c1694 Critical: Redis Security Fix for CVE-2013-7458
Upstream 3.2.8 ---- Upstream 3.2.7 (important security fix) ---- Security fix for CVE-2013-7458. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-4b176c1694 2017-06-17 19:40:32.933950 --------------------------------------------------------------------------------Name : redis Product : Fedora 24 Version : 3.2.8 Release : 1.fc24 URL : https://redis.io/ Summary : A persistent key-value database Description : Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Redis also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Redis behave like a cache. You can use Redis from most programming languages also. --------------------------------------------------------------------------------Update Information: Upstream 3.2.8 ---- Upstream 3.2.7 (important security fix) ---- Security fix for CVE-2013-7458 --------------------------------------------------------------------------------References: [ 1 ] Bug #1363670 - CVE-2013-7458 redis: world-readable ~/.rediscli_history https://bugzilla.redhat.com/show_bug.cgi?id=1363670 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade redis' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 18, 2017
•Critical
Fedora
89
security advisoryFedoraimportant fixFedora 25 Redis Security Advisory: Important Fix for Performance
Upstream 3.2.7 (important security fix). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-a1625d5c7b 2017-02-09 01:14:52.525273 -------------------------------------------------------------------------------- Name : redis Product : Fedora 25 Version : 3.2.7 Release : 1.fc25 URL : https://redis.io/ Summary : A persistent key-value database Description : Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Redis also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Redis behave like a cache. You can use Redis from most programming languages also. -------------------------------------------------------------------------------- Update Information: Upstream 3.2.7 (important security fix) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade redis' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Feb 09, 2017
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!