Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of serviceupdate

SUSE: 2022:1749-1 Moderate: dcraw Denial of Service Issues

An update that fixes 11 vulnerabilities is now available. . SUSE Security Update: Security update for dcraw ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1749-1 Rating: moderate References: #1056170 #1063798 #1084690 #1097973 #1097974 #1117436 #1117512 #1117517 #1117622 #1117896 #1189642 Cross-References: CVE-2017-13735 CVE-2017-14608 CVE-2018-19565 CVE-2018-19566 CVE-2018-19567 CVE-2018-19568 CVE-2018-19655 CVE-2018-5801 CVE-2018-5805 CVE-2018-5806 CVE-2021-3624 CVSS scores: CVE-2017-13735 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-13735 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2017-14608 (NVD) : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2017-14608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-19565 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2018-19565 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-19566 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2018-19566 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2018-19567 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19567 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-19568 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19568 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19655 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-19655 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-5801 (NVD) : 6.5CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-5801 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-5805 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-5805 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-5806 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-5806 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-3624 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-3624 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Desktop 12-SP5 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Workstation Extension 12-SP5 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception (bsc#1056170). - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1063798). - CVE-2018-19655: Fixed a buffer overflow that could lead to an application crash (bsc#1117896). - CVE-2018-5801: Fixed an invalid memory access that could lead to denial of service (bsc#1084690). - CVE-2018-5805: Fixed a buffer overflow that could lead to an application crash (bsc#1097973). - CVE-2018-5806: Fixed an invalid memory access that could lead to denial of service (bsc#1097974). - CVE-2018-19565: Fixed an invalid memory access that could lead to information disclosure or denial of service(bsc#1117622). - CVE-2018-19566: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117517). - CVE-2018-19567: Fixed a denial of service issue due to a floating point exception (bsc#1117512). - CVE-2018-19568: Fixed a denial of service issue due to a floating point exception (bsc#1117436). - CVE-2021-3624: Fixed a buffer overflow that could lead to code execution or denial of service (bsc#1189642). Non-security fixes: - Updated to version 9.28.0. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2022-1749=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1749=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP5 (noarch): dcraw-lang-9.28.0-3.3.1 - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): dcraw-9.28.0-3.3.1 dcraw-debuginfo-9.28.0-3.3.1 dcraw-debugsource-9.28.0-3.3.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): dcraw-9.28.0-3.3.1 dcraw-debuginfo-9.28.0-3.3.1 dcraw-debugsource-9.28.0-3.3.1 References: https://www.suse.com/security/cve/CVE-2017-13735.html https://www.suse.com/security/cve/CVE-2017-14608.html https://www.suse.com/security/cve/CVE-2018-19565.html https://www.suse.com/security/cve/CVE-2018-19566.html https://www.suse.com/security/cve/CVE-2018-19567.html https://www.suse.com/security/cve/CVE-2018-19568.html https://www.suse.com/security/cve/CVE-2018-19655.html https://www.suse.com/security/cve/CVE-2018-5801.html https://www.suse.com/security/cve/CVE-2018-5805.html https://www.suse.com/security/cve/CVE-2018-5806.html https://www.suse.com/security/cve/CVE-2021-3624.html https://bugzilla.suse.com/1056170 https://bugzilla.suse.com/1063798 https://bugzilla.suse.com/1084690 https://bugzilla.suse.com/1097973 https://bugzilla.suse.com/1097974 https://bugzilla.suse.com/1117436 https://bugzilla.suse.com/1117512 https://bugzilla.suse.com/1117517 https://bugzilla.suse.com/1117622 https://bugzilla.suse.com/1117896 https://bugzilla.suse.com/1189642 . SUSE has released a new version of dcraw to fix 11 security issues, among them are risks related to buffer overflows and denial of service attacks. Immediate action is recommended.. SUSE Linux,drawing software,dcraw,security patch,denial of service. . LinuxSecurity.com Team

Calendar 2 May 19, 2022 SuSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderate threatattack protection

Mageia 8 MGASA-2022-0160 Moderate: dcraw Buffer Over-Read Threat

A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information. (CVE-2018-19565) A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be . MGASA-2022-0160 - Updated dcraw packages fix security vulnerability Publication date: 06 May 2022 URL: https://advisories.mageia.org/MGASA-2022-0160.html Type: security Affected Mageia releases: 8 CVE: CVE-2018-5805, CVE-2018-5806, CVE-2018-19565, CVE-2018-19566, CVE-2018-19567, CVE-2018-19568, CVE-2021-3624 A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information. (CVE-2018-19565) A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information. (CVE-2018-19566) A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. (CVE-2018-19567) A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. (CVE-2018-19568) A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash. (CVE-2018-5805) An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. (CVE-2018-5806) There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code maybe executed in the victim's system. (CVE-2021-3624) References: - https://bugs.mageia.org/show_bug.cgi?id=24107 - https://www.openwall.com/lists/oss-security/2018/11/27/1 - - https://www.cve.org/CVERecord?id=CVE-2018-5805 - https://www.cve.org/CVERecord?id=CVE-2018-5806 - https://www.cve.org/CVERecord?id=CVE-2018-19565 - https://www.cve.org/CVERecord?id=CVE-2018-19566 - https://www.cve.org/CVERecord?id=CVE-2018-19567 - https://www.cve.org/CVERecord?id=CVE-2018-19568 - https://www.cve.org/CVERecord?id=CVE-2021-3624 SRPMS: - 8/core/dcraw-9.28.0-6.1.mga8 . Mageia 2022-0161 tackles critical vulnerabilities in libjpeg-turbo affecting system performance and image handling. Check out the specifics now.. Mageia Security Update, dcraw Buffer Overread, Attack Protection. . LinuxSecurity.com Team

Calendar 2 May 06, 2022 Mageia
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicesoftware update

openSUSE Leap 15.3/15.4: 2022:1277-1 Moderate: dcraw Denial of Service Fix

An update that fixes 11 vulnerabilities is now available. . SUSE Security Update: Security update for dcraw ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1277-1 Rating: moderate References: #1056170 #1063798 #1084690 #1097973 #1097974 #1117436 #1117512 #1117517 #1117622 #1117896 #1189642 Cross-References: CVE-2017-13735 CVE-2017-14608 CVE-2018-19565 CVE-2018-19566 CVE-2018-19567 CVE-2018-19568 CVE-2018-19655 CVE-2018-5801 CVE-2018-5805 CVE-2018-5806 CVE-2021-3624 CVSS scores: CVE-2017-13735 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-13735 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2017-14608 (NVD) : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2017-14608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-19565 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2018-19565 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-19566 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2018-19566 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2018-19567 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19567 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-19568 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19568 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-19655 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-19655 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-5801 (NVD) : 6.5CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-5801 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-5805 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-5805 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-5806 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-5806 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-3624 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception (bsc#1056170). - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1063798). - CVE-2018-19655: Fixed a buffer overflow that could lead to an application crash (bsc#1117896). - CVE-2018-5801: Fixed an invalid memory access that could lead to denial of service (bsc#1084690). - CVE-2018-5805: Fixed a buffer overflow that could lead to an application crash (bsc#1097973). - CVE-2018-5806: Fixed an invalid memory access that could lead to denial of service (bsc#1097974). - CVE-2018-19565: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117622). - CVE-2018-19566: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117517). - CVE-2018-19567: Fixed a denial of service issue due to a floating point exception (bsc#1117512). - CVE-2018-19568: Fixed a denial of service issue due to a floating point exception(bsc#1117436). - CVE-2021-3624: Fixed a buffer overflow that could lead to code execution or denial of service (bsc#1189642). Non-security fixes: - Updated to version 9.28.0. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1277=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1277=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): dcraw-9.28.0-150000.3.3.1 dcraw-debuginfo-9.28.0-150000.3.3.1 dcraw-debugsource-9.28.0-150000.3.3.1 - openSUSE Leap 15.4 (noarch): dcraw-lang-9.28.0-150000.3.3.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): dcraw-9.28.0-150000.3.3.1 dcraw-debuginfo-9.28.0-150000.3.3.1 dcraw-debugsource-9.28.0-150000.3.3.1 - openSUSE Leap 15.3 (noarch): dcraw-lang-9.28.0-150000.3.3.1 References: https://www.suse.com/security/cve/CVE-2017-13735.html https://www.suse.com/security/cve/CVE-2017-14608.html https://www.suse.com/security/cve/CVE-2018-19565.html https://www.suse.com/security/cve/CVE-2018-19566.html https://www.suse.com/security/cve/CVE-2018-19567.html https://www.suse.com/security/cve/CVE-2018-19568.html https://www.suse.com/security/cve/CVE-2018-19655.html https://www.suse.com/security/cve/CVE-2018-5801.html https://www.suse.com/security/cve/CVE-2018-5805.html https://www.suse.com/security/cve/CVE-2018-5806.html https://www.suse.com/security/cve/CVE-2021-3624.html https://bugzilla.suse.com/1056170 https://bugzilla.suse.com/1063798 https://bugzilla.suse.com/1084690 https://bugzilla.suse.com/1097973 https://bugzilla.suse.com/1097974 https://bugzilla.suse.com/1117436 https://bugzilla.suse.com/1117512 https://bugzilla.suse.com/1117517 https://bugzilla.suse.com/1117622 https://bugzilla.suse.com/1117896 https://bugzilla.suse.com/1189642 . Security enhancements for dcraw now released in openSUSE, fixing 11 vulnerabilities, such as potential denial of service and unsafe memory handling issues.. openSUSE Patches, dcraw Security Update, Software Vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Apr 20, 2022 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical issuesoftware update

Fedora 30: 2020-545493aa4b Critical Fix for dcraw CVE-2018-19655

Fix CVE-2018-19655. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-545493aa4b 2020-03-29 01:59:18.673356 --------------------------------------------------------------------------------Name : dcraw Product : Fedora 30 Version : 9.28.0 Release : 9.fc30 URL : http://www.dechifro.org/dcraw/ Summary : Tool for decoding raw image data from digital cameras Description : This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. --------------------------------------------------------------------------------Update Information: Fix CVE-2018-19655 --------------------------------------------------------------------------------ChangeLog: * Fri Mar 20 2020 Josef Ridky - 9.28.0-9 - Fix CVE-2018-19655 * Tue Jan 28 2020 Fedora Release Engineering - 9.28.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Tue Jan 14 2020 Tom Stellard - 9.28.0-7 - Use __cc macro instead of hard-coding gcc * Wed Jul 24 2019 Fedora Release Engineering - 9.28.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Fri Jun 28 2019 Josef Ridky - 9.28.0-5 - set new upstream url --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-545493aa4b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Security update released for CVE-2019-12345 affecting ImageMagick on Ubuntu 20.04. Immediate action required for graphic manipulation tools.. Fedora Update, Digital Image Security, DCraw Tool Update, CVE Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 28, 2020 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 32: FEDORA-2020-29d7f4d35d High: lighttpd Memory Leak

Fix CVE-2018-19655. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-19c7f8e25f 2020-03-29 01:36:32.572872 --------------------------------------------------------------------------------Name : dcraw Product : Fedora 31 Version : 9.28.0 Release : 9.fc31 URL : http://www.dechifro.org/dcraw/ Summary : Tool for decoding raw image data from digital cameras Description : This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. --------------------------------------------------------------------------------Update Information: Fix CVE-2018-19655 --------------------------------------------------------------------------------ChangeLog: * Fri Mar 20 2020 Josef Ridky - 9.28.0-9 - Fix CVE-2018-19655 * Tue Jan 28 2020 Fedora Release Engineering - 9.28.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Tue Jan 14 2020 Tom Stellard - 9.28.0-7 - Use __cc macro instead of hard-coding gcc --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-19c7f8e25f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The recent Fedora 31 update resolves CVE-2018-19655 within the dcraw application, enhancing overall security and correcting several image processing bugs.. Fedora Updates, dcraw Tool, Image Processing Security. . LinuxSecurity.com Team

Calendar 2 Mar 28, 2020 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasecurity fix

Fedora 32 - FEDORA-2020-ef1ff20b59 Critical: dcraw Security Fix

Fix CVE-2018-19655. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-ef1ff20b59 2020-03-29 00:14:52.079997 --------------------------------------------------------------------------------Name : dcraw Product : Fedora 32 Version : 9.28.0 Release : 9.fc32 URL : http://www.dechifro.org/dcraw/ Summary : Tool for decoding raw image data from digital cameras Description : This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. --------------------------------------------------------------------------------Update Information: Fix CVE-2018-19655 --------------------------------------------------------------------------------ChangeLog: * Fri Mar 20 2020 Josef Ridky - 9.28.0-9 - Fix CVE-2018-19655 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-ef1ff20b59' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Resolution for CVE-2018-19655 in dcraw application on Fedora, improving image manipulation safety with recentpatches.. Fedora Update, dcraw Tool, CVE Fix, Image Data Decoding, Security Patches. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 28, 2020 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issueNULL pointer

Mageia: 2019-0017 Moderate: dcraw NULL Pointer Crash Risk

A NULL pointer dereference flaw was found in the way dcraw processed images. An attacker could potentially use this flaw to crash dcraw by tricking it into processing crafted images (CVE-2018-5801). References: . MGASA-2019-0017 - Updated dcraw packages fix security vulnerability Publication date: 06 Jan 2019 URL: https://advisories.mageia.org/MGASA-2019-0017.html Type: security Affected Mageia releases: 6 CVE: CVE-CVE-2018-5801 A NULL pointer dereference flaw was found in the way dcraw processed images. An attacker could potentially use this flaw to crash dcraw by tricking it into processing crafted images (CVE-2018-5801). References: - https://bugs.mageia.org/show_bug.cgi?id=23252 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/B4QRYU6SJD34FIOACDR2QA5F4C3CWPOB/ - https://www.cve.org/CVERecord?id=CVE-CVE-2018-5801 SRPMS: - 6/core/dcraw-9.27.0-1.1.mga6 . Enhancements to dcraw fix a NULL pointer vulnerability, averting system failures triggered by specially manipulated images. Discover more about this security concern.. dcraw Update, Mageia Security, NULL Pointer Flaw, Image Processing Fix. . LinuxSecurity.com Team

Calendar 2 Jan 06, 2019 Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 27: dcraw 9.28.0 Moderate: NULL Pointer Dereference Fix

New version of dcraw is available 9.28.0 Security fix for CVE-2018-5801. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-ae1ced8fb6 2018-07-25 18:44:08.975117 --------------------------------------------------------------------------------Name : dcraw Product : Fedora 27 Version : 9.28.0 Release : 1.fc27 URL : Summary : Tool for decoding raw image data from digital cameras Description : This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. --------------------------------------------------------------------------------Update Information: New version of dcraw is available 9.28.0 Security fix for CVE-2018-5801 --------------------------------------------------------------------------------ChangeLog: * Thu Jun 14 2018 Josef Ridky - 9.28.0-1 - New upstream release 9.28.0 (#1585348) - Fix CVE-2018-5801 (#1557160) * Fri Feb 23 2018 Florian Weimer - 9.27.0-8 - Use LDFLAGS from redhat-rpm-config * Tue Feb 20 2018 Nils Philippsen - 9.27.0-7 - require gcc for building * Wed Feb 7 2018 Fedora Release Engineering - 9.27.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1553334 - CVE-2018-5801 LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1553334 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-ae1ced8fb6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/6FIKKJCNEFO4CWDTBCLSVJ3IKOLRD2CE/ . Version 9.28.0 of dcraw brings an update that addresses CVE-2018-5801, bolstering the security for Fedora 27.. dcraw security fix,Fedora update,CVE-2018-5801,security advisory,raw image tool. . LinuxSecurity.com Team

Calendar 2 Jul 25, 2018 Fedora
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here