Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 12 articles for you...
89
security advisorydenial of servicefedoraFedora 43 forgejo-runner Critical DoS Threat Fix FEDORA-2026-cf660bc96a
Update vendor dependencies to fix: * CVE-2026-33762 * CVE-2026-33817 * CVE-2026-34165. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cf660bc96a 2026-05-06 16:45:18.195717+00:00 -------------------------------------------------------------------------------- Name : forgejo-runner Product : Fedora 43 Version : 12.7.3 Release : 2.fc43 URL : https://code.forgejo.org/forgejo/runner Summary : A daemon that fetches workflows to run from a Forgejo instance. Description : The Forgejo Runner is a daemon that fetches workflows to run from a Forgejo instance, executes them, sends back with the logs and ultimately reports its success or failure. -------------------------------------------------------------------------------- Update Information: Update vendor dependencies to fix: * CVE-2026-33762 * CVE-2026-33817 * CVE-2026-34165 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 23 2026 Diego Herrera - 12.7.3-2 - Backport dependency updates * Tue Apr 21 2026 Diego Herrera - 12.7.3-1 - Update to 12.7.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2454559 - CVE-2026-34165 forgejo-runner: go-git: Denial of Service via crafted .idx file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454559 [ 2 ] Bug #2454560 - CVE-2026-33762 forgejo-runner: go-git: Denial of Service via crafted Git index file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454560 [ 3 ] Bug #2456022 - CVE-2026-33817 forgejo-runner: go.etcd.io/bbolt: Denial of Service via index out-of-range error [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456022 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2026-cf660bc96a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 06, 2026
•Critical
Fedora
217
security advisoryimportantkernelOracle Linux 10 osbuild-composer Important ELSA-2026-13643 Fixes
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-13643 http://linux.oracle.com/errata/ELSA-2026-13643.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: osbuild-composer-149-6.0.1.el10_1.x86_64.rpm osbuild-composer-core-149-6.0.1.el10_1.x86_64.rpm osbuild-composer-worker-149-6.0.1.el10_1.x86_64.rpm aarch64: osbuild-composer-149-6.0.1.el10_1.aarch64.rpm osbuild-composer-core-149-6.0.1.el10_1.aarch64.rpm osbuild-composer-worker-149-6.0.1.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/osbuild-composer-149-6.0.1.el10_1.src.rpm Related CVEs: CVE-2026-25679 Description of changes: [149-6.0.1] - Add missing dependency over dracut-config-rescue for image-installer [Orabug: 38587453] - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names [JIRA: OLDIS-35893] - Ensure build on latest golang: CVE-2024-34156 - Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643] - Support using OCI variables inside built images [JIRA: OLDIS-35302] - Support using repository definitons with OCI variables [JIRA: OLDIS-38657] - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123] - Increase default /boot size to 1GB [Orabug: 36827079] - Add support for OCI hybrid images [JIRA: OLDIS-33593] - enable aarch64 OCI image builds [JIRA: OLDIS-33593] - support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619] [149-6] - Rebuilt to fix: - CVE-2026-25679 - CVE-2026-27137 - RHEL-158464 - RHEL-158602 _______________________________________________ El-errata mailing list
May 06, 2026
•Important
Oracle
100
security advisorySuSEimportantSUSE Cockpit Virtualization Significant Security Patch CVE-2025-13466
An update that solves one vulnerability can now be installed.. # Security update for cockpit-machines Announcement ID: SUSE-SU-2026:0396-1 Release Date: 2026-02-06T08:02:20Z Rating: important References: * bsc#1257325 Cross-References: * CVE-2025-13465 CVSS scores: * CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-13465 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-machines fixes the following issues: * CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. (bsc#1257324) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-396=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-396=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (noarch) * cockpit-machines-249.1-150300.5.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * cockpit-machines-249.1-150300.5.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13465.html * https://bugzilla.suse.com/show_bug.cgi?id=1257325 . Stay informed with this important security update for cockpit-machines addressing critical dependency issues.. SUSE Cockpit Machines Security Update Dependency CVE-2025-13465. . Severity: Important. LinuxSecurity.com Team
Feb 06, 2026
•Important
SuSE
89
security advisoryfedoracriticalFedora 41 rust-sevctl update: Critical fix for CVE-2025-4574
This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c53905e83d 2025-06-14 01:51:14.531329+00:00 -------------------------------------------------------------------------------- Name : rust-sevctl Product : Fedora 41 Version : 0.6.2 Release : 3.fc41 URL : https://crates.io/crates/sevctl Summary : Administrative utility for AMD SEV Description : Administrative utility for AMD SEV. -------------------------------------------------------------------------------- Update Information: This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574 -------------------------------------------------------------------------------- ChangeLog: * Wed May 28 2025 Sergio Lopez - 0.6.2-3 - Regenerate with rust2rpm * Wed May 28 2025 Sergio Lopez - 0.6.2-2 - Replace supported-arches with ExclusiveArch * Wed May 28 2025 Sergio Lopez - 0.6.2-1 - Update to version 0.6.2 and switch to rust2rpm -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c53905e83d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 14, 2025
•Critical
Fedora
89
security advisoryfedoraupdateFedora 41: FEDORA-2025-c53905e83d critical: rust-sev crossbeam-channel fix
This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c53905e83d 2025-06-14 01:51:14.531329+00:00 -------------------------------------------------------------------------------- Name : rust-sev Product : Fedora 41 Version : 6.1.0 Release : 2.fc41 URL : https://crates.io/crates/sev Summary : Library for AMD SEV Description : Library for AMD SEV. -------------------------------------------------------------------------------- Update Information: This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574 -------------------------------------------------------------------------------- ChangeLog: * Wed May 28 2025 Sergio Lopez - 6.1.0-2 - Drop vendored feature from openssl dep * Wed May 28 2025 Sergio Lopez - 6.1.0-1 - Update to version 6.1.0 * Sun Jan 19 2025 Fedora Release Engineering - 4.0.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c53905e83d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 14, 2025
•Critical
Fedora
89
security advisoryfedoraimportantFedora 42 FEDORA-2025-4fc3431dab important: rust-sevctl update
This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4fc3431dab 2025-06-14 01:09:53.632877+00:00 -------------------------------------------------------------------------------- Name : rust-sevctl Product : Fedora 42 Version : 0.6.2 Release : 3.fc42 URL : https://crates.io/crates/sevctl Summary : Administrative utility for AMD SEV Description : Administrative utility for AMD SEV. -------------------------------------------------------------------------------- Update Information: This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574 -------------------------------------------------------------------------------- ChangeLog: * Wed May 28 2025 Sergio Lopez - 0.6.2-3 - Regenerate with rust2rpm * Wed May 28 2025 Sergio Lopez - 0.6.2-2 - Replace supported-arches with ExclusiveArch * Wed May 28 2025 Sergio Lopez - 0.6.2-1 - Update to version 0.6.2 and switch to rust2rpm -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4fc3431dab' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 14, 2025
•Important
Fedora
89
security advisoryupdateFedoraFedora 41 rusty-idna_adapter update 2025-cd87acc644 critical: bug fixes
Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-cd87acc644 2025-04-21 16:44:59.680841+00:00 -------------------------------------------------------------------------------- Name : rust-idna_adapter Product : Fedora 41 Version : 1.2.0 Release : 1.fc41 URL : https://crates.io/crates/idna_adapter Summary : Back end adapter for idna Description : Back end adapter for idna. -------------------------------------------------------------------------------- Update Information: Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9. Update rust-zip to 2.6.1, fixing GHSA-94vh-gphv-8pm8. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2025 Benjamin A. Beasley - 1.2.0-1 - Initial package (close RHBZ#2358642) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2277901 - rust-adblock-0.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2277901 [ 2 ] Bug #2291175 - rust-idna-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2291175 [ 3 ] Bug #2323618 - rust-url-2.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2323618 [ 4 ] Bug #2324926 - rust-cookie_store-0.21.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324926 [ 5 ] Bug #2352783 -rust-zip-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2352783 [ 6 ] Bug #2358015 - Review Request: rust-write16 - UTF-16 analog of the Write trait https://bugzilla.redhat.com/show_bug.cgi?id=2358015 [ 7 ] Bug #2358018 - Review Request: rust-utf16_iter - Iterator by char over potentially-invalid UTF-16 in &[u16] https://bugzilla.redhat.com/show_bug.cgi?id=2358018 [ 8 ] Bug #2358020 - Review Request: rust-icu_locid - API for managing Unicode Language and Locale Identifiers https://bugzilla.redhat.com/show_bug.cgi?id=2358020 [ 9 ] Bug #2358105 - Review Request: rust-icu_provider_macros - Proc macros for ICU data providers https://bugzilla.redhat.com/show_bug.cgi?id=2358105 [ 10 ] Bug #2358290 - Review Request: rust-icu_provider - Trait and struct definitions for the ICU data provider https://bugzilla.redhat.com/show_bug.cgi?id=2358290 [ 11 ] Bug #2358292 - Review Request: rust-icu_locid_transform_data - Data for the icu_locid_transform crate https://bugzilla.redhat.com/show_bug.cgi?id=2358292 [ 12 ] Bug #2358507 - Review Request: rust-icu_locid_transform - API for Unicode Language and Locale Identifiers canonicalization https://bugzilla.redhat.com/show_bug.cgi?id=2358507 [ 13 ] Bug #2358521 - Review Request: rust-icu_properties_data - Data for the icu_properties crate https://bugzilla.redhat.com/show_bug.cgi?id=2358521 [ 14 ] Bug #2358522 - Review Request: rust-icu_normalizer_data - Data for the icu_normalizer crate https://bugzilla.redhat.com/show_bug.cgi?id=2358522 [ 15 ] Bug #2358527 - Review Request: rust-icu_properties - Definitions for Unicode properties https://bugzilla.redhat.com/show_bug.cgi?id=2358527 [ 16 ] Bug #2358606 - Review Request: rust-icu_normalizer - API for normalizing text into Unicode Normalization Forms https://bugzilla.redhat.com/show_bug.cgi?id=2358606 [ 17 ] Bug #2358642 - Review Request: rust-idna_adapter - Back end adapter foridna https://bugzilla.redhat.com/show_bug.cgi?id=2358642 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cd87acc644' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 21, 2025
•Critical
Fedora
89
security advisoryupdateFedoraFedora 41 Update: rust-idna 1.0.3 Critical Fix Released
Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-cd87acc644 2025-04-21 16:44:59.680841+00:00 -------------------------------------------------------------------------------- Name : rust-idna Product : Fedora 41 Version : 1.0.3 Release : 1.fc41 URL : https://crates.io/crates/idna Summary : IDNA (Internationalizing Domain Names in Applications) and Punycode Description : IDNA (Internationalizing Domain Names in Applications) and Punycode. -------------------------------------------------------------------------------- Update Information: Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9. Update rust-zip to 2.6.1, fixing GHSA-94vh-gphv-8pm8. -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 11 2025 Benjamin A. Beasley - 1.0.3-1 - Update to version 1.0.3; Fixes RHBZ#2291175 * Sun Jan 19 2025 Fedora Release Engineering - 0.5.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2277901 - rust-adblock-0.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2277901 [ 2 ] Bug #2291175 - rust-idna-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2291175 [ 3 ] Bug #2323618 - rust-url-2.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2323618 [ 4 ] Bug #2324926 - rust-cookie_store-0.21.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324926 [ 5 ] Bug #2352783 - rust-zip-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2352783 [ 6 ] Bug #2358015 - Review Request: rust-write16 - UTF-16 analog of the Write trait https://bugzilla.redhat.com/show_bug.cgi?id=2358015 [ 7 ] Bug #2358018 - Review Request: rust-utf16_iter - Iterator by char over potentially-invalid UTF-16 in &[u16] https://bugzilla.redhat.com/show_bug.cgi?id=2358018 [ 8 ] Bug #2358020 - Review Request: rust-icu_locid - API for managing Unicode Language and Locale Identifiers https://bugzilla.redhat.com/show_bug.cgi?id=2358020 [ 9 ] Bug #2358105 - Review Request: rust-icu_provider_macros - Proc macros for ICU data providers https://bugzilla.redhat.com/show_bug.cgi?id=2358105 [ 10 ] Bug #2358290 - Review Request: rust-icu_provider - Trait and struct definitions for the ICU data provider https://bugzilla.redhat.com/show_bug.cgi?id=2358290 [ 11 ] Bug #2358292 - Review Request: rust-icu_locid_transform_data - Data for the icu_locid_transform crate https://bugzilla.redhat.com/show_bug.cgi?id=2358292 [ 12 ] Bug #2358507 - Review Request: rust-icu_locid_transform - API for Unicode Language and Locale Identifiers canonicalization https://bugzilla.redhat.com/show_bug.cgi?id=2358507 [ 13 ] Bug #2358521 - Review Request: rust-icu_properties_data - Data for the icu_properties crate https://bugzilla.redhat.com/show_bug.cgi?id=2358521 [ 14 ] Bug #2358522 - Review Request: rust-icu_normalizer_data - Data for the icu_normalizer crate https://bugzilla.redhat.com/show_bug.cgi?id=2358522 [ 15 ] Bug #2358527 - Review Request: rust-icu_properties - Definitions for Unicode properties https://bugzilla.redhat.com/show_bug.cgi?id=2358527 [ 16 ] Bug #2358606 - Review Request: rust-icu_normalizer -API for normalizing text into Unicode Normalization Forms https://bugzilla.redhat.com/show_bug.cgi?id=2358606 [ 17 ] Bug #2358642 - Review Request: rust-idna_adapter - Back end adapter for idna https://bugzilla.redhat.com/show_bug.cgi?id=2358642 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cd87acc644' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 21, 2025
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!