Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasoftware update

Fedora 38: FEDORA-2023-9e5f85ad02 Moderate: Dokuwiki XSS Issue

Update to hotfix release 2023-04-04a (fixes an XSS vulnerability).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-9e5f85ad02 2023-05-24 01:16:03.410193 --------------------------------------------------------------------------------Name : dokuwiki Product : Fedora 38 Version : 20230404a Release : 1.fc38 URL : Summary : Standards compliant simple to use wiki Description : DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no database is required. --------------------------------------------------------------------------------Update Information: Update to hotfix release 2023-04-04a (fixes an XSS vulnerability). --------------------------------------------------------------------------------ChangeLog: * Mon May 15 2023 Artur Frenszek-Iwicki - 20230404a-1 - Update to version 2023-04-04a (hotfix update) --------------------------------------------------------------------------------References: [ 1 ] Bug #2208918 - dokuwiki: XSS in RSS syntax [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2208918 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9e5f85ad02' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora Security Notice for dokuwiki resolves a critical XSS vulnerability in hotfix edition 2023-04-04b. Discover more!. Fedora XSS Hotfix Dokuwiki Update. . LinuxSecurity.com Team

Calendar 2 May 24, 2023 Fedora
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderatesecurity issue

Mageia 8: 2022-0372 Moderate: Dokuwiki Cross-Site Scripting Fix

Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a. (CVE-2022-3123) References: - https://bugs.mageia.org/show_bug.cgi?id=30873 . MGASA-2022-0372 - Updated dokuwiki packages fix security vulnerability Publication date: 18 Oct 2022 URL: https://advisories.mageia.org/MGASA-2022-0372.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-3123 Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a. (CVE-2022-3123) References: - https://bugs.mageia.org/show_bug.cgi?id=30873 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/LLNV7GYZPGLIKBLISVQUREQXE3WHI5R2/ - - https://www.cve.org/CVERecord?id=CVE-2022-3123 SRPMS: - 8/core/dokuwiki-20220731-1.mga8 . Recent dokuwiki updates address crucial Cross-site Scripting vulnerabilities on Mageia since October 2022, highlighting a significant security advisory.. Mageia Security Advisory, Dokuwiki XSS Patch, Cross-Site Scripting Mageia, Vulnerability Fix Mageia 8. . LinuxSecurity.com Team

Calendar 2 Oct 18, 2022 Mageia
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 36: 2022-d048c0dde2 Moderate DokuWiki Cross-Site Scripting

Update to bugfix/security release 2022-07-29a. Includes security fix for CVE-2022-3123.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-d048c0dde2 2022-09-24 01:31:33.538964 --------------------------------------------------------------------------------Name : dokuwiki Product : Fedora 36 Version : 20200729a Release : 1.fc36 URL : Summary : Standards compliant simple to use wiki Description : DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no database is required. --------------------------------------------------------------------------------Update Information: Update to bugfix/security release 2022-07-29a. Includes security fix for CVE-2022-3123. --------------------------------------------------------------------------------ChangeLog: * Thu Sep 15 2022 Artur Frenszek-Iwicki - 20200729a-1 - Update to new bugfix/security release 2020-07-29a (fixes CVE-2022-3123) --------------------------------------------------------------------------------References: [ 1 ] Bug #2124259 - CVE-2022-3123 dokuwiki: Cross-site Scripting (XSS) - Reflected dokuwiki [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124259 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-d048c0dde2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest DokuWiki release offers a patch for CVE-2022-3123, tackling vulnerabilities related to cross-site scripting. More information available here.. DokuWiki Update, Fedora Security, Cross-Site Scripting, Bugfix Advisory, Security Release. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 23, 2022 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasoftware update

Fedora 38: FEDORA-2023-gd752fc090 Critical: mediawiki CSRF Vulnerability

Update to new stable release, v2022-07-31a "Igor". Includes security fix for CVE-2022-3123.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-fd641dbf35 2022-09-20 00:15:19.075752 --------------------------------------------------------------------------------Name : dokuwiki Product : Fedora 37 Version : 20220731a Release : 1.fc37 URL : Summary : Standards compliant simple to use wiki Description : DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It has a simple but powerful syntax which makes sure the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no database is required. --------------------------------------------------------------------------------Update Information: Update to new stable release, v2022-07-31a "Igor". Includes security fix for CVE-2022-3123. --------------------------------------------------------------------------------ChangeLog: * Thu Sep 15 2022 Artur Frenszek-Iwicki - 20220731a-1 - Update to latest upstream release (2022-07-31a "Igor") - Add minimum versions for all dependencies - Add "Provides: bundled()" for not-yet-unbundled libraries --------------------------------------------------------------------------------References: [ 1 ] Bug #2112827 - dokuwiki 2022-07-31 is available https://bugzilla.redhat.com/show_bug.cgi?id=2112827 [ 2 ] Bug #2124259 - CVE-2022-3123 dokuwiki: Cross-site Scripting (XSS) - Reflected dokuwiki [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124259 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-fd641dbf35' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 37 enhances dokuwiki by upgrading it to version 2022-07-31a, which resolves critical security vulnerabilities.. Fedora Update, Dokuwiki Security, XSS Threat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 19, 2022 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorycross-site scriptingmedium

Arch Linux: ASA-202312-27 Medium: DokuWiki Reflected XSS Vulnerability

The package dokuwiki before version 20140929_b-1 is vulnerable to cross-site scripting. . Arch Linux Security Advisory ASA-201412-19 ========================================= Severity: Medium Date : 2014-12-16 CVE-ID : CVE-2014-9253 Package : dokuwiki Type : cross-site scripting Remote : Yes Link : https://wiki.archlinux.org/title/CVE-2014 Summary ====== The package dokuwiki before version 20140929_b-1 is vulnerable to cross-site scripting. Resolution ========= Upgrade to 20140929_b-1. # pacman -Syu "dokuwiki> =20140929_b-1" The problem has been fixed upstream in version 20140929_b. Workaround ========= None. Description ========== It was discovered that dokuwiki did not sufficiently filter uploaded files. A remote attacker with upload access is able to use this flaw in order to upload SWF files leading to possible cross-site scripting. Impact ===== A remote attacker with upload access is able to craft a SWF file to perform a cross-site scripting attack. References ========= https://access.redhat.com/security/cve/CVE-2014-9253 https://seclists.org/oss-sec/2014/q4/1050 https://github.com/dokuwiki/dokuwiki/commit/778ddf . Arch Linux Security Notice ASA-202310-45: Dokuwiki cross-site scripting exploit detected and patched. Immediate upgrade needed.. Dokuwiki Security,Cross-Site Scripting Advisory,Arch Linux Update. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Dec 16, 2014 Medium ArchLinux
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalsoftware update

Debian Wheezy DSA-3059-1 Critical: Dokuwiki Access Control Flaws

Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3059-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff October 29, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dokuwiki CVE ID : CVE-2014-8761 CVE-2014-8762 CVE-2014-8763 CVE-2014-8764 Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication. For the stable distribution (wheezy), these problems have been fixed in version 0.0.20120125b-2+deb7u1. For the unstable distribution (sid), these problems have been fixed in version 0.0.20140929.a-1. We recommend that you upgrade your dokuwiki packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Security flaws resolved in dokuwiki for Debian, focusing on access permissions and LDAP authentication concerns. Upgrade suggested.. dokuwiki Security, Debian Update, Access Control Risk, LDAP Authentication Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 29, 2014 Critical Debian
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote issue

Debian DSA-2320-1: Fix for Dokuwiki External Link Regression

The dokuwiki update included in Debian Lenny 5.0.9 to address a cross site scripting issue (CVE-2011-2510) had a regression rendering links to external websites broken. This update corrects that regression. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-2320-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Thijs Kinkhorst October 8, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dokuwiki Vulnerability : regression fix Problem type : remote Debian-specific: no CVE ID : CVE-2011-2510 Debian Bug : 644145 The dokuwiki update included in Debian Lenny 5.0.9 to address a cross site scripting issue (CVE-2011-2510) had a regression rendering links to external websites broken. This update corrects that regression. For the oldstable distribution (lenny), this problem has been fixed in version 0.0.20080505-4+lenny4. We recommend that you upgrade your dokuwiki packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-2321-2 addresses a vulnerability in apache2 related to cookie handling. Update advised.. Dokuwiki Update, Debian Lenny, Cross Site Scripting Fix, Security Patch. . Severity: Informational. LinuxSecurity.com Team

Calendar 2 Oct 08, 2011 Informational Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatedebian

Debian: DSA-1976-1 Moderate: Dokuwiki Remote Access and CSRF

Several vulnerabilities have been discovered in dokuwiki, a standards compliant simple to use wiki. The Common Vulnerabilities and Exposures project identifies the . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1976-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Giuseppe Iuculano January 22, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : dokuwiki Vulnerability : several vulnerabilities Problem type : remote Debian-specific: no Debian bugs : 565406 CVE Ids : CVE-2010-0287 CVE-2010-0288 CVE-2010-0289 Several vulnerabilities have been discovered in dokuwiki, a standards compliant simple to use wiki. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0287 It was discovered that an internal variable is not properly sanitized before being used to list directories. This can be exploited to list contents of arbitrary directories. CVE-2010-0288 It was discovered that the ACL Manager plugin doesn't properly check the administrator permissions. This allow an attacker to introduce arbitrary ACL rules and thus gaining access to a closed Wiki. CVE-2010-0289 It was discovered that the ACL Manager plugin doesn't have protections against cross-site request forgeries (CSRF). This can be exploited to change the access control rules by tricking a logged in administrator into visiting a malicious web site. The oldstable distribution (etch) is not affected by these problems. For the stable distribution (lenny), these problems have been fixed in version 0.0.20080505-4+lenny1. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 0.0.20090214b-3.1. We recommend that you upgrade your dokuwiki package. Upgrade instructions --------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 1104 87bff5f8b651532561c5c6b0454ef37a Size/MD5 checksum: 1430707 1a70a2ab847b704b629cbbe212ce9a00 Size/MD5 checksum: 34110 0dc35149b193e911eec750841a139506 Architecture independent packages: Size/MD5 checksum: 1481684 605eb57368b9eec17cb48b6cbdcf1d0b These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . The Fedora advisory FSA-2031 addresses multiple vulnerabilities in the software package allowing users to implement necessary updates for improved protection.. Dokuwiki Update, Access Control Issues, CSRF Security, Debian Advisory. . LinuxSecurity.com Team

Calendar 2 Jan 22, 2010 Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here