Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEremote access

SUSE: nvidia-open-driver Important Update for Multiple Issues 2025:02575-2

* bsc#1234675 * bsc#1235461 * bsc#1235871 Cross-References: . # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:02575-2 Release Date: 2025-08-04T13:08:24Z Rating: important References: * bsc#1234675 * bsc#1235461 * bsc#1235871 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0149 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: This update was retracted to fixdependency issues. * Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2575=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2575=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2575=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2575=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2575=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2575=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2575=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2575=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2575=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2575=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2575=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2575=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 *nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 *nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * Public Cloud Module 15-SP4 (x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-560.35.03_k5.14.21_150400.14.75-150400.9.74.1 * nvidia-open-driver-G06-signed-azure-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.127.05_k5.14.21_150400.14.75-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-azure-550.127.05_k5.14.21_150400.14.75-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-azure-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-560.35.03_k5.14.21_150400.14.75-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) *nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-64kb-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-64kb-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * SUSE LinuxEnterprise Server 15 SP4 LTSS (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-64kb-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * SUSE Manager Proxy 4.3 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 *nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Manager Server 4.3 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 *nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1234675 * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 . A new patch addresses key vulnerabilities in the nvidia-open-driver, essential for SUSE customers. Urgent deployment advised.. nvidia-open-driver,SUSE,security updates,important patches. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 04, 2025 Important SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiandriver security

Debian: DSA-4687-1 Critical: Exim4 Authentication Bypass

It was discovered that exim4, a mail transport agent, suffers from a authentication bypass vulnerability in the spa authentication driver. The spa authentication driver is not enabled by default. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4687-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Florian Weimer May 16, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2020-12783 It was discovered that exim4, a mail transport agent, suffers from a authentication bypass vulnerability in the spa authentication driver. The spa authentication driver is not enabled by default. For the oldstable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u7. For the stable distribution (buster), this problem has been fixed in version 4.92-8+deb10u4. We recommend that you upgrade your exim4 packages. For the detailed security status of exim4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/exim4 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A postfix upgrade fixes a critical vulnerability in user access control, bolstering email delivery safety.. exim4 update, authentication bypass, debian security, mail transport security, update instructions. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 16, 2020 Critical Debian
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

SUSE 10.1: 2007-019 Moderate: Kernel Denial of Service Alert

A kernel update has been released to fix the following security problems: A kernel update has been released to fix the following security problems: - CVE-2006-2936: The ftdi_sio driver allowed local users to cause a denialof service (memory consumption) by writing more data tothe serial port than the hardware can handle, which causesthe data to be queued. This requires this driver to beloaded, wh [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel-bigsmp Announcement ID: SUSE-SA:2007:018 Date: Tue, 27 Feb 2007 14:00:00 +0000 Affected Products: SUSE LINUX 10.1 SUSE SLED 10 SUSE SLE 10 DEBUGINFO SUSE SLES 10 Vulnerability Type: remote denial of service Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-2936, CVE-2006-4814, CVE-2006-5749 CVE-2006-5753, CVE-2006-6106, CVE-2007-0772 Content of This Advisory: 1) Security Vulnerability Resolved: kernel security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion A kernel update has been released to fix the following security problems: - CVE-2006-2936: The ftdi_sio driver allowed local users to cause a denial of service (memory consumption) by writing more data to theserial port than the hardware can handle, which causes the data to be queued. This requires this driver to be loaded, which only happens if such a device is plugged in. - CVE-2006-4814: A deadlock in mincore that could be caused by local attackers was fixed. - CVE-2006-6106: Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel allowed remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field. - CVE-2006-5749: The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux kernel does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. - CVE-2006-5753: Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges. - CVE-2007-0772: A remote denial of service problem on NFSv2 mounts with ACL enabled was fixed. and various non security bugs. This update only covers SUSE Linux Enterprise 10 and SUSE Linux 10.1. The above listed problems also affect other kernels, for which updates will be published. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes None. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU)tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply the update, replacing with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: e8b387eecd54b875c1071fc924f4f2b4 001254c312faec605b5eaf0f5682a280 6eaecfb75cfab350ff1f4b965d08948b 46ba9fd7be425f3db58daac13ddcfe1b c9fb15081967d858ad7b29ead84a1259 47dd412f9add6ec37697347266724dab 05fdd39d25567fdc05b70d9176d2542c 1a068a49ecd18a073301216a5952a8a7 6ff11d2cc96dc3294189877419cf86e4 a5527c57faded347005b60c9681be126 54266b9c20d734c8aad15003dba12eb1 9804a7f76037c8db855b77141252aeec a363de03cb38de046cf5d6a76f13a1cb 3ef0734f0ae0bbcb723a7b78701fa42a e5febb721512dad8f25bfe9343154b99 Power PC Platform: SUSE LINUX 10.1: bffed3ad3f3510a833985fe5c7f943c1 44050e412ee8ac6bfe124bcb1804c3fc 6c74ba711d9c11436b20b932723aff6b 8f491b0fbf372b38883013cb336526e0 c7fc5634e2e74f5d263ab317c494ce2c ca22718fdbb03666b86200fa4bf8827d 8eed776dd3ad2222675925cdcc489a8c 16fc2022787b0c6c4e683b851375ce7a 010256c84bd145fa9ffacb313cb08934 09b5b91d25edb12c5ca941257fd51c5a x86-64 Platform: SUSE LINUX 10.1: 8d959b18857fc50c549939a1be7724ba 54fae8532c291f373f6f23d08f3b20bc a9d9c3e6213f06230fe7cbb2e2a1a16a 23c385bb7f183d938faf5792cafa6098 acfb4766596756d2402711056caa4c8d c7caaf1a1d2bd2691215a74541cb63de b91eb4928f6b137344bb8276f480d8f9 211671c57618d29c2cb684e209375b69 e57c6fc9dfb9716c732ee7414b3f4d34 8641961daf3b7bbafb140a63c8004d65 d956cb94731fe3aa3055c08248784921 290ccf945f68f274eb1d346ad54f22ad Sources: SUSE LINUX 10.1: 42819b35570ec966f4899bf074494ba1 9efb9aca7660d69d021dd6cf591e279a 6f3302e4c5ba828eab6a01713fff1901 72e5ee51ff22fac8d4a56034dc5726e0 95a5532d49a13f2f4d080618eafa5abb b67adf4fdf41dd4afc324758eb81b643 5dfce38d6737c14879439cca7c615ec0 eda39963f17d3334ba75abe2cd41e71a 87d2443ec4e18d188963e5d5ac8bb41c 7544736387458c7eadfae00f70cd7642 c9db84dd6382927b79a5f6594e84895f b60d4f1da62f64f5e982a64bd7bdcd5b eb6c84b6338d297ff625fd9eb220e0d7 58a2d662fe0906295b90d6bef6d4e760 18bb0bd55194f2e50b60e9998eeaef0b 64b5b42d879d4669c9f42eb576aa63fe 6fe2ea0869a47c552dc66378555adf99 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE SLED 10 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html SUSE SLE 10 DEBUGINFO for IBM zSeries 64bit http://support.novell.com/techcenter/psdb/6b9ee4fae636f4681a5d171bade9e2b6.html SUSE SLE 10 DEBUGINFO for IBM POWER http://support.novell.com/techcenter/psdb/1fc9802c03b4f29a29158627871433df.html SUSE SLE 10 DEBUGINFO for IPF http://support.novell.com/techcenter/psdb/84b59ac1863082bf630b430a98ccb5ca.html SUSE SLES 10 http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html http://support.novell.com/techcenter/psdb/6b9ee4fae636f4681a5d171bade9e2b6.html http://support.novell.com/techcenter/psdb/1fc9802c03b4f29a29158627871433df.html http://support.novell.com/techcenter/psdb/84b59ac1863082bf630b430a98ccb5ca.html http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html SUSE SLE 10 DEBUGINFO http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html http://support.novell.com/techcenter/psdb/1fc9802c03b4f29a29158627871433df.html http://support.novell.com/techcenter/psdb/84b59ac1863082bf630b430a98ccb5ca.html http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html SUSE SLED 10 http://support.novell.com/techcenter/psdb/07f0172bd1d7fcba7b4b05eb27a13a69.html http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html SUSE SLED 10 for x86 http://support.novell.com/techcenter/psdb/7a120195d0f5166ddeb25518b0ee41d0.html ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Packageauthenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from This email address is being protected from spambots. You need JavaScript enabled to view it. with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by This email address is being protected from spambots. You need JavaScript enabled to view it.), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSEruns two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to . ==================================================================== SUSE's security contact is or . The public key is listed below. ==================================================================== . The latest SUSE kernel update resolves multiple security issues, including risks like denial of service and buffer overflow vulnerabilities. Upgrade promptly.. SUSE Kernel Security, Remote Denial of Service, Kernel Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 27, 2007 Important SuSE
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatsoftware update

Red Hat Linux 6.0 RHSA-1999:035-02 Moderate: XFree86 Security Fix

New XFree86 packages are available for Red Hat Linux 4.2, 5.2, and 6.0 on all architectures. The XFree86 3.3.5 release fixes a number of newly discovered security problems and provides new drivers, as well as fixing a large number of outstanding bugs. . Red Hat, Inc. Security Advisory Package XFree86 Synopsis XFree86 3.3.5 packages available Advisory ID RHSA-1999:035-02 Issue Date 1999-09-07 Updated on 1999-09-16 Keywords xfree86 xterm xdm xinit xfs xinitrc xkb Revision History: 1999-09-16: fixed permission problems for 4.x/5.x packages reverted MediaGX driver to 3.3.3.1 version trident and SiS driver fixes 1. Topic: New XFree86 packages are available for Red Hat Linux 4.2, 5.2, and 6.0 on all architectures. The XFree86 3.3.5 release fixes a number of newly discovered security problems and provides new drivers, as well as fixing a large number of outstanding bugs. 2. Bug IDs fixed: 1141 1456 2446 2741 2772 2793 2985 3142 3198 3619 3678 3706 3734 3743 3753 3828 3895 3964 4087 4090 4353 4553 4672 4681 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required: Intel: XFree86-100dpi-fonts-3.3.5-1.6.0.i386.rpm XFree86-3.3.5-1.6.0.i386.rpm XFree86-3DLabs-3.3.5-1.6.0.i386.rpm XFree86-75dpi-fonts-3.3.5-1.6.0.i386.rpm XFree86-8514-3.3.5-1.6.0.i386.rpm XFree86-AGX-3.3.5-1.6.0.i386.rpm XFree86-FBDev-3.3.5-1.6.0.i386.rpm XFree86-I128-3.3.5-1.6.0.i386.rpm XFree86-Mach32-3.3.5-1.6.0.i386.rpm XFree86-Mach64-3.3.5-1.6.0.i386.rpm XFree86-Mach8-3.3.5-1.6.0.i386.rpm XFree86-Mono-3.3.5-1.6.0.i386.rpm XFree86-P9000-3.3.5-1.6.0.i386.rpm XFree86-S3-3.3.5-1.6.0.i386.rpm XFree86-S3V-3.3.5-1.6.0.i386.rpm XFree86-SVGA-3.3.5-1.6.0.i386.rpm XFree86-VGA16-3.3.5-1.6.0.i386.rpm XFree86-W32-3.3.5-1.6.0.i386.rpm XFree86-XF86Setup-3.3.5-1.6.0.i386.rpm XFree86-Xnest-3.3.5-1.6.0.i386.rpm XFree86-Xvfb-3.3.5-1.6.0.i386.rpm XFree86-cyrillic-fonts-3.3.5-1.6.0.i386.rpm XFree86-devel-3.3.5-1.6.0.i386.rpm XFree86-doc-3.3.5-1.6.0.i386.rpm XFree86-libs-3.3.5-1.6.0.i386.rpm XFree86-xfs-3.3.5-1.6.0.i386.rpm Alpha: XFree86-100dpi-fonts-3.3.5-1.6.0.alpha.rpm XFree86-3.3.5-1.6.0.alpha.rpm XFree86-75dpi-fonts-3.3.5-1.6.0.alpha.rpm XFree86-3DLabs-3.3.5-1.6.0.alpha.rpm XFree86-FBDev-3.3.5-1.6.0.alpha.rpm XFree86-Mach64-3.3.5-1.6.0.alpha.rpm XFree86-Mono-3.3.5-1.6.0.alpha.rpm XFree86-P9000-3.3.5-1.6.0.alpha.rpm XFree86-S3-3.3.5-1.6.0.alpha.rpm XFree86-S3V-3.3.5-1.6.0.alpha.rpm XFree86-SVGA-3.3.5-1.6.0.alpha.rpm XFree86-TGA-3.3.5-1.6.0.alpha.rpm XFree86-Xnest-3.3.5-1.6.0.alpha.rpm XFree86-Xvfb-3.3.5-1.6.0.alpha.rpm XFree86-cyrillic-fonts-3.3.5-1.6.0.alpha.rpm XFree86-devel-3.3.5-1.6.0.alpha.rpm XFree86-doc-3.3.5-1.6.0.alpha.rpm XFree86-libs-3.3.5-1.6.0.alpha.rpm XFree86-xfs-3.3.5-1.6.0.alpha.rpm SPARC: XFree86-100dpi-fonts-3.3.5-1.6.0.sparc.rpm XFree86-3.3.5-1.6.0.sparc.rpm XFree86-75dpi-fonts-3.3.5-1.6.0.sparc.rpm XFree86-Mach64-3.3.5-1.6.0.sparc.rpm XFree86-Sun-3.3.5-1.6.0.sparc.rpm XFree86-Sun24-3.3.5-1.6.0.sparc.rpm XFree86-SunMono-3.3.5-1.6.0.sparc.rpm XFree86-VGA16-3.3.5-1.6.0.sparc.rpm XFree86-Xnest-3.3.5-1.6.0.sparc.rpm XFree86-Xvfb-3.3.5-1.6.0.sparc.rpm XFree86-cyrillic-fonts-3.3.5-1.6.0.sparc.rpm XFree86-devel-3.3.5-1.6.0.sparc.rpm XFree86-doc-3.3.5-1.6.0.sparc.rpm XFree86-libs-3.3.5-1.6.0.sparc.rpm XFree86-xfs-3.3.5-1.6.0.sparc.rpm Source: XFree86-3.3.5-1.6.0.src.rpm Architecture neutral: 7. Problem description: XFree86 3.3.5 has become available, which features a large number of bug fixes, a greater number of supported video cards, and security improvements. Thanks go to Branden Robinson for discovering apossible symlink attack in the xkb extension initialization at server startup time. A short summary of improvements in XFree86 3.3.4/3.3.5: Support for S3 Savage4 and Savage3D on x86; Support for S3 Trio3D/2X; Mach64 server bugfixes; PS/2 Mouse problem fixes; Rendition server fixes; Intel i740 support (donated by Precision Insight); SiS 530 and SiS 620 support; 3Dfx Voodoo Banshee and Voodoo3 support; Trident Blade3D, CyberBlade and Cyber9525 support; S3 Trio3D support; Matrox G400 support; NVIDIA Riva TNT2 support and better acceleration for all Riva chipsets (donated by NVIDIA); Rewritten Cyrix MediaGX support (donated by Cyrix); Updates and new hardware support (Acecad flair, Calcomp DrawingBoard) for xinput extension; Bug fixed for cards with S3 Aurora64V+ (M65) chip (VGA output should now work). (1999-09-16) The MediaGX driver included in the 3.3.4 and 3.3.5 XFree86 releases is highly buggy. For this reason, we have reverted to the driver included in XFree86 3.3.3.1. Patches have also been applied to correct problems with some Trident cards and with SiS 6326 cards. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. In some circumstances, you may be required to add --force and/or --nodeps to the rpm command line options to insure a proper upgrade. Add these options if the command line given gives an error. You should upgrade at least the core XFree86 package, the font server (xfs) package, the libraries, and the server for your video card. If you download all of the XFree86 updates into a directory and then execute the command: rpm -UvhF *.rpm only the RPMs that you already have installed will be upgraded. More detailed instructions on installing XFree86 are available from: 9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- These packages are also PGP signed by RedHat Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp filename 10. References: News about the 3.3.5 release: http://www.xfree86.org/#news Release notes for 3.3.5 and 3.3.4: . XFree86 4.0.1 updates address vulnerabilities in SuSE Linux 5.3, 6.1, and 6.2 for all system architectures.. XFree86 Update, Red Hat Security, XFree86 Packages, XFree86 Drivers. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 07, 1999 Important Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here