Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorybuffer overflowimportant

Rocky Linux 8 RLSA-2026-3522 Critical Alert for Chrome Buffer Overflow

Important: thunderbird security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3515", "synopsis": "Important: thunderbird security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for thunderbird.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)\n\n* firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)\n\n* firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2793)\n\n* firefox: Undefined behavior in the DOM: Core & HTML component (CVE-2026-2771)\n\n* firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)\n\n* firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software (CVE-2026-2776)\n\n* firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)\n\n* firefox: Use-after-free in the JavaScript Engine: JIT component (CVE-2026-2766)\n\n* firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)\n\n* firefox: Use-after-free in the DOM: Window and Location component (CVE-2026-2787)\n\n* firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)\n\n* firefox: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-2783)\n\n* firefox: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-2788)\n\n* firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)\n\n* firefox: Incorrect boundary conditions in the Graphics: ImageLib component (CVE-2026-2759)\n\n* firefox: Integer overflow in the JavaScript: Standard Library component (CVE-2026-2762)\n\n* firefox: Sandbox escapein the Graphics: WebRender component (CVE-2026-2761)\n\n* firefox: Privilege escalation in the Messaging System component (CVE-2026-2777)\n\n* firefox: Same-origin policy bypass in the Networking: JAR component (CVE-2026-2790)\n\n* firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)\n\n* firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)\n\n* firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2792)\n\n* firefox: Incorrect boundary conditions in the Web Audio component (CVE-2026-2773)\n\n* firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)\n\n* firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)\n\n* firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component (CVE-2026-2757)\n\n* firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component (CVE-2026-2760)\n\n* firefox: Use-after-free in the Audio/Video: Playback component (CVE-2026-2772)\n\n* firefox: Incorrect boundary conditions in the Networking: JAR component (CVE-2026-2779)\n\n* firefox: Use-after-free in the JavaScript: WebAssembly component (CVE-2026-2767)\n\n* firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component (CVE-2026-2764)\n\n* firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)\n\n* firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)\n\n* firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)\n\n* firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component (CVE-2026-2778)\n\n* firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)\n\n* firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)\n\n* firefox: Use-after-free in the DOM: Bindings (WebIDL) component (CVE-2026-2770)\n\nFor more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2440219", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219", "description": ""}, {"ticket": "2442284", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442284", "description": ""}, {"ticket": "2442287", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442287", "description": ""}, {"ticket": "2442288", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442288", "description": ""}, {"ticket": "2442290", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442290", "description": ""}, {"ticket": "2442291", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442291", "description": ""}, {"ticket": "2442292", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442292", "description": ""}, {"ticket": "2442294", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442294", "description": ""}, {"ticket": "2442295", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442295", "description": ""}, {"ticket": "2442297", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442297", "description": ""}, {"ticket": "2442298", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442298", "description": ""}, {"ticket": "2442300", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442300", "description": ""}, {"ticket": "2442302", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442302", "description": ""}, {"ticket": "2442304", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442304","description": ""}, {"ticket": "2442307", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442307", "description": ""}, {"ticket": "2442308", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442308", "description": ""}, {"ticket": "2442309", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442309", "description": ""}, {"ticket": "2442312", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442312", "description": ""}, {"ticket": "2442313", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442313", "description": ""}, {"ticket": "2442314", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442314", "description": ""}, {"ticket": "2442316", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442316", "description": ""}, {"ticket": "2442318", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442318", "description": ""}, {"ticket": "2442319", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442319", "description": ""}, {"ticket": "2442320", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442320", "description": ""}, {"ticket": "2442322", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442322", "description": ""}, {"ticket": "2442324", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442324", "description": ""}, {"ticket": "2442325", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442325", "description": ""}, {"ticket": "2442326", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442326", "description": ""}, {"ticket": "2442327", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442327", "description": ""}, {"ticket":"2442328", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442328", "description": ""}, {"ticket": "2442329", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442329", "description": ""}, {"ticket": "2442331", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442331", "description": ""}, {"ticket": "2442333", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442333", "description": ""}, {"ticket": "2442334", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442334", "description": ""}, {"ticket": "2442335", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442335", "description": ""}, {"ticket": "2442337", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442337", "description": ""}, {"ticket": "2442342", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442342", "description": ""}, {"ticket": "2442343", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442343", "description": ""}], "cves": [{"name": "CVE-2026-2447", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2757", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "cvss3BaseScore": "7.1", "cwe": null}, {"name": "CVE-2026-2758", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2759", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2760", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2761", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2762", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2763", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2764", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2765", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2766", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2767", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2768", "sourceBy": "MITRE", "sourceLink":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2769", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2770", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2771", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2772", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2773", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2774", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2775", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2776", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null},{"name": "CVE-2026-2777", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2778", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2779", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2780", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2781", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2782", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2783", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2784", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2785", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2786", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2787", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2788", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2789", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-2790", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "cvss3BaseScore": "3.4", "cwe": null}, {"name": "CVE-2026-2791", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "cvss3BaseScore": "3.4", "cwe": null}, {"name": "CVE-2026-2792", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-2793", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}], "references": [], "publishedAt": "2026-03-03T09:06:42.551564Z", "rpms": {"Rocky Linux8": {"nvras": ["thunderbird-0:140.8.0-1.el8_10.aarch64.rpm", "thunderbird-0:140.8.0-1.el8_10.src.rpm", "thunderbird-0:140.8.0-1.el8_10.x86_64.rpm", "thunderbird-debuginfo-0:140.8.0-1.el8_10.aarch64.rpm", "thunderbird-debuginfo-0:140.8.0-1.el8_10.x86_64.rpm", "thunderbird-debugsource-0:140.8.0-1.el8_10.aarch64.rpm", "thunderbird-debugsource-0:140.8.0-1.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Thunderbird security update for Rocky Linux addresses critical issues including heap buffer overflow and more. Stay protected!. Thunderbird Update, Rocky Linux Security, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 03, 2026 Important Rocky Linux
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateXSS

Mageia 7: MGASA-2021-0010 Moderate: SquirrelMail XSS Attack Risk

XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element (). . MGASA-2021-0010 - Updated squirrelmail packages fix security vulnerabilities Publication date: 08 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0010.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-12970 XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element (). An unsafe use of unserialize() in compose.php has also been fixed. References: - https://bugs.mageia.org/show_bug.cgi?id=27821 - https://www.openwall.com/lists/oss-security/2020/06/20/1 - https://ubuntu.com/security/notices/USN-4669-1 - https://www.cve.org/CVERecord?id=CVE-2019-12970 SRPMS: - 7/core/squirrelmail-1.4.23-0.svn20201220_0200.1.mga7 . Vulnerable code execution in SquirrelMail caused by input validation error. Patch available to address discovered security vulnerabilities promptly.. SquirrelMail Security,Mageia XSS,Mageia Security Patch,SquirrelMail Update,XSS Attack Prevention. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 08, 2021 Important Mageia
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issueFedora

Fedora 31: FEDORA-2020-95f2c5cc25 Critical: Geary TLS Certificate Handling

Add patch for CVE-2020-24661: Handling of pinned, invalid TLS certificates.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-95f2c5cc25 2020-09-08 15:13:30.490624 --------------------------------------------------------------------------------Name : geary Product : Fedora 31 Version : 3.34.2 Release : 2.fc31 URL : https://wiki.gnome.org/Apps/Geary Summary : A lightweight email program designed around conversations Description : Geary is a new email reader for GNOME designed to let you read your email quickly and effortlessly. Its interface is based on conversations, so you can easily read an entire discussion without having to click from message to message. Geary is still in early development and has limited features today, but we're planning to add drag-and-drop attachments, lightning-fast searching, multiple account support and much more. Eventually we'd like Geary to have an extensible plugin architecture so that developers will be able to add all kinds of nifty features in a modular way. --------------------------------------------------------------------------------Update Information: Add patch for CVE-2020-24661: Handling of pinned, invalid TLS certificates. --------------------------------------------------------------------------------ChangeLog: * Sat Aug 29 2020 Thomas Moschny - 3.34.2-2 - Add patch for CVE-2020-24661. --------------------------------------------------------------------------------References: [ 1 ] Bug #1872970 - CVE-2020-24661 geary: mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1872970 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-95f2c5cc25' at the command line. For moreinformation, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest Geary release for Fedora 31 enhances the management of invalid TLS certificates, boosting security for its users.. Geary Email Patch,Fedora 31 Update,TLS Security Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 08, 2020 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

Red Hat Enterprise Linux 8 RHSA-2020:1600-01 Moderate: Evolution Email Fix

An update for evolution, evolution-data-server, and evolution-ews is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: evolution security and bug fix update Advisory ID: RHSA-2020:1600-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1600 Issue date: 2020-04-28 CVE Names: CVE-2018-15587 ==================================================================== 1. Summary: An update for evolution, evolution-data-server, and evolution-ews is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, x86_64 3. Description: Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. Security Fix(es): * evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages (CVE-2018-15587) For more details about the security issue(s), including the impact, a CVSS score,acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Evolution must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1677650 - CVE-2018-15587 evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages 1741091 - Birthday date of Contact depends on system timezone 1753220 - GalA11yETableItem: Incorrect implementation of AtkObjectClass::ref_child() 1764818 - Sync CategoryList with mail Labels 1765005 - Reject creating meetings organized by other users1778799 - New Mail account wizard ignores email address change 1788478 - EDBusServer: Delay new module load 1791547 - [abrt] [faf] test-cal-meta-backend cannot run without installed Evolution 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: evolution-3.28.5-12.el8.src.rpm evolution-data-server-3.28.5-13.el8.src.rpm evolution-ews-3.28.5-9.el8.src.rpm aarch64: evolution-3.28.5-12.el8.aarch64.rpm evolution-bogofilter-3.28.5-12.el8.aarch64.rpm evolution-bogofilter-debuginfo-3.28.5-12.el8.aarch64.rpm evolution-data-server-3.28.5-13.el8.aarch64.rpm evolution-data-server-debuginfo-3.28.5-13.el8.aarch64.rpm evolution-data-server-debugsource-3.28.5-13.el8.aarch64.rpm evolution-data-server-devel-3.28.5-13.el8.aarch64.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.aarch64.rpm evolution-debuginfo-3.28.5-12.el8.aarch64.rpm evolution-debugsource-3.28.5-12.el8.aarch64.rpm evolution-ews-3.28.5-9.el8.aarch64.rpm evolution-ews-debuginfo-3.28.5-9.el8.aarch64.rpm evolution-ews-debugsource-3.28.5-9.el8.aarch64.rpm evolution-pst-3.28.5-12.el8.aarch64.rpm evolution-pst-debuginfo-3.28.5-12.el8.aarch64.rpm evolution-spamassassin-3.28.5-12.el8.aarch64.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.aarch64.rpm noarch: evolution-data-server-langpacks-3.28.5-13.el8.noarch.rpm evolution-ews-langpacks-3.28.5-9.el8.noarch.rpm evolution-help-3.28.5-12.el8.noarch.rpm evolution-langpacks-3.28.5-12.el8.noarch.rpm ppc64le: evolution-3.28.5-12.el8.ppc64le.rpm evolution-bogofilter-3.28.5-12.el8.ppc64le.rpm evolution-bogofilter-debuginfo-3.28.5-12.el8.ppc64le.rpm evolution-data-server-3.28.5-13.el8.ppc64le.rpm evolution-data-server-debuginfo-3.28.5-13.el8.ppc64le.rpm evolution-data-server-debugsource-3.28.5-13.el8.ppc64le.rpm evolution-data-server-devel-3.28.5-13.el8.ppc64le.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.ppc64le.rpm evolution-debuginfo-3.28.5-12.el8.ppc64le.rpm evolution-debugsource-3.28.5-12.el8.ppc64le.rpm evolution-ews-3.28.5-9.el8.ppc64le.rpm evolution-ews-debuginfo-3.28.5-9.el8.ppc64le.rpm evolution-ews-debugsource-3.28.5-9.el8.ppc64le.rpm evolution-pst-3.28.5-12.el8.ppc64le.rpm evolution-pst-debuginfo-3.28.5-12.el8.ppc64le.rpm evolution-spamassassin-3.28.5-12.el8.ppc64le.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.ppc64le.rpm x86_64: evolution-3.28.5-12.el8.x86_64.rpm evolution-bogofilter-3.28.5-12.el8.x86_64.rpm evolution-bogofilter-debuginfo-3.28.5-12.el8.x86_64.rpm evolution-data-server-3.28.5-13.el8.i686.rpm evolution-data-server-3.28.5-13.el8.x86_64.rpm evolution-data-server-debuginfo-3.28.5-13.el8.i686.rpm evolution-data-server-debuginfo-3.28.5-13.el8.x86_64.rpm evolution-data-server-debugsource-3.28.5-13.el8.i686.rpm evolution-data-server-debugsource-3.28.5-13.el8.x86_64.rpm evolution-data-server-devel-3.28.5-13.el8.i686.rpm evolution-data-server-devel-3.28.5-13.el8.x86_64.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.i686.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.x86_64.rpm evolution-debuginfo-3.28.5-12.el8.x86_64.rpm evolution-debugsource-3.28.5-12.el8.x86_64.rpm evolution-ews-3.28.5-9.el8.x86_64.rpm evolution-ews-debuginfo-3.28.5-9.el8.x86_64.rpm evolution-ews-debugsource-3.28.5-9.el8.x86_64.rpm evolution-pst-3.28.5-12.el8.x86_64.rpm evolution-pst-debuginfo-3.28.5-12.el8.x86_64.rpm evolution-spamassassin-3.28.5-12.el8.x86_64.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v.8): aarch64: evolution-bogofilter-debuginfo-3.28.5-12.el8.aarch64.rpm evolution-data-server-debuginfo-3.28.5-13.el8.aarch64.rpm evolution-data-server-debugsource-3.28.5-13.el8.aarch64.rpm evolution-data-server-perl-3.28.5-13.el8.aarch64.rpm evolution-data-server-tests-3.28.5-13.el8.aarch64.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.aarch64.rpm evolution-debuginfo-3.28.5-12.el8.aarch64.rpm evolution-debugsource-3.28.5-12.el8.aarch64.rpm evolution-devel-3.28.5-12.el8.aarch64.rpm evolution-pst-debuginfo-3.28.5-12.el8.aarch64.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.aarch64.rpm noarch: evolution-data-server-doc-3.28.5-13.el8.noarch.rpm ppc64le: evolution-bogofilter-debuginfo-3.28.5-12.el8.ppc64le.rpm evolution-data-server-debuginfo-3.28.5-13.el8.ppc64le.rpm evolution-data-server-debugsource-3.28.5-13.el8.ppc64le.rpm evolution-data-server-perl-3.28.5-13.el8.ppc64le.rpm evolution-data-server-tests-3.28.5-13.el8.ppc64le.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.ppc64le.rpm evolution-debuginfo-3.28.5-12.el8.ppc64le.rpm evolution-debugsource-3.28.5-12.el8.ppc64le.rpm evolution-devel-3.28.5-12.el8.ppc64le.rpm evolution-pst-debuginfo-3.28.5-12.el8.ppc64le.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.ppc64le.rpm x86_64: evolution-bogofilter-debuginfo-3.28.5-12.el8.i686.rpm evolution-bogofilter-debuginfo-3.28.5-12.el8.x86_64.rpm evolution-data-server-debuginfo-3.28.5-13.el8.i686.rpm evolution-data-server-debuginfo-3.28.5-13.el8.x86_64.rpm evolution-data-server-debugsource-3.28.5-13.el8.i686.rpm evolution-data-server-debugsource-3.28.5-13.el8.x86_64.rpm evolution-data-server-perl-3.28.5-13.el8.x86_64.rpm evolution-data-server-tests-3.28.5-13.el8.i686.rpm evolution-data-server-tests-3.28.5-13.el8.x86_64.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.i686.rpm evolution-data-server-tests-debuginfo-3.28.5-13.el8.x86_64.rpm evolution-debuginfo-3.28.5-12.el8.i686.rpm evolution-debuginfo-3.28.5-12.el8.x86_64.rpm evolution-debugsource-3.28.5-12.el8.i686.rpm evolution-debugsource-3.28.5-12.el8.x86_64.rpm evolution-devel-3.28.5-12.el8.i686.rpm evolution-devel-3.28.5-12.el8.x86_64.rpm evolution-pst-debuginfo-3.28.5-12.el8.i686.rpm evolution-pst-debuginfo-3.28.5-12.el8.x86_64.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.i686.rpm evolution-spamassassin-debuginfo-3.28.5-12.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-15587 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXqhVwNzjgjWX9erEAQg8KQ/8CaKBjvP7IZxCLeDSOA7PHBylbD4zBe/l G671d7eKBUBXmZnws9gN44ccXdMmnYrUOvrJs+NteVzuew4b6DGWl+Qw/J1luvni GuTUgSnxsH0uLeBhdejpLM6okSZwQEl7UEp5zrTux0U/p0+KYxbpDI2F8Hb2ImCk jVwiwoVP4YrxFAM4QmXcRcdIX9n3yV7I/ck54LAlAOhbsvhhOJZVFNFvLpcZxT5R qNrVBs78nsEFQoWeDOXr+/tdlUMB7uZBIJ2Bld5njmUmVhbdw/DqpvmL+rLJq02k NuN8d6CtAkMZ9xh6pJCDboCyAQNv4+B7WqU4uW7vN9S8j57kLXgCXx5NTolBdZDc nSxCd3uXw7wnkCqvKwz5D4ybMre1KIULY5z/uT/lzgw7yzhjP2zdH3Y/3+NnSae0 Jem4KMQ864kiAJMliL3Vdh/5SD6gKr0cV1mPOF4yu5vB5hJFGUfd6LeBcyfBetSQ 86sI96p/b4+/FI6tAfuh7k3HskapFpqLJOHqjvrSQHTIlzjF7PIHJJAxXOnHdxHH yZ1yG3+G8IIV7KQnIdVUMph8mPjqcwRfxTvZaxMaH0om0hv80Zc2kT1SlAxfEBtR /ZHgC/IYm6wVQqZzHB7DG+iXCLE569/5VXZCCLQ0J0S/0cSd9A6RFF9pQaV4MENu Wt4NJwfb6Zw=SgCD -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat reveals an Evolution upgrade focused on addressing critical security flaws, particularly a significant email impersonation threat.. Red Hat Enterprise, Evolution Update, Email Security, Bug Fix, OpenPGP Signatures. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 28, 2020 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here