Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora: 2021-ecf4fed550 Critical: PhpMailer Object Injection Fix

**Version 6.4.1** (April 29th, 2021) * **SECURITY** Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details * Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as `ssh2` * Ensure method signature consistency in `doCallback` calls * Ukrainian language update * Add. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-ecf4fed550 2021-05-12 16:12:14.610254 --------------------------------------------------------------------------------Name : php-phpmailer6 Product : Fedora 33 Version : 6.4.1 Release : 1.fc33 URL : https://github.com/PHPMailer/PHPMailer Summary : Full-featured email creation and transfer class for PHP Description : PHPMailer - A full-featured email creation and transfer class for PHP Class Features * Probably the world's most popular code for sending email from PHP! * Used by many open-source projects: WordPress, Drupal, 1CRM, SugarCRM, Yii, Joomla! and many more * Integrated SMTP support - send without a local mail server * Send emails with multiple To, CC, BCC and Reply-to addresses * Multipart/alternative emails for mail clients that do not read HTML email * Add attachments, including inline * Support for UTF-8 content and 8bit, base64, binary, and quoted-printable encodings * SMTP authentication with LOGIN, PLAIN, CRAM-MD5 and XOAUTH2 mechanisms over SSL and SMTP+STARTTLS transports * Validates email addresses automatically * Protect against header injection attacks * Error messages in 47 languages! * DKIM and S/MIME signing support * Compatible with PHP 5.5 and later * Namespaced to prevent name clashes * Much more! Autoloader: /usr/share/php/PHPMailer/PHPMailer6/autoload.php --------------------------------------------------------------------------------Update Information: **Version 6.4.1** (April 29th, 2021) * **SECURITY** FixesCVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details * Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as `ssh2` * Ensure method signature consistency in `doCallback` calls * Ukrainian language update * Add composer scripts for checking coding standards and running tests --------------------------------------------------------------------------------ChangeLog: * Mon May 3 2021 Remi Collet - 6.4.1-1 - update to 6.4.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1955757 - CVE-2020-36326 php-phpmailer6: Object injection through Phar Deserialization via addAttachment with a UNC pathname [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1955757 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-ecf4fed550' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . This update addresses critical security issuesin php-phpmailer6 with a fix for object injection vulnerabilities.. PhpMailer, Security Update, Object Injection, Fedora Update, Email Class. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 12, 2021 Critical Fedora
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateFedora

Fedora 27: 2017-4b3873b325 Moderate: php-PHPMailer XSS Issue

**Version 5.2.26** (November 4th 2017) * Minor security backport from 6.0 - set Debugoutput in constructor according to SAPI in use, avoiding potential XSS in default debug output.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-4b3873b325 2017-11-15 15:47:48.465057 --------------------------------------------------------------------------------Name : php-PHPMailer Product : Fedora 27 Version : 5.2.26 Release : 1.fc27 URL : https://github.com/PHPMailer/PHPMailer Summary : PHP email transport class with a lot of features Description : Full Featured Email Transfer Class for PHP. PHPMailer features: * Supports emails digitally signed with S/MIME encryption! * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs * Works on any platform. * Supports Text & HTML emails. * Embedded image support. * Multipart/alternative emails for mail clients that do not read HTML email. * Flexible debugging. * Custom mail headers. * Redundant SMTP servers. * Support for 8bit, base64, binary, and quoted-printable encoding. * Word wrap. * Multiple fs, string, and binary attachments (those from database, string, etc). * SMTP authentication. * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail, Imail, Exchange, etc. * Good documentation, many examples included in download. * It's swift, small, and simple. --------------------------------------------------------------------------------Update Information: **Version 5.2.26** (November 4th 2017) * Minor security backport from 6.0 - set Debugoutput in constructor according to SAPI in use, avoiding potential XSS in default debug output. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade php-PHPMailer' at the command line. For moreinformation, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest php-PHPMailer upgrade on Fedora 27 improves security measures by mitigating possible XSS vulnerabilities found in debugging outputs.. PHP Mailer Security,Fedora Update,Email Class Security,XSS Prevention,PHP Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 15, 2017 Important Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here