Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorypython-djangoinjection attack

Debian 11: DLA-4010-1 python-django moderate: email injection fix

The fix for CVE-2024-6923 in the python3.9 source package which was released as part of a suite of updates in DLA 3980-1 [0] introduced safer processing of input in the email module to order to increase the security around email header injection attacks. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4010-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb January 10, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : python-django Version : 2:2.2.28-1~deb11u4 CVE ID : CVE-2024-6923 The fix for CVE-2024-6923 in the python3.9 source package which was released as part of a suite of updates in DLA 3980-1 [0] introduced safer processing of input in the email module to order to increase the security around email header injection attacks. This change inadvertedly broke sending emails when using lazy translation strings in the python-django package, however, resulting in the package no longer building from source. As the previous behaviour of Python's "email" module can be enabled by passing the strict=False flag, the python-django package now does so — Django detects and/or encodes newlines in its handling of outbound emails elsewhere. For Debian 11 bullseye, this change has been made in version 2:2.2.28-1~deb11u4. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-django Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS [0] https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html . Enhance your django installation tobolster email security following the resolution of CVE-2024-6923, alongside modifications to add new features.. python-django update, Debian 11 security, email injection fix. . LinuxSecurity.com Team

Calendar 2 Jan 11, 2025 Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicesoftware patch

Ubuntu 24.04 LTS: USN-7015-1 critical: Python Denial Of Service Issues

Several security issues were fixed in Python.. ========================================================================== Ubuntu Security Notice USN-7015-1 September 16, 2024 python3.10, python3.12, python3.8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Python. Software Description: - python3.12: An interactive high-level object-oriented language - python3.10: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language Details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-6232) It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. (CVE-2024-6923) It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-7592) It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service. (CVE-2024-8088) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04LTS python3.12 3.12.3-1ubuntu0.2 python3.12-minimal 3.12.3-1ubuntu0.2 Ubuntu 22.04 LTS python3.10 3.10.12-1~22.04.6 python3.10-minimal 3.10.12-1~22.04.6 Ubuntu 20.04 LTS python3.8 3.8.10-0ubuntu1~20.04.12 python3.8-minimal 3.8.10-0ubuntu1~20.04.12 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7015-1 CVE-2023-27043, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088 Package Information: https://launchpad.net/ubuntu/+source/python3.12/3.12.3-1ubuntu0.2 https://launchpad.net/ubuntu/+source/python3.10/3.10.12-1~22.04.6 https://launchpad.net/ubuntu/+source/python3.8/3.8.10-0ubuntu1~20.04.12 . The latest Ubuntu release fixes several Python vulnerabilities. Upgrade your system promptly to safeguard against potential remote exploits. Ubuntu Security, Python Updates, Python Security Fixes, Remote Attacks, Security Notices. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 16, 2024 Critical Ubuntu
Banner 1 1028x280 1708121660 1771599717
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderateupdate

Debian 8: DLA-1925-1 Moderate Python2.7 Email Parsing Vulnerability Fix

A vulnerability was discovered in Python, an interactive high-level object-oriented language. . Package : python2.7 Version : 2.7.9-2+deb8u5 CVE ID : CVE-2019-16056 A vulnerability was discovered in Python, an interactive high-level object-oriented language. CVE-2019-16056 The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. For Debian 8 "Jessie", this problem has been fixed in version 2.7.9-2+deb8u5. We recommend that you upgrade your python2.7 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A patch is vital for improving Python 2.7's email module by fixing a parsing error that permits invalid email addresses, enhancing validation and reliability. Debian LTS, python2.7, security update, email parsing, CVE-2019-16056. . LinuxSecurity.com Team

Calendar 2 Sep 16, 2019 Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryDebianupgrade recommendation

Debian LTS: DLA-1924-1 Critical: Python 3.4 Email Parsing Problem

A vulnerability was discovered in Python, an interactive high-level object-oriented language. . Package : python3.4 Version : 3.4.2-1+deb8u7 CVE ID : CVE-2019-16056 A vulnerability was discovered in Python, an interactive high-level object-oriented language. CVE-2019-16056 The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. For Debian 8 "Jessie", this problem has been fixed in version 3.4.2-1+deb8u7. We recommend that you upgrade your python3.4 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A safety notice for Debian Long Term Support highlights a flaw in Python 3.4's email address parsing that could cause security issues. Users should update now. Debian, python, security advisory, email parsing, upgrade recommendation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 16, 2019 Critical Debian LTS
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here