Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalemail risk

Ubuntu 24.04 LTS: KMail Account Wizard Critical HTTP Risk USN-7732-1

KMail Account Wizard uses an insecure protocol.. ========================================================================== Ubuntu Security Notice USN-7732-1 September 02, 2025 kmail-account-wizard vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: KMail Account Wizard uses an insecure protocol. Software Description: - kmail-account-wizard: Wizard for KDE PIM applications account setup Details: It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. An attacker could possibly use this issue to cause email clients to use an attacker-controlled email server. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS accountwizard 4:23.08.5-0ubuntu3+esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS accountwizard 4:21.12.3-0ubuntu1+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS accountwizard 4:19.12.3-0ubuntu1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS accountwizard 4:17.12.3-0ubuntu1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7732-1 CVE-2024-50624 . The recent flaw found in the KMail email client underscores critical risks within communication apps linked to obsolete protocols, necessitating immediate resolutions for information security.. KMail,email client,protocol leak,Ubuntu security,security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 03, 2025 Critical Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryhigh severitycode execution

Ubuntu 6.10 USN-382-1 High: Mozilla Thunderbird Code Execution Risk

USN-352-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. (CVE-2006-5462) Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748) . =========================================================== Ubuntu Security Notice USN-382-1 November 16, 2006 mozilla-thunderbird vulnerabilities CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: mozilla-thunderbird 1.5.0.8-0ubuntu0.5.10 Ubuntu 6.06 LTS: mozilla-thunderbird 1.5.0.8-0ubuntu0.6.06 Ubuntu 6.10: mozilla-thunderbird 1.5.0.8-0ubuntu0.6.10 After a standard system upgrade you need to restart Thunderbird to effect the necessary changes. Details follow: USN-352-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. (CVE-2006-5462) Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-5463, CVE-2006-5464, CVE-2006-5747,CVE-2006-5748) Updated packages for Ubuntu 5.10: Source archives: Size/MD5: 451782 957b1eabbb35c399a9150fc148d2c8a1 Size/MD5: 960 3352ed8872f185027ac3ee354305eafb Size/MD5: 35621218 a3b77b068da31275611ef46862c0316a amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 3523838 b6819a1f54c1c543ae2c6835ba477b6c Size/MD5: 190416 761fe8dc15060c09de3013d856b79dd1 Size/MD5: 55640 617b95dd76853f2bd5d1abd60ad842d7 Size/MD5: 11981580 188bd293b070ff01101e861eceb690a8 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 3516580 b4c65509f97bea7dc2c207df0559651d Size/MD5: 183772 f7e72f8793eb681bd521d6963212947c Size/MD5: 51254 9e1e6d825c46a9831fd4643c846ac861 Size/MD5: 10286996 b1314587b5026e585a1da43c03748076 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 3521222 aa373f9cf0e28313312b4d88d34bb2c4 Size/MD5: 187110 07ee014b3874b619ab9252292a771d9d Size/MD5: 54826 04072c4224eaa979b52ac0ce1ea2d62d Size/MD5: 11528020 4e67be3b40ef51e8a3a59170a72d51da sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 3518202 3559d6e77167adf6ad24cf2dc0ea980e Size/MD5: 184568 c77f05b16cb004b4b28d08c87c551591 Size/MD5: 52714 d10e66393f273bd011a4b792aec0e1c6 Size/MD5: 10768484 49adf33e01df8b16dfae59539a09f6e4 Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 454980 86dc6c3f6e7314db7f1862847aab1746 Size/MD5: 960 2d270b24bbe03fc5b642cac8c4183517 Size/MD5: 35621218 a3b77b068da31275611ef46862c0316a amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 3528876 4d58793e693a14af93870581bcf5b7d4 Size/MD5: 193880 0c731b9fa2fa5556209ed28fdffd59bb Size/MD5: 59120 ea7b9f02aefd49fc79250683fc277783 Size/MD5: 119895583ffcc3970cae97b55a6b0ddc09e40b9b i386 architecture (x86 compatible Intel/AMD) Size/MD5: 3520550 2dc76d9073a712a6da29dbd5e1e80d94 Size/MD5: 187250 440d25b5232eab1e15929bf62166ee1a Size/MD5: 54640 8bfe36c400bca1c5fc6a3d6a079d15e7 Size/MD5: 10287496 c9e8b30b24ee9c1ea938662ec5c5c829 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 3525980 331fb306bd301e6db588e3ae954682ec Size/MD5: 190586 6b2cd37ce0d4d218192c1701fedf2d35 Size/MD5: 58236 b9adc16444e5f8a4ba184b896feeddbc Size/MD5: 11560520 bf03db104a8a34d7623719d9bd2d78dd sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 3522432 9f608db55c878301303f11dda557b659 Size/MD5: 188046 80a01d132f407d2cc7bed5fa827f6726 Size/MD5: 56134 a9bb35877246b62480313cacdcaaec62 Size/MD5: 10759610 f8311676b1e447d52a059f673c1c8365 Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 454992 495051c8a51c3c76f66110a9cc955da1 Size/MD5: 960 8de9b896031767eec82c7d4992c6a9ba Size/MD5: 35621218 a3b77b068da31275611ef46862c0316a amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 3528756 59670215a896e4928e90878dc9b04b08 Size/MD5: 194002 8c4679532a5a56d9ae9ef85fc10974b5 Size/MD5: 59126 7ae8776fabb53abe898c187cd42b3d05 Size/MD5: 11982018 6b757d203ac93cf892a87ac8ca9a13db i386 architecture (x86 compatible Intel/AMD) Size/MD5: 3523844 ec316699b80ad08945c58c3c7427aefa Size/MD5: 188658 beae7465832335242d6da367e8a79019 Size/MD5: 55770 31263c265feb5c09cf2f7a5f692b95e7 Size/MD5: 10743540 60f03ab196fcc5160922386b2e0e27d3 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 3526062 43038d1a52c353ccb64b0553156673b7 Size/MD5: 191106 b8861d5299adce77a280852beffa9e4d Size/MD5: 587848c26c48f8cc8cf38bc6a0b5e8212936b Size/MD5: 11690926 b727068e620efa13b2c0cd1d3899e271 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 3522380 3c544b8ac310f5ab3789a9f960a85577 Size/MD5: 188512 314b6bcbf287df8eeba2793fb3b2686c Size/MD5: 56190 35ae6cf2ba9e5c68a16c5bfda8b7f0a3 Size/MD5: 10955658 c847b48dfa1e26d4a2da0d8378127f64 . In response to USN-382-1, the advisory highlights security flaws in Mozilla Thunderbird that could enable code execution through email interactions.. Mozilla Thunderbird, Ubuntu Security Notice, email attack, security update, code execution risk. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 06, 2020 Important Ubuntu
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicehigh severity

Gentoo GLSA-200612-06 High Severity: Mozilla Thunderbird Buffer Overflow

Multiple vulnerabilities have been identified in Mozilla Thunderbird.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200612-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Thunderbird: Multiple vulnerabilities Date: December 10, 2006 Bugs: #154448 ID: 200612-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been identified in Mozilla Thunderbird. Background ========= Mozilla Thunderbird is a popular open-source email client from the Mozilla Project. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mozilla-thunderbird < 1.5.0.8 > = 1.5.0.8 2 mozilla-thunderbird-bin < 1.5.0.8 > = 1.5.0.8 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== It has been identified that Mozilla Thunderbird improperly handles Script objects while they are being executed, allowing them to be modified during execution. JavaScript is disabled in Mozilla Thunderbird by default. Mozilla Thunderbird has also been found to be vulnerable to various potential buffer overflows. Lastly, the binary release of Mozilla Thunderbird is vulnerable to a low exponent RSA signature forgery issue because it is bundled with a vulnerable version of NSS. Impact ===== An attacker could entice a user to view a specially crafted emailthat causes a buffer overflow and again executes arbitrary code or causes a Denial of Service. An attacker could also entice a user to view an email containing specially crafted JavaScript and execute arbitrary code with the rights of the user running Mozilla Thunderbird. It is important to note that JavaScript is off by default in Mozilla Thunderbird, and enabling it is strongly discouraged. It is also possible for an attacker to create SSL/TLS or email certificates that would not be detected as invalid by the binary release of Mozilla Thunderbird, raising the possibility for Man-in-the-Middle attacks. Workaround ========= There is no known workaround at this time. Resolution ========= Users upgrading to the following releases of Mozilla Thunderbird should note that this version of Mozilla Thunderbird has been found to not display certain messages in some cases. All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =mail-client/mozilla-thunderbird-1.5.0.8" All Mozilla Thunderbird binary release users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =mail-client/mozilla-thunderbird-bin-1.5.0.8" References ========= [ 1 ] CVE-2006-5462 https://www.cve.org/CVERecord?id=CVE-2006-5462 [ 2 ] CVE-2006-5463 https://www.cve.org/CVERecord?id=CVE-2006-5463 [ 3 ] CVE-2006-5464 https://www.cve.org/CVERecord?id=CVE-2006-5464 [ 4 ] CVE-2006-5747 https://www.cve.org/CVERecord?id=CVE-2006-5747 [ 5 ] CVE-2006-5748 https://www.cve.org/CVERecord?id=CVE-2006-5748 [ 6 ] Mozilla Thunderbird Email Loss Bug https://bugzilla.mozilla.org/show_bug.cgi?id=360409 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200612-06 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our usersmachines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Several security flaws detected in Mozilla Firefox may enable critical exploits. Update recommended for every user.. Mozilla Thunderbird Exploit, Gentoo Security Advisory, Email Client Risks. . LinuxSecurity.com Team

Calendar 2 Dec 10, 2006 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here