Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
99
security advisorypatchSlackwareSlackware 15.0: 2025-155-01 critical: curl WebSocket issue
New curl packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2025-155-01) New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/curl-8.14.1-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: WebSocket endless loop. For more information, see: https://curl.se/docs/CVE-2025-5399.html https://www.cve.org/CVERecord?id=CVE-2025-5399 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/curl-8.14.1-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/curl-8.14.1-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-8.14.1-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-8.14.1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 0411523891cc915bd9b0b9ca7200dc90 curl-8.14.1-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 0a9bdd5dfb59d2e282243cbc57265d0f curl-8.14.1-x86_64-1_slack15.0.txz Slackware -current package: 0b7aacacfd709ece6a7e844ee20ef24a n/curl-8.14.1-i686-1.txz Slackware x86_64 -current package: d6df66320f4433a998f5ad00f222bf0c n/curl-8.14.1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: #upgradepkg curl-8.14.1-i586-1_slack15.0.txz +-----+ . Freshly rolled curl updates for Slackware 15.0 targeting critical vulnerabilities. Acquire them promptly for essential security enhancements.. Slackware, Curl Security Fix, WebSocket Issues, Package Update. . Severity: Critical. LinuxSecurity.com Team
Jun 05, 2025
•Critical
Slackware
202
security advisorymoderatesecurity updateopenSUSE: 2020:0021-1 Moderate: Fix for Endless Loop in dia Software
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for dia ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:0021-1 Rating: moderate References: #1158194 Cross-References: CVE-2019-19451 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding (bsc#1158194). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-21=1 Package List: - openSUSE Leap 15.1 (noarch): dia-lang-0.97.3-lp151.4.3.1 - openSUSE Leap 15.1 (x86_64): dia-0.97.3-lp151.4.3.1 dia-debuginfo-0.97.3-lp151.4.3.1 dia-debugsource-0.97.3-lp151.4.3.1 References: https://www.suse.com/security/cve/CVE-2019-19451.html https://bugzilla.suse.com/1158194 -- . Fedora Security Update for xyz Announcement ID: FEDORA-SU-2021:0050-1 Rating: high addressing a critical buffer overflow vulnerability.. openSUSE dia update security patch CVE-2019-19451. . LinuxSecurity.com Team
Jan 13, 2020
OpenSUSE
203
security advisorysoftware patchpackage updateMageia 2020-0022 Moderate Update: Resolution for Dia Encoding Issue
Updated dia package fixes security vulnerability: An endless loop on filenames with invalid encoding (CVE-2019-19451). References: . MGASA-2020-0022 - Updated dia packages fix security vulnerability Publication date: 05 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0022.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-19451 Updated dia package fixes security vulnerability: An endless loop on filenames with invalid encoding (CVE-2019-19451). References: - https://bugs.mageia.org/show_bug.cgi?id=25995 - http://lists.suse.com/pipermail/sle-security-updates/2019-December/006293.html - https://www.cve.org/CVERecord?id=CVE-2019-19451 SRPMS: - 7/core/dia-0.97.3-8.1.mga7 . The latest dia update fixes a persistent loop problem caused by incorrect filenames while simultaneously improving security protocols in Mageia.. Mageia Security Update, Dia Package Fix, Encoding Vulnerability, Software Update. . LinuxSecurity.com Team
Jan 05, 2020
Mageia
100
security advisorymoderatediaSUSE: 2019:3390-1 Moderate: Fix for dia Endless Loop Vulnerability
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for dia ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:3390-1 Rating: moderate References: #1158194 Cross-References: CVE-2019-19451 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Workstation Extension 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Desktop 12-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding (bsc#1158194). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2019-3390=1 - SUSE Linux Enterprise Workstation Extension 12-SP4: zypper in -t patch SUSE-SLE-WE-12-SP4-2019-3390=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2019-3390=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-3390=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-3390=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): dia-0.97.3-17.4.1 dia-debuginfo-0.97.3-17.4.1 dia-debugsource-0.97.3-17.4.1 - SUSE Linux Enterprise Workstation Extension 12-SP5 (noarch): dia-lang-0.97.3-17.4.1 - SUSE Linux Enterprise Workstation Extension 12-SP4 (noarch): dia-lang-0.97.3-17.4.1 - SUSE Linux Enterprise Workstation Extension 12-SP4 (x86_64): dia-0.97.3-17.4.1 dia-debuginfo-0.97.3-17.4.1 dia-debugsource-0.97.3-17.4.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): dia-0.97.3-17.4.1 dia-debuginfo-0.97.3-17.4.1 dia-debugsource-0.97.3-17.4.1 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): dia-0.97.3-17.4.1 dia-debuginfo-0.97.3-17.4.1 dia-debugsource-0.97.3-17.4.1 - SUSE Linux Enterprise Desktop 12-SP4 (noarch): dia-lang-0.97.3-17.4.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): dia-0.97.3-17.4.1 dia-debuginfo-0.97.3-17.4.1 dia-debugsource-0.97.3-17.4.1 References: https://www.suse.com/security/cve/CVE-2019-19451.html https://bugzilla.suse.com/1158194 _______________________________________________ sle-security-updates mailing list
Dec 27, 2019
SuSE
89
security advisorycriticalFedoraFedora 23: pgpdump Security Advisory - CVE-2016-4021 Critical Loop Issue
CVE-2016-4021 pgpdump: endless loop parsing specially crafted input. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-5733ad20f5 2016-05-10 11:45:44.977591 -------------------------------------------------------------------------------- Name : pgpdump Product : Fedora 23 Version : 0.30 Release : 1.fc23 URL : http://www.mew.org/~kazu/proj/pgpdump/ Summary : PGP packet visualizer Description : pgpdump is a PGP packet visualizer which displays the packet format of OpenPGP (RFC 4880) and PGP version 2 (RFC 1991). -------------------------------------------------------------------------------- Update Information: CVE-2016-4021 pgpdump: endless loop parsing specially crafted input -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328351 - CVE-2016-4021 pgpdump: endless loop parsing specially crafted input https://bugzilla.redhat.com/show_bug.cgi?id=1328351 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pgpdump' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
May 10, 2016
•Critical
Fedora
89
security advisorycritical issueupdateFedora 22 FEDORA-2016-6fd7a31d36: Critical pgpdump Endless Loop
CVE-2016-4021 pgpdump: endless loop parsing specially crafted input. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-6fd7a31d36 2016-05-10 11:43:00.964428 -------------------------------------------------------------------------------- Name : pgpdump Product : Fedora 22 Version : 0.30 Release : 1.fc22 URL : http://www.mew.org/~kazu/proj/pgpdump/ Summary : PGP packet visualizer Description : pgpdump is a PGP packet visualizer which displays the packet format of OpenPGP (RFC 4880) and PGP version 2 (RFC 1991). -------------------------------------------------------------------------------- Update Information: CVE-2016-4021 pgpdump: endless loop parsing specially crafted input -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328351 - CVE-2016-4021 pgpdump: endless loop parsing specially crafted input https://bugzilla.redhat.com/show_bug.cgi?id=1328351 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pgpdump' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
May 10, 2016
•Critical
Fedora
89
security advisorysecurity updateFedoraFedora 24: Security Update on pgpdump FEDORA-2016-8f4b54b005 Critical Loop
CVE-2016-4021 pgpdump: endless loop parsing specially crafted input. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-8f4b54b005 2016-05-07 11:36:53.843242 -------------------------------------------------------------------------------- Name : pgpdump Product : Fedora 24 Version : 0.30 Release : 1.fc24 URL : http://www.mew.org/~kazu/proj/pgpdump/ Summary : PGP packet visualizer Description : pgpdump is a PGP packet visualizer which displays the packet format of OpenPGP (RFC 4880) and PGP version 2 (RFC 1991). -------------------------------------------------------------------------------- Update Information: CVE-2016-4021 pgpdump: endless loop parsing specially crafted input -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328351 - CVE-2016-4021 pgpdump: endless loop parsing specially crafted input https://bugzilla.redhat.com/show_bug.cgi?id=1328351 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pgpdump' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
May 07, 2016
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!