Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 38 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity updatecritical

Fedora 39: FEDORA-2024-6553299317 High: LibreOffice Code Risk Alert

7.6.7.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-7989718224 2024-05-24 01:03:40.444837 -------------------------------------------------------------------------------- Name : libreoffice Product : Fedora 39 Version : 7.6.7.2 Release : 1.fc39 URL : https://www.libreoffice.org/ Summary : Free Software Productivity Suite Description : LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, LibreOffice also works transparently with a variety of file formats, including Microsoft Office File Formats. -------------------------------------------------------------------------------- Update Information: 7.6.7.2 -------------------------------------------------------------------------------- ChangeLog: * Mon May 20 2024 Gwyn Ciesla - 1:7.6.7.2-1 - 7.6.7.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2280543 - CVE-2024-3044 libreoffice: reate a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2280543 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7989718224' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 39 rolls out essential security patches for LibreOffice 7.6.7.2 to address execution vulnerabilities linked to document processing.. LibreOffice Security Updates,Fedora 39,Open Source Office Suite,Security Patch,Productivity Software. . LinuxSecurity.com Team

Calendar 2 May 24, 2024 Fedora
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo 202401-29 High: Sudo Memory Manipulation Execution Threat

A vulnerability has been discovered in sudo which can lead to execution manipulation through rowhammer-style memory manipulation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202401-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: sudo: Memory Manipulation Date: January 24, 2024 Bugs: #920510 ID: 202401-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in sudo which can lead to execution manipulation through rowhammer-style memory manipulation. Background ========== sudo allows a system administrator to give users the ability to run commands as other users. Affected packages ================= Package Vulnerable Unaffected -------------- ------------ ------------ app-admin/sudo < 1.9.15_p2 > = 1.9.15_p2 Description =========== Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details. Impact ====== Stack/register variables can be flipped via fault injection, affecting execution flow in security-sensitive code. Workaround ========== There is no known workaround at this time. Resolution ========== All sudo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/sudo-1.9.15_p2" References ========== [ 1 ] CVE-2023-42465 https://nvd.nist.gov/vuln/detail/CVE-2023-42465 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202401-29 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importanceto us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Critical sudo vulnerability detected in Gentoo Linux demands immediate response. Upgrade promptly to enhance system protection.. Gentoo Linux, Sudo Exploit, Memory Manipulation, High Risk, Security Update. . LinuxSecurity.com Team

Calendar 2 Jan 24, 2024 Gentoo
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryarbitrary code executioninstallation instructions

openSUSE: 2023:4386-1 important: salt arbitrary code execution threat

This update for salt fixes the following issues: Security issues fixed:. # Security update for salt Announcement ID: SUSE-SU-2023:4386-1 Rating: important References: * bsc#1213293 * bsc#1213518 * bsc#1214477 * bsc#1215157 * jsc#MSQA-706 Cross-References: * CVE-2023-34049 CVSS scores: Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Transactional Server Module 15-SP5 An update that solves one vulnerability, contains one feature and has three security fixes can now be installed. ## Description: This update for salt fixes the following issues: Security issues fixed: * CVE-2023-34049: arbitrary code execution via symlink attack (bsc#1215157) Bugs fixed: * Fix optimization_order opt to prevent testsuite fails * Improve salt.utils.json.find_json to avoid fails (bsc#1213293) * Use salt-call from salt bundle with transactional_update * Only call native_str on curl_debug message in tornado when needed * Implement the calling for batch async from the salt CLI * Fix calculation of SLS context vars when trailing dots on targetted sls/state (bsc#1213518) * Rename salt-tests to python3-salt-testsuite * Allow all primitive grain types for autosign_grains (bsc#1214477) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4386=1 SUSE-2023-4386=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4386=1 * Basesystem Module 15-SP5 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP5-2023-4386=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-4386=1 * Transactional Server Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Transactional-Server-15-SP5-2023-4386=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * salt-proxy-3006.0-150500.4.24.2 * salt-standalone-formulas-configuration-3006.0-150500.4.24.2 * salt-3006.0-150500.4.24.2 * salt-cloud-3006.0-150500.4.24.2 * salt-master-3006.0-150500.4.24.2 * salt-api-3006.0-150500.4.24.2 * salt-minion-3006.0-150500.4.24.2 * salt-syndic-3006.0-150500.4.24.2 * python3-salt-3006.0-150500.4.24.2 * salt-transactional-update-3006.0-150500.4.24.2 * salt-doc-3006.0-150500.4.24.2 * python3-salt-testsuite-3006.0-150500.4.24.2 * salt-ssh-3006.0-150500.4.24.2 * openSUSE Leap 15.5 (noarch) * salt-bash-completion-3006.0-150500.4.24.2 * salt-fish-completion-3006.0-150500.4.24.2 * salt-zsh-completion-3006.0-150500.4.24.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * salt-3006.0-150500.4.24.2 * salt-minion-3006.0-150500.4.24.2 * python3-salt-3006.0-150500.4.24.2 * salt-transactional-update-3006.0-150500.4.24.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * salt-doc-3006.0-150500.4.24.2 * salt-3006.0-150500.4.24.2 * salt-minion-3006.0-150500.4.24.2 * python3-salt-3006.0-150500.4.24.2 * Basesystem Module 15-SP5 (noarch) * salt-bash-completion-3006.0-150500.4.24.2 * salt-zsh-completion-3006.0-150500.4.24.2 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * salt-proxy-3006.0-150500.4.24.2 * salt-standalone-formulas-configuration-3006.0-150500.4.24.2 * salt-cloud-3006.0-150500.4.24.2 * salt-master-3006.0-150500.4.24.2 * salt-api-3006.0-150500.4.24.2 * salt-syndic-3006.0-150500.4.24.2 * salt-ssh-3006.0-150500.4.24.2 * Server Applications Module 15-SP5 (noarch) * salt-fish-completion-3006.0-150500.4.24.2 * Transactional Server Module 15-SP5 (aarch64 ppc64le s390xx86_64) * salt-transactional-update-3006.0-150500.4.24.2 ## References: * https://www.suse.com/security/cve/CVE-2023-34049.html * https://bugzilla.suse.com/show_bug.cgi?id=1213293 * https://bugzilla.suse.com/show_bug.cgi?id=1213518 * https://bugzilla.suse.com/show_bug.cgi?id=1214477 * https://bugzilla.suse.com/show_bug.cgi?id=1215157 * . Crucial security patch released for openSUSE addressing flaws in Salt. Check out the newest setup instructions today!. openSUSE Security Update,Salt Security Advisory,Arbitrary Code Execution Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 09, 2023 Important OpenSUSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalarbitrary code

Ubuntu 23.10: USN-6423-2 Critical Libcue Arbitrary Code Execution

CUE could be made to execute arbitrary code if it received a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6423-2 October 17, 2023 libcue vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: Summary: CUE could be made to execute arbitrary code if it received a specially crafted file. Software Description: Details: USN-6423-1 fixed a vulnerability in CUE. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6423-1 CVE-2023-43641 . A critical vulnerability permits unauthorized code execution through specially designed files. Patches for Ubuntu distributions are now released.. Ubuntu Libcue Update, Arbitrary Code Threat, Security Notice. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 17, 2023 Critical Ubuntu
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycode executiondebian

Debian DSA-5486-1 Critical: Thunderbird Vulnerability Mitigation

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5485-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 30, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4581 CVE-2023-4584 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For the oldstable distribution (bullseye), these problems have been fixed in version 102.15.0esr-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 102.15.0esr-1~deb12u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance your firefox-esr installation to safeguard against unauthorized code execution vulnerabilities in Debian. Urgent patches are out for all users.. firefox-esr update,debian security,execution code fix,mozilla updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 30, 2023 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycritical issuedebian

Debian 10: DLA-3484-2 Urgent: Firefox-ESR Security Vulnerabilities

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3484-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 08, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : firefox-esr Version : 102.13.0esr-1~deb10u1 CVE ID : CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37208 CVE-2023-37211 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. For Debian 10 buster, these problems have been fixed in version 102.13.0esr-1~deb10u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/firefox-esr Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Important news regarding various Firefox vulnerabilities affecting Debian LTS users. It is crucial to perform an upgrade to reduce potential threats.. Debian LTS, Firefox ESR, Security Update, Threat Mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 07, 2023 Important Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianarbitrary code

Debian: DSA-5385-1 Critical: Firefox-ESR Arbitrary Code Issue

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5385-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 12, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2023-1945 CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-29548 CVE-2023-29550 Debian Bug : 982794 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. For the stable distribution (bullseye), these problems have been fixed in version 102.10.0esr-1~deb11u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Important notice for Debian users: Firefox-ESR has several security vulnerabilities. It is advised to upgrade for enhanced security.. Mozilla Firefox Update, Debian Security Announcement, Firefox Arbitrary Code Execution, Debian Firefox ESR. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 12, 2023 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdatedebian

Debian 10: DLA-3343-1 Critical Vulnerability in Mono Execution Risk

Triggering arbitrary code execution was possible due to .desktop files registered as application/x-ms-dos-executable MIME handlers in the open source .NET framework Mono. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3343-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : mono Version : 5.18.0.240+dfsg-3+deb10u1 CVE ID : CVE-2023-26314 Debian Bug : 972146 Triggering arbitrary code execution was possible due to .desktop files registered as application/x-ms-dos-executable MIME handlers in the open source .NET framework Mono. For Debian 10 buster, this problem has been fixed in version 5.18.0.240+dfsg-3+deb10u1. We recommend that you upgrade your mono packages. For the detailed security status of mono please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/mono Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . An important Debian LTS alert about Mono highlights vulnerabilities that permit unauthorized code execution. Users must upgrade promptly to maintain security. Debian Mono Security Patch, Critical Execution Threat, Software Update Advisory, Open Source Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 25, 2023 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here