Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryUbuntuglance

Ubuntu 20.04 18.04 OpenStack Glance Security Flaws USN-8199-1

Several security issues were fixed in OpenStack Glance.. ========================================================================== Ubuntu Security Notice USN-8199-1 April 22, 2026 glance vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenStack Glance. Software Description: - glance: OpenStack Image Registry and Delivery Service Details: Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-32498) Hyeongeun Ji and Abhishek Kekane discovered several server-side request forgery vulnerabilities in OpenStack Glance's image import. An attacker could possibly use this issue to bypass URL validation checks and redirect to internal services. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2026-34881) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS glance 2:20.2.0-0ubuntu1.2+esm2 Available with Ubuntu Pro glance-api 2:20.2.0-0ubuntu1.2+esm2 Available with Ubuntu Pro glance-common 2:20.2.0-0ubuntu1.2+esm2 Available with Ubuntu Pro python3-glance 2:20.2.0-0ubuntu1.2+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS glance 2:16.0.1-0ubuntu1.1+esm2 Available with Ubuntu Pro glance-api 2:16.0.1-0ubuntu1.1+esm2 Available with Ubuntu Pro glance-common 2:16.0.1-0ubuntu1.1+esm2 Available with Ubuntu Pro glance-registry 2:16.0.1-0ubuntu1.1+esm2 Available with Ubuntu Pro python-glance 2:16.0.1-0ubuntu1.1+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS glance 2:12.0.0-0ubuntu2+esm1 Available with Ubuntu Pro glance-api 2:12.0.0-0ubuntu2+esm1 Available with Ubuntu Pro glance-common 2:12.0.0-0ubuntu2+esm1 Available with Ubuntu Pro glance-glare 2:12.0.0-0ubuntu2+esm1 Available with Ubuntu Pro glance-registry 2:12.0.0-0ubuntu2+esm1 Available with Ubuntu Pro python-glance 2:12.0.0-0ubuntu2+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8199-1 CVE-2024-32498, CVE-2026-34881 . Review of Ubuntu's USN-8199-1 highlighting fixed security issues in OpenStack Glance affecting multiple LTS versions.. OpenStack Glance security, Ubuntu vulnerabilities, image processing issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 27, 2026 Important Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: webkit2gtk Critical Info Exfiltration DSA-6074-1 CVE-2025-13947

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-13947 Janet Black discovered that a website may be able to exfiltrate sensitive system information.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6074-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia December 09, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2025-13947 CVE-2025-43421 CVE-2025-43458 CVE-2025-66287 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-13947 Janet Black discovered that a website may be able to exfiltrate sensitive system information. CVE-2025-43421 Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-43458 Phil Beauvoir discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2025-66287 Stanislav Fort discovered that processing maliciously crafted web content may lead to an unexpected process crash. For the oldstable distribution (bookworm), these problems have been fixed in version 2.50.3-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in version 2.50.3-1~deb13u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical vulnerabilities in WebKitGTK allow potential system information exfiltration requiringurgent updates for Debian distributions.. WebKitGTK Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 09, 2025 Critical Debian
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryDebianmalicious input

Debian 11: DLA-4185-1 Critical: yelp-xsl Script Execution Threat

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4185-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Lucas Kanashiro May 28, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : yelp-xsl Version : 3.38.3-1+deb11u1 CVE ID : CVE-2025-3155 Debian Bug : #1102080 A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. For Debian 11 bullseye, this problem has been fixed in version 3.38.3-1+deb11u1. We recommend that you upgrade your yelp-xsl packages. For the detailed security status of yelp-xsl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/yelp-xsl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . An important patch for yelp-xsl addresses a vulnerability that permits the running of scripts capable of leaking user data.. debian security update,yelp-xsl exploit,arbitrary script bug. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 28, 2025 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianGnome

Debian 11 bullseye: DLA-4184-1 moderate: Yelp script execution risk

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4184-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Lucas Kanashiro May 28, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : yelp Version : 3.38.3-1+deb11u1 CVE ID : CVE-2025-3155 Debian Bug : #1102080 A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. For Debian 11 bullseye, this problem has been fixed in version 3.38.3-1+deb11u1. We recommend that you upgrade your yelp packages. For the detailed security status of yelp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/yelp Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Ubuntu Security Notice USN-4570-1 outlines a vulnerability in Gedit that could enable code execution, jeopardizing sensitive information.. Debian LTS, Yelp Security, Exfiltration Risk, Script Execution, Gnome Help. . LinuxSecurity.com Team

Calendar 2 May 28, 2025 Debian LTS
Banner 4 1028x280 1708121825 1771600306
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysoftware updateUbuntu

Ubuntu 22.04 LTS USN-7161-2: critical Docker authorization issue

Several security issues were fixed in Docker.. ========================================================================== Ubuntu Security Notice USN-7161-2 February 18, 2025 Docker vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Docker. Software Description: - docker.io-app: Linux container runtime - docker.io: Linux container runtime Details: USN-7161-1 fixed CVE-2024-29018 in Ubuntu 24.04 LTS. This update fixes it in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. USN-7161-1 fixed CVE-2024-41110 in Ubuntu 24.10, Ubuntu 24.04 LTS, and Ubuntu 18.04 LTS. This updates fixes it in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could possibly use this issue to exfiltrate data by encoding information in DNS queries to controlled nameservers. This issue was only addressed in Ubuntu 24.04 LTS. (CVE-2024-29018) Cory Snider discovered that Docker did not properly handle authorization plugin request processing. An attacker could possibly use this issue to bypass authorization controls by forwarding API requests without their full body, leading to unauthorized actions. (CVE-2024-41110) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS docker.io 26.1.3-0ubuntu1~22.04.1+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS docker.io 26.1.3-0ubuntu1~20.04.1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS docker.io 20.10.21-0ubuntu1~18.04.3+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS docker.io 18.09.7-0ubuntu1~16.04.9+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7161-2 https://ubuntu.com/security/notices/USN-7161-1 CVE-2024-29018, CVE-2024-41110 . Recent Docker vulnerabilities in Ubuntu have impacted several versions. To address these security concerns, apply the necessary updates promptly.. Docker Security, Ubuntu Updates, Software Fix, Data Exfiltration, Authorization Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 18, 2025 Critical Ubuntu
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity updatepath traversal

Mageia 9: MGASA-2025-0035 critical: LibreOffice security threats

Path traversal leading to arbitrary .ttf file write. (CVE-2024-12425) URL fetching can be used to exfiltrate arbitrary INI file values and environment variables. (CVE-2024-12426) References: . MGASA-2025-0035 - Updated libreoffice packages fix security vulnerabilities Publication date: 04 Feb 2025 URL: https://advisories.mageia.org/MGASA-2025-0035.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-12425, CVE-2024-12426 Path traversal leading to arbitrary .ttf file write. (CVE-2024-12425) URL fetching can be used to exfiltrate arbitrary INI file values and environment variables. (CVE-2024-12426) References: - https://bugs.mageia.org/show_bug.cgi?id=33941 - https://lists.debian.org/debian-security-announce/2025/msg00008.html - https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425/ - https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426/ - https://ubuntu.com/security/notices/USN-7228-1 - https://www.cve.org/CVERecord?id=CVE-2024-12425 - https://www.cve.org/CVERecord?id=CVE-2024-12426 SRPMS: - 9/core/libreoffice-24.2.7.2-1.mga9 . Recent LibreOffice updates for Mageia address security vulnerabilities concerning document manipulation and data leakage.. Mageia Security Update, LibreOffice Security Advisory, Path Traversal Fix, Arbitrary File Write. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 04, 2025 Critical Mageia
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicecritical

SUSE: 2024:1944-1 Important: Webkit2gtk3 Denial of Service Risk

* bsc#1222010 * bsc#1225071 Cross-References: * CVE-2023-42843 . # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:1944-1 Rating: important References: * bsc#1222010 * bsc#1225071 Cross-References: * CVE-2023-42843 * CVE-2023-42950 * CVE-2023-42956 * CVE-2024-23252 * CVE-2024-23254 * CVE-2024-23263 * CVE-2024-23280 * CVE-2024-23284 * CVE-2024-27834 CVSS scores: * CVE-2023-42843 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-42950 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42950 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42956 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-42956 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23252 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23254 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23263 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-23280 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-23284 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-27834 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves nine vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * Update to version 2.44.2 (bsc#1225071): * CVE-2024-23252: Fixed a vulnerability where processed web content may lead to a denial-of-service. (bsc#1222010) * CVE-2024-23254: Fixed a vulnerability where a malicious website may exfiltrate audio data cross-origin.(bsc#1222010) * CVE-2024-23263: Fixed a vulnerability where processed maliciously crafted web content may prevent Content Security Policy from being enforced. (bsc#1222010) * CVE-2024-23280: Fixed a vulnerability where a maliciously crafted webpage may be able to fingerprint the user. (bsc#1222010) * CVE-2024-23284: Fixed a vulnerability where processed maliciously crafted web content may prevent Content Security Policy from being enforced. (bsc#1222010) * CVE-2023-42950: Fixed a vulnerability where processed maliciously crafted web content may lead to arbitrary code execution. (bsc#1222010) * CVE-2023-42956: Fixed a vulnerability where processed web content may lead to a denial-of-service. (bsc#1222010) * CVE-2023-42843: Fixed a vulnerability where visiting a malicious website may lead to address bar spoofing. (bsc#1222010) * CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. (bsc#1225071) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1944=1 openSUSE-SLE-15.6-2024-1944=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1944=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-1944=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1944=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.1-lang-2.44.2-150600.12.3.1 * WebKitGTK-6.0-lang-2.44.2-150600.12.3.1 * WebKitGTK-4.0-lang-2.44.2-150600.12.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.3.1 * webkit2gtk3-soup2-devel-2.44.2-150600.12.3.1 * webkit-jsc-6.0-debuginfo-2.44.2-150600.12.3.1 * webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.3.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.2-150600.12.3.1 * libjavascriptcoregtk-6_0-1-2.44.2-150600.12.3.1 * webkit2gtk4-debugsource-2.44.2-150600.12.3.1 * webkit-jsc-4-debuginfo-2.44.2-150600.12.3.1 * webkit2gtk4-devel-2.44.2-150600.12.3.1 * webkit2gtk3-minibrowser-debuginfo-2.44.2-150600.12.3.1 * webkitgtk-6_0-injected-bundles-2.44.2-150600.12.3.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.3.1 * webkit-jsc-4.1-debuginfo-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2-4_1-2.44.2-150600.12.3.1 * webkit2gtk3-soup2-debugsource-2.44.2-150600.12.3.1 * typelib-1_0-WebKit-6_0-2.44.2-150600.12.3.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.3.1 * webkit2gtk4-minibrowser-debuginfo-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2-4_0-2.44.2-150600.12.3.1 * webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-2.44.2-150600.12.3.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.2-150600.12.3.1 * webkit2gtk3-debugsource-2.44.2-150600.12.3.1 * webkit2gtk4-minibrowser-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.2-150600.12.3.1 * webkit-jsc-4-2.44.2-150600.12.3.1 * libwebkitgtk-6_0-4-debuginfo-2.44.2-150600.12.3.1 * webkit-jsc-4.1-2.44.2-150600.12.3.1 * webkit2gtk3-devel-2.44.2-150600.12.3.1 * webkit2gtk3-minibrowser-2.44.2-150600.12.3.1 * typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.3.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.3.1 * libwebkitgtk-6_0-4-2.44.2-150600.12.3.1 * webkit-jsc-6.0-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-2.44.2-150600.12.3.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.2-150600.12.3.1 * typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.3.1 * webkit2gtk3-soup2-minibrowser-2.44.2-150600.12.3.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-32bit-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-32bit-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-32bit-2.44.2-150600.12.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-64bit-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-64bit-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-64bit-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-64bit-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.44.2-150600.12.3.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-6.0-lang-2.44.2-150600.12.3.1 * WebKitGTK-4.0-lang-2.44.2-150600.12.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-soup2-devel-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-2.44.2-150600.12.3.1 * webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2-4_0-2.44.2-150600.12.3.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.2-150600.12.3.1 *webkit2gtk-4_0-injected-bundles-debuginfo-2.44.2-150600.12.3.1 * webkit2gtk3-soup2-debugsource-2.44.2-150600.12.3.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.2-150600.12.3.1 * libwebkitgtk-6_0-4-2.44.2-150600.12.3.1 * libjavascriptcoregtk-6_0-1-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-2.44.2-150600.12.3.1 * typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.3.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.2-150600.12.3.1 * webkit2gtk4-debugsource-2.44.2-150600.12.3.1 * libwebkitgtk-6_0-4-debuginfo-2.44.2-150600.12.3.1 * webkitgtk-6_0-injected-bundles-2.44.2-150600.12.3.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.44.2-150600.12.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.44.2-150600.12.3.1 * typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.3.1 * webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2-4_1-2.44.2-150600.12.3.1 * webkit2gtk3-debugsource-2.44.2-150600.12.3.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-2.44.2-150600.12.3.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.2-150600.12.3.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.2-150600.12.3.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.3.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.3.1 * webkit2gtk4-debugsource-2.44.2-150600.12.3.1 * typelib-1_0-WebKit-6_0-2.44.2-150600.12.3.1 * webkit2gtk4-devel-2.44.2-150600.12.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42843.html * https://www.suse.com/security/cve/CVE-2023-42950.html * https://www.suse.com/security/cve/CVE-2023-42956.html * https://www.suse.com/security/cve/CVE-2024-23252.html * https://www.suse.com/security/cve/CVE-2024-23254.html * https://www.suse.com/security/cve/CVE-2024-23263.html * https://www.suse.com/security/cve/CVE-2024-23280.html * https://www.suse.com/security/cve/CVE-2024-23284.html * https://www.suse.com/security/cve/CVE-2024-27834.html * https://bugzilla.suse.com/show_bug.cgi?id=1222010 * https://bugzilla.suse.com/show_bug.cgi?id=1225071 . Address a series of critical concerns in webkit2gtk3 as per SUSE's newest security patch. Strengthen your system's safety immediately!. SUSE Linux, webkit2gtk3, security update, critical patch, software fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 10, 2024 Important SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian: DSA-5357-1 Critical Update for Git Exfiltration Risk

Brief introduction CVE-2023-22490 . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5357-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Aron Xu February 23, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : git CVE ID : CVE-2023-22490 CVE-2023-23946 Debian Bug : 1031310 Brief introduction CVE-2023-22490 yvvdwf found a data exfiltration vulnerbility while performing local clone from malicious repository even using a non-local transport. CVE-2023-23946 Joern Schneeweisz found a path traversal vulnerbility in git-apply that a path outside the working tree can be overwritten as the acting user. For the stable distribution (bullseye), these problems have been fixed in version 1:2.30.2-1+deb11u2. We recommend that you upgrade your git packages. For the detailed security status of git please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/git Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN-5142-1 pertains to severe vulnerabilities in OpenSSH, notably risk of unauthorized access. Immediate upgrade advised.. Debian Security, Git Fix, Data Exfiltration, Path Traversal, Critical Alert. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 23, 2023 Critical Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here