Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdateDebian

Debian 11: DLA-4042-1 critical: asterisk CVE-2024-53566 path traversal

An issue has been found in asterisk, an Open Source Private Branch Exchange. CVE-2024-53566 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4042-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert February 06, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : asterisk Version : 1:16.28.0~dfsg-0+deb11u6 CVE ID : CVE-2024-53566 Debian Bug : An issue has been found in asterisk, an Open Source Private Branch Exchange. CVE-2024-53566 It is possible to access files outside the configuration directory via AMI and path traversal even when live_dangerously is not enabled. For Debian 11 bullseye, this problem has been fixed in version 1:16.28.0~dfsg-0+deb11u6. We recommend that you upgrade your asterisk packages. For the detailed security status of asterisk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/asterisk Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-4042-2 addresses the security vulnerability in asterisk related to CVE-2024-53567, which impacts file permissions.. Debian Security, asterisk update, path traversal attack, private branch exchange. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 06, 2025 Critical Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasecurity fix

Fedora 37: 2023-9078f609e6 Critical: Sudo File Access Issue Fix

Rebase to sudo-1.9.12p2 - security fix for CVE-2023-22809. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-9078f609e6 2023-01-22 01:40:20.174396 --------------------------------------------------------------------------------Name : sudo Product : Fedora 37 Version : 1.9.12 Release : 1.p2.fc37 URL : Summary : Allows restricted root access for specified users Description : Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per-host basis, copious logging of each command (providing a clear audit trail of who did what), a configurable timeout of the sudo command, and the ability to use the same configuration file (sudoers) on many different machines. --------------------------------------------------------------------------------Update Information: Rebase to sudo-1.9.12p2 - security fix for CVE-2023-22809 --------------------------------------------------------------------------------ChangeLog: * Thu Jan 19 2023 Radovan Sroka - 1.9.12-1.p2 - Rebase to sudo 1.9.12p2 - sudo-1.9.12p2 is available Resolves: rhbz#2137775 - sudo: arbitrary file write with privileges of the RunAs user CVE-2023-22809 Resolves: rhbz#2162042 --------------------------------------------------------------------------------References: [ 1 ] Bug #2137775 - sudo-1.9.12p2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2137775 [ 2 ] Bug #2162042 - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2162042 --------------------------------------------------------------------------------This update can be installedwith the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9078f609e6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Important patch for sudo in Fedora 37 resolves file manipulation vulnerability. Update immediately for improved protection.. Fedora Security Advisory,Sudo Update,File Access Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 22, 2023 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowlow severity

SUSE: 2021:0430-1 Low Severity MozillaFirefox Buffer Overflow Fix

An update that contains security fixes can now be installed. . SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0430-1 Rating: low References: #1181848 Affected Products: SUSE Linux Enterprise Module for Desktop Applications 15-SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.7.1 ESR (bsc#1181848) - Fixed: Prevent access to NTFS special paths that could lead to filesystem corruption. - Buffer overflow in depth pitch calculations for compressed textures Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Desktop Applications 15-SP2: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP2-2021-430=1 Package List: - SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-78.7.1-8.29.1 MozillaFirefox-debuginfo-78.7.1-8.29.1 MozillaFirefox-debugsource-78.7.1-8.29.1 MozillaFirefox-devel-78.7.1-8.29.1 MozillaFirefox-translations-common-78.7.1-8.29.1 MozillaFirefox-translations-other-78.7.1-8.29.1 References: https://bugzilla.suse.com/1181848 . The latest SUSE Security Update brings essential patches for MozillaFirefox, addressing severe file permissions vulnerabilities and mitigating potential buffer overflow threats.. MozillaFirefox Update, SUSE Security Fixes, File Access Issue, Buffer Overflow Patch, SUSE Linux Enterprise. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Feb 10, 2021 Low SuSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymedium severityfile access issue

Mageia 7 MGASA-2020-0257 Medium: xawtv File Access Issue

Updated xawtv packages fix security vulnerability: The v4l-conf program in xawtv allows users to determine the existence of file names in directories they do not have access to, and allows a user to have the system open files they do not have access to, though it does . MGASA-2020-0257 - Updated xawtv packages fix security vulnerability Publication date: 10 Jun 2020 URL: https://advisories.mageia.org/MGASA-2020-0257.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13696 Updated xawtv packages fix security vulnerability: The v4l-conf program in xawtv allows users to determine the existence of file names in directories they do not have access to, and allows a user to have the system open files they do not have access to, though it does not provide the user access to the file contents (CVE-2020-13696). References: - https://bugs.mageia.org/show_bug.cgi?id=26736 - https://www.openwall.com/lists/oss-security/2020/06/04/6 - https://www.cve.org/CVERecord?id=CVE-2020-13696 SRPMS: - 7/core/xawtv-3.107-1.1.mga7 . Mageia 2020-0257 upgrades xawtv to address file access risks, enhancing overall system protection.. xawtv update,Mageia security,xawtv vulnerability,file access issue. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Jun 10, 2020 Medium Mageia
Banner 1 1028x280 1708121660 1771599717
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatecritical

Mageia: MGASA-2020-0145 High: ImageMagick Security Vulnerability Detected

It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. (CVE-2019-3835) . MGASA-2019-0130 - Updated ghostscript packages fix security vulnerability Publication date: 05 Apr 2019 URL: https://advisories.mageia.org/MGASA-2019-0130.html Type: security Affected Mageia releases: 6 CVE: CVE-2019-3835, CVE-2019-3838 It was found that the superexec operator was available in the internal dictionary. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. (CVE-2019-3835) It was found that the forceput operator could be extracted from the DefineResource method using methods similar to the ones described in CVE-2019-6116. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constraints imposed by -dSAFER. (CVE-2019-3838) References: - https://bugs.mageia.org/show_bug.cgi?id=24548 - https://www.openwall.com/lists/oss-security/2019/03/21/1 - https://access.redhat.com/errata/RHSA-2019:0633 - https://www.cve.org/CVERecord?id=CVE-2019-3835 - https://www.cve.org/CVERecord?id=CVE-2019-3838 SRPMS: - 6/core/ghostscript-9.26-1.3.mga6 . The latest ghostscript updates tackle a significant access vulnerability affecting Mageia systems. Discover the specifics of this urgent security patch.. ghostscript security patch, Mageia updates, PostScript threat. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 05, 2019 Important Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 26: 2017-6874606e19 Moderate: Drupal 7.56 File Access Issue

* [7.56]() * [SA-CORE-2017-003](). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-6874606e19 2017-07-07 22:40:59.824375 --------------------------------------------------------------------------------Name : drupal7 Product : Fedora 26 Version : 7.56 Release : 1.fc26 URL : Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. --------------------------------------------------------------------------------Update Information: * [7.56]() * [SA-CORE-2017-003]() --------------------------------------------------------------------------------References: [ 1 ] Bug #1464008 - CVE-2017-6922 drupal7: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1464008 [ 2 ] Bug #1464007 - CVE-2017-6922 drupal7: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1464007 [ 3 ] Bug #1463856 - drupal7-7.56 is available https://bugzilla.redhat.com/show_bug.cgi?id=1463856 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade drupal7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The release of Drupal 7.56 on Fedora 26 resolves the security vulnerability identified in SA-CORE-2017-003. It's crucial to keep your installation current and secure.. Drupal 7.56 Update,Fedora 26 Security,Web Application Security,Open Source CMS. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 07, 2017 Important Fedora
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryupdateremote exploit

SUSE: 2016:0164-1 Important: Samba Remote Exploit Threats Resolved

An update that solves four vulnerabilities and has 7 fixes An update that solves four vulnerabilities and has 7 fixes An update that solves four vulnerabilities and has 7 fixes is now available. is now available.. SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0164-1 Rating: important References: #295284 #912457 #934299 #936909 #948244 #949022 #953382 #958582 #958583 #958584 #958586 Cross-References: CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Software Development Kit 11-SP3 SUSE Linux Enterprise Server for VMWare 11-SP3 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3 SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Desktop 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves four vulnerabilities and has 7 fixes is now available. Description: This update for Samba fixes the following security issues: - CVE-2015-5330: Remote read memory exploit in LDB (bnc#958586) - CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bnc#958582) - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side (bnc#958584) - CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2) (bnc#958583) Non-security issues fixed: - Prevent null pointer access in samlogon fallback when security credentials are null (bnc#949022) - Ensure samlogonfall-back requests are rerouted after kerberos failure (bnc#953382) - Ensure "Your account is disabled" message is displayed when attempting to ssh into locked account (bnc#953382) - Address unrecoverable winbind failure: "key length too large" (bnc#934299) - Take resource group sids into account when caching netsamlogon data (bnc#912457) - Fix lookup of groups with "Local Domain" scope from Active Directory (bnc#948244) - dependency issue with samba-winbind (bnc#936909) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-20160113-12338=1 - SUSE Linux Enterprise Software Development Kit 11-SP3: zypper in -t patch sdksp3-samba-20160113-12338=1 - SUSE Linux Enterprise Server for VMWare 11-SP3: zypper in -t patch slessp3-samba-20160113-12338=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-20160113-12338=1 - SUSE Linux Enterprise Server 11-SP3: zypper in -t patch slessp3-samba-20160113-12338=1 - SUSE Linux Enterprise Desktop 11-SP4: zypper in -t patch sledsp4-samba-20160113-12338=1 - SUSE Linux Enterprise Desktop 11-SP3: zypper in -t patch sledsp3-samba-20160113-12338=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-20160113-12338=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-20160113-12338=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-64.1 libnetapi-devel-3.6.3-64.1 libnetapi0-3.6.3-64.1 libsmbclient-devel-3.6.3-64.1 libsmbsharemodes-devel-3.6.3-64.1 libsmbsharemodes0-3.6.3-64.1 libtalloc-devel-3.6.3-64.1 libtdb-devel-3.6.3-64.1 libtevent-devel-3.6.3-64.1 libwbclient-devel-3.6.3-64.1 samba-devel-3.6.3-64.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64 ppc64 s390x x86_64): samba-test-3.6.3-64.1 - SUSE Linux Enterprise Software Development Kit 11-SP3 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-64.1 libnetapi-devel-3.6.3-64.1 libnetapi0-3.6.3-64.1 libsmbclient-devel-3.6.3-64.1 libsmbsharemodes-devel-3.6.3-64.1 libsmbsharemodes0-3.6.3-64.1 libtalloc-devel-3.6.3-64.1 libtdb-devel-3.6.3-64.1 libtevent-devel-3.6.3-64.1 libwbclient-devel-3.6.3-64.1 samba-devel-3.6.3-64.1 samba-test-3.6.3-64.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (i586 x86_64): ldapsmb-1.34b-64.1 libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (x86_64): libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Server for VMWare 11-SP3 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-64.1 libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-64.1 libtalloc2-x86-3.6.3-64.1 libtdb1-x86-3.6.3-64.1 libtevent0-x86-3.6.3-64.1 libwbclient0-x86-3.6.3-64.1 samba-client-x86-3.6.3-64.1 samba-winbind-x86-3.6.3-64.1 samba-x86-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-64.1 libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Server 11-SP3 (ia64): libsmbclient0-x86-3.6.3-64.1 libtalloc2-x86-3.6.3-64.1 libtdb1-x86-3.6.3-64.1 libwbclient0-x86-3.6.3-64.1 samba-client-x86-3.6.3-64.1 samba-winbind-x86-3.6.3-64.1 samba-x86-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (i586 x86_64): libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (x86_64): libldb1-32bit-3.6.3-64.1 libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP4 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP3 (i586 x86_64): libldb1-3.6.3-64.1 libsmbclient0-3.6.3-64.1 libtalloc2-3.6.3-64.1 libtdb1-3.6.3-64.1 libtevent0-3.6.3-64.1 libwbclient0-3.6.3-64.1 samba-3.6.3-64.1 samba-client-3.6.3-64.1 samba-krb-printing-3.6.3-64.1 samba-winbind-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP3 (x86_64): libldb1-32bit-3.6.3-64.1 libsmbclient0-32bit-3.6.3-64.1 libtalloc2-32bit-3.6.3-64.1 libtdb1-32bit-3.6.3-64.1 libtevent0-32bit-3.6.3-64.1 libwbclient0-32bit-3.6.3-64.1 samba-32bit-3.6.3-64.1 samba-client-32bit-3.6.3-64.1 samba-winbind-32bit-3.6.3-64.1 - SUSE Linux Enterprise Desktop 11-SP3 (noarch): samba-doc-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-64.1 samba-debugsource-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-64.1 samba-debugsource-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ppc64 s390x): samba-debuginfo-32bit-3.6.3-64.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (ia64): samba-debuginfo-x86-3.6.3-64.1 References: https://www.suse.com/security/cve/CVE-2015-5252.html https://www.suse.com/security/cve/CVE-2015-5296.html https://www.suse.com/security/cve/CVE-2015-5299.html https://www.suse.com/security/cve/CVE-2015-5330.html https://bugzilla.suse.com/show_bug.cgi?id=295284 https://bugzilla.suse.com/show_bug.cgi?id=912457 https://bugzilla.suse.com/show_bug.cgi?id=934299 https://bugzilla.suse.com/show_bug.cgi?id=936909 https://bugzilla.suse.com/show_bug.cgi?id=948244 https://bugzilla.suse.com/show_bug.cgi?id=949022 https://bugzilla.suse.com/show_bug.cgi?id=953382 https://bugzilla.suse.com/show_bug.cgi?id=958582 https://bugzilla.suse.com/show_bug.cgi?id=958583 https://bugzilla.suse.com/show_bug.cgi?id=958584 https://bugzilla.suse.com/show_bug.cgi?id=958586 . The newest Samba patch resolves several security flaws, providing updates for various SUSE operating systems.. Samba Security Update, SUSE Samba Fixes, Remote Exploit Issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 19, 2016 Important SuSE
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise Linuximportant

Red Hat: RHSA-2015:0840-01 Important: Access Plugin File Access

An updated redhat-access-plugin-openstack package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: redhat-access-plugin security update Advisory ID: RHSA-2015:0840-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2015:0840.html Issue date: 2015-04-16 CVE Names: CVE-2015-0271 ==================================================================== 1. Summary: An updated redhat-access-plugin-openstack package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 7 - noarch 3. Description: The Red Hat Support plug-in for Red Hat OpenStack is a Technology Preview feature which offers seamless integrated access to Red Hat subscription services from the Red Hat OpenStack administration portal. The plug-in provides automated functionality that enables quicker help, answers, and proactive services. It offers easy and instant access to Red Hat exclusive knowledge, resources, engagement, and diagnostic features. It was found that the local log-viewing function of the redhat-access-plugin for OpenStack Dashboard (horizon) did not sanitize user input. An authenticated user could use this flaw to read an arbitrary file with the permissions of the web server. (CVE-2015-0271) Red Hat would like to thank Sara Perez Merino of SensePost for reporting this issue. Allredhat-access-plugin-openstack users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1193638 - CVE-2015-0271 OpenStack dashboard: log file arbitrary file retrieval 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 7: Source: redhat-access-plugin-openstack-5.0.1-0.el7ost.src.rpm noarch: redhat-access-plugin-openstack-5.0.1-0.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2015-0271 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. . A significant announcement regarding the access plugin from Red Hat addresses a security vulnerability that permits file access for authenticated users.. Red Hat Access Plugin, OpenStack Security, File Access Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 16, 2015 Important Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here