Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issueFedora

Fedora 37: FEDORA-2023-5a4fd08de9 Low Severity Zchunk Issue

Fix several low severity security bugs.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-5a4fd08de9 2023-04-06 01:53:39.783218 --------------------------------------------------------------------------------Name : zchunk Product : Fedora 37 Version : 1.3.1 Release : 1.fc37 URL : https://github.com/zchunk/zchunk Summary : Compressed file format that allows easy deltas Description : zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file you downloaded is in fact the file you wanted. --------------------------------------------------------------------------------Update Information: Fix several low severity security bugs. --------------------------------------------------------------------------------ChangeLog: * Tue Apr 4 2023 Jonathan Dieter - 1.3.1-1 - Fix a few low severity security bugs including - An off-by-one overflow when reading compressed integers from a malicious zchunk file - Error handling being skipped when the number of bytes read doesn't match what's expected - Not freeing memory when attempting to reallocate to size 0 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-5a4fd08de9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Address minor vulnerabilities in Fedora's zchunk package while enhancing secure and efficient file processing. Perform an update using dnf.. Fedora Security, Zchunk Issues, Low Severity Bugs. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Apr 06, 2023 Low Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebiansox

Debian 10: DLA-3315-1 Critical: SoX Memory Access Threats

This update fixes multiple file format validation vulnerabilities that could result in memory access violations such as buffer overflows and floating point exceptions. It also fixes a regression in hcom parsing introduced when fixing CVE-2017-11358. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3315-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Helmut Grohne February 10, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : sox Version : 14.4.2+git20190427-1+deb10u1 CVE ID : CVE-2019-13590 CVE-2021-3643 CVE-2021-23159 CVE-2021-23172 CVE-2021-23210 CVE-2021-33844 CVE-2021-40426 CVE-2022-31650 CVE-2022-31651 Debian Bug : 933372 1010374 1012138 1012516 1021133 1021134 1021135 This update fixes multiple file format validation vulnerabilities that could result in memory access violations such as buffer overflows and floating point exceptions. It also fixes a regression in hcom parsing introduced when fixing CVE-2017-11358. CVE-2019-13590 In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c. CVE-2021-3643 The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information. CVE-2021-23159 A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash. CVE-2021-23172 A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash. CVE-2021-23210 A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash. CVE-2021-33844 A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash. CVE-2021-40426 A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVE-2022-31650 There is a floating-point exception in lsx_aiffstartwrite in aiff.c. CVE-2022-31651 There is an assertion failure in rate_init in rate.c. For Debian 10 buster, these problems have been fixed in version 14.4.2+git20190427-1+deb10u1. We recommend that you upgrade your sox packages. For the detailed security status of sox please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/sox Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The latest update addresses significant vulnerabilities in SoX, improving protection against memory-related problems and ensuring proper validation of file formats.. SoX Security, Debian LTS, Memory Access Issues, File Format Validation, Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 10, 2023 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesoftware update

Fedora 36: Moderate Fixes for Zchunk Files Resolve Coverity Issues

Fix various small issues highlighted by Coverity. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-a7ceb864fd 2022-05-07 04:08:14.315665 --------------------------------------------------------------------------------Name : zchunk Product : Fedora 36 Version : 1.2.2 Release : 1.fc36 URL : https://github.com/zchunk/zchunk Summary : Compressed file format that allows easy deltas Description : zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file you downloaded is in fact the file you wanted. --------------------------------------------------------------------------------Update Information: Fix various small issues highlighted by Coverity --------------------------------------------------------------------------------ChangeLog: * Mon Apr 18 2022 Jonathan Dieter - 1.2.2-1 - Fixed a number of small issues highlighted by Coverity --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-a7ceb864fd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 36 enhances the zchunk file format to address issues highlighted by Coverity, focusing on stability, security, and better programming practices. zchunk Update, File Format Fixes, Fedora Notification, Coverity Issues. . LinuxSecurity.com Team

Calendar 2 May 07, 2022 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity issue

Fedora Core 3: 2005-403 Moderate: gedit Filename Structure Vulnerability

An updated gedit package that fixes a file name format string vulnerability is now available.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-402 2005-06-26 ---------------------------------------------------------------------Product : Fedora Core 3 Name : gedit Version : 2.8.1 Release : 2.fc3.1 Summary : gEdit is a small but powerful text editor for GNOME. Description : gEdit is a small but powerful text editor designed specifically for the GNOME GUI desktop. gEdit includes a plug-in API (which supports extensibility while keeping the core binary small), support for editing multiple documents using notebook tabs, and standard text editor functions. You'll need to have GNOME and GTK+ installed to use gEdit. ---------------------------------------------------------------------Update Information: An updated gedit package that fixes a file name format string vulnerability is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team gEdit is a small text editor designed specifically for the GNOME GUI desktop. A file name format string vulnerability has been discovered in gEdit. It is possible for an attacker to create a file with a carefully crafted name which, when the file is opened, executes arbitrary instructions on a victim's machine. Although it is unlikely that a user would manually open a file with such a carefully crafted file name, a user could, for example, be tricked into opening such a file from within an email client. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1686 to this issue. Users of gEdit should upgrade to this updated package, which contains a backported patch to correct this issue. ---------------------------------------------------------------------* Tue Jun 7 2005 Ray Strode 1:2.8.1-2.fc3.1 - Dontpass user input as format specifiers to gtk_message_dialog_new (bug 159657). ---------------------------------------------------------------------This update can be downloaded from: 0cda03e960fa2a10affb26df06a137c8 SRPMS/gedit-2.8.1-2.fc3.1.src.rpm e17d271ac464e23edd551516afae1c7f x86_64/gedit-2.8.1-2.fc3.1.x86_64.rpm e0c4cd2e6cfbd7c089521acae61e9320 x86_64/gedit-devel-2.8.1-2.fc3.1.x86_64.rpm 462896c74e203ef95b002f649cbee289 x86_64/debug/gedit-debuginfo-2.8.1-2.fc3.1.x86_64.rpm c95bab56d29eed0c5320ada147fba03d i386/gedit-2.8.1-2.fc3.1.i386.rpm d4d49f857df7b492cd45f00d9f06efda i386/gedit-devel-2.8.1-2.fc3.1.i386.rpm 72902a585ff2c43b57840b24d1868ecc i386/debug/gedit-debuginfo-2.8.1-2.fc3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------Thanks go to Bernd Bartmann for reminding me to send this announcement out. Sorry for the delay. Ray Strode --fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A revised gedit version resolves a filename formatting vulnerability that poses a moderate risk. Users are encouraged to update.. gedit Update, File Format Issue, Fedora Core Security, Text Editor Fix. . LinuxSecurity.com Team

Calendar 2 Jun 27, 2005 Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here