Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Fedora 34: 2021-d20d6712bc High: Java OpenJDK File Transfer Issue

# New in release OpenJDK 8u302 (2021-07-20) Live versions of these release notes can be found at: * https://mail.openjdk.org/pipermail/jdk8u-dev/2021-July/014118.html * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u302.txt ## Security fixes * JDK-8256157: Improve bytecode assembly * JDK-8256491: Better HTTP transport * JDK-8258432, CVE-2021-2341: Improve file transfers *. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-d20d6712bc 2021-08-01 04:04:30.580731 --------------------------------------------------------------------------------Name : java-1.8.0-openjdk Product : Fedora 34 Version : 1.8.0.302.b08 Release : 0.fc34 URL : https://openjdk.org/ Summary : OpenJDK 8 Runtime Environment Description : The OpenJDK 8 runtime environment. --------------------------------------------------------------------------------Update Information: # New in release OpenJDK 8u302 (2021-07-20) Live versions of these release notes can be found at: * https://mail.openjdk.org/pipermail/jdk8u-dev/2021-July/014118.html * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u302.txt ## Security fixes * JDK-8256157: Improve bytecode assembly * JDK-8256491: Better HTTP transport * JDK-8258432, CVE-2021-2341: Improve file transfers * JDK-8260453: Improve Font Bounding - JDK-8260960: Signs of jarsigner signing - JDK-8260967, CVE-2021-2369: Better jar file validation - JDK-8262380: Enhance XML processing passes - JDK-8262403: Enhanced data transfer -JDK-8262410: Enhanced rules for zones - JDK-8262477: Enhance String Conclusions - JDK-8262967: Improve Zip file support - JDK-8264066, CVE-2021-2388: Enhance compiler validation - JDK-8264079: Improve abstractions - JDK-8264460: Improve NTLM support ## Major changes * Removed Root Certificates with 1024-bit Keys * Removed Telia Company's Sonera Class2 CA certificate * Improve Encoding of TLSApplication-Layer Protocol Negotiation (ALPN) Values * Support for certificate_authorities Extension in TLS --------------------------------------------------------------------------------ChangeLog: * Fri Jul 16 2021 Andrew Hughes - 1:1.8.0.302.b08-0 - Update to aarch64-shenandoah-jdk8u302-b08 (EA) - Update release notes for 8u302-b08. - Switch to GA mode for final release. * Thu Jul 8 2021 Andrew Hughes - 1:1.8.0.302.b07-0.0.ea - Update to aarch64-shenandoah-jdk8u302-b07 (EA) - Update release notes for 8u302-b07. - Switch to EA mode. - Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-d20d6712bc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . CentOS Patch for Python 3.7.6 addresses multiple vulnerabilities with enhanced performance in network protocols.. Java OpenJDK, Fedora Security, Java Runtime Update, OpenJDK Security Fixes. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2021 Fedora
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateopenssh

OpenSUSE: 2019:1602-1 Moderate: OpenSSH Security Issues Resolved

An update that solves two vulnerabilities and has four fixes is now available.. openSUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1602-1 Rating: moderate References: #1065237 #1090671 #1119183 #1121816 #1121821 #1131709 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers (bsc#1121816). - CVE-2019-6111: Properly validate object names received by the scp client to prevent arbitrary file overwrites when interacting with a malicious SSH server (bsc#1121821). Other issues fixed: - Fixed two race conditions in sshd relating to SIGHUP (bsc#1119183). - Returned proper reason for port forwarding failures (bsc#1090671). - Fixed a double free() in the KDF CAVS testing tool (bsc#1065237). This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1602=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): openssh-7.2p2-35.1 openssh-askpass-gnome-7.2p2-35.1 openssh-askpass-gnome-debuginfo-7.2p2-35.1 openssh-cavs-7.2p2-35.1 openssh-cavs-debuginfo-7.2p2-35.1 openssh-debuginfo-7.2p2-35.1 openssh-debugsource-7.2p2-35.1 openssh-fips-7.2p2-35.1 openssh-helpers-7.2p2-35.1 openssh-helpers-debuginfo-7.2p2-35.1 References: https://www.suse.com/security/cve/CVE-2019-6109.html https://www.suse.com/security/cve/CVE-2019-6111.html https://bugzilla.suse.com/1065237 https://bugzilla.suse.com/1090671 https://bugzilla.suse.com/1119183 https://bugzilla.suse.com/1121816 https://bugzilla.suse.com/1121821 https://bugzilla.suse.com/1131709 -- . This patch tackles significant concerns in OpenSSH, rectifying major vulnerabilities and boosting overall system reliability.. openssh update, openSUSE security, moderate advisory, file transfer security. . LinuxSecurity.com Team

Calendar 2 Jun 24, 2019 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateopenssh

SUSE: 2019:0496-1 Moderate: openssh File Transfer Issues Fix

An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:0496-1 Rating: moderate References: #1121816 #1121821 #1125687 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers (bsc#1121816) - CVE-2019-6111: Properly validate object names received by the scp client to prevent arbitrary file overwrites when interacting with a malicious SSH server (bsc#1121821) Other bug fixes and changes: - Handle brace expansion in scp when checking that filenames sent by the server side match what the client requested (bsc#1125687) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-496=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patchSUSE-SLE-Module-Development-Tools-OBS-15-2019-496=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2019-496=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-496=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): openssh-debuginfo-7.6p1-9.23.1 openssh-debugsource-7.6p1-9.23.1 openssh-fips-7.6p1-9.23.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): openssh-cavs-7.6p1-9.23.1 openssh-cavs-debuginfo-7.6p1-9.23.1 openssh-debuginfo-7.6p1-9.23.1 openssh-debugsource-7.6p1-9.23.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): openssh-askpass-gnome-7.6p1-9.23.1 openssh-askpass-gnome-debuginfo-7.6p1-9.23.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): openssh-7.6p1-9.23.1 openssh-debuginfo-7.6p1-9.23.1 openssh-debugsource-7.6p1-9.23.1 openssh-helpers-7.6p1-9.23.1 openssh-helpers-debuginfo-7.6p1-9.23.1 References: https://www.suse.com/security/cve/CVE-2019-6109.html https://www.suse.com/security/cve/CVE-2019-6111.html https://bugzilla.suse.com/1121816 https://bugzilla.suse.com/1121821 https://bugzilla.suse.com/1125687 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Update: Security update for openssh __________________________________________________. update, solves, vulnerabilities, errata, security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 26, 2019 Important SuSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 12.10 USN-1746-1 Critical: Pidgin Multiple Issues Fixed

Several security issues were fixed in Pidgin.. =========================================================================Ubuntu Security Notice USN-1746-1 February 25, 2013 pidgin vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: Several security issues were fixed in Pidgin. Software Description: - pidgin: graphical multi-protocol instant messaging client for X Details: Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0271) It was discovered that Pidgin incorrectly handled long HTTP headers in the MXit protocol handler. A malicious remote server could use this issue to execute arbitrary code. (CVE-2013-0272) It was discovered that Pidgin incorrectly handled long user IDs in the Sametime protocol handler. A malicious remote server could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-0273) It was discovered that Pidgin incorrectly handled long strings when processing UPnP responses. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-0274) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: libpurple0 1:2.10.6-0ubuntu2.2 pidgin 1:2.10.6-0ubuntu2.2 Ubuntu 12.04 LTS: libpurple0 1:2.10.3-0ubuntu1.3 pidgin 1:2.10.3-0ubuntu1.3 Ubuntu 11.10: libpurple0 1:2.10.0-0ubuntu2.2 pidgin 1:2.10.0-0ubuntu2.2 Ubuntu 10.04 LTS: libpurple0 1:2.6.6-1ubuntu4.6 pidgin 1:2.6.6-1ubuntu4.6 After a standard system update you need to restart Pidgin to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1746-1 CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274 Package Information: https://launchpad.net/ubuntu/+source/pidgin/1:2.10.6-0ubuntu2.2 https://launchpad.net/ubuntu/+source/pidgin/1:2.10.3-0ubuntu1.3 https://launchpad.net/ubuntu/+source/pidgin/1:2.10.0-0ubuntu2.2 https://launchpad.net/ubuntu/+source/pidgin/1:2.6.6-1ubuntu4.6 . Numerous Pidgin vulnerabilities patched in Ubuntu versions 12.10, 12.04 LTS, 11.10, 10.04 LTS. Ensure your system is updated to reduce exposure.. Pidgin Security Issues, Ubuntu Updates, Remote Exploits. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 25, 2013 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here