Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycritical updatefish shell

Mageia 9: 2023-0344 Critical Advisory on Fish Shell CVE-2023-49284

Mageia 9 is updated to version 3.6.4 to fix CVE-2023-49284. Mageia 8 receives an upstream patch to fix CVE-2023-49284. CVE-2023-49284: fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather . MGASA-2023-0344 - Updated fish packages fix a security vulnerability Publication date: 12 Dec 2023 URL: https://advisories.mageia.org/MGASA-2023-0344.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2023-49284 Mageia 9 is updated to version 3.6.4 to fix CVE-2023-49284. Mageia 8 receives an upstream patch to fix CVE-2023-49284. CVE-2023-49284: fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, rather than transforming them into a safe internal representation. References: - https://bugs.mageia.org/show_bug.cgi?id=32614 - https://www.cve.org/CVERecord?id=CVE-2023-49284 SRPMS: - 8/core/fish-3.4.1-1.1.mga8 - 9/core/fish-3.6.4-1.mga9 . The recent Mageia 9 update enhances the fish shell, fixing the CVE-2023-49284 vulnerability and includes upstream patches for Mageia 8 users too. Mageia Security Advisory, Fish Shell Update, Unicode Command Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 12, 2023 Critical Mageia
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalsoftware update

Debian: DSA-5234-1 Critical: Fish Shell Arbitrary Code Execution

An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5234-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Aron Xu September 21, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fish CVE ID : CVE-2022-20001 An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. For the stable distribution (bullseye), this problem has been fixed in version 3.1.2-3+deb11u1. We recommend that you upgrade your fish packages. For the detailed security status of fish please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/fish Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-5235-1 tackles a security vulnerability within the bash shell, necessitating immediate patching for affected users.. Debian Security, Fish Shell Update, Code Execution Flaw. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 21, 2022 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical issueFedora

Fedora 36 FEDORA-2022-443c5ec2dd Critical: fish Arbitrary Code Execution

Update to 3.4.1. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-443c5ec2dd 2022-04-04 00:14:55.469231 --------------------------------------------------------------------------------Name : fish Product : Fedora 36 Version : 3.4.1 Release : 1.fc36 URL : https://fishshell.com Summary : Friendly interactive shell Description : fish is a fully-equipped command line shell (like bash or zsh) that is smart and user-friendly. fish supports powerful features like syntax highlighting, autosuggestions, and tab completions that just work, with nothing to learn or configure. --------------------------------------------------------------------------------Update Information: Update to 3.4.1 --------------------------------------------------------------------------------ChangeLog: * Sun Apr 3 2022 Igor Raits 3.4.1-1 - Update to 3.4.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #2064332 - CVE-2022-20001 fish: Arbitrary Code Execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2064332 [ 2 ] Bug #2068710 - fish-3.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2068710 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-443c5ec2dd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe sendan email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 36 upgrades fish to edition 3.4.1, addressing significant security flaws associated with arbitrary code execution.. Fedora Security Advisory,Fish Shell Update,Arbitrary Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 03, 2022 Critical Fedora
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo GLSA 201412-49 High Severity: Fish Shell Privilege Escalation

Multiple vulnerabilities have been found in fish, the worst of which could result in local privilege escalation or remote arbitrary code execution. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-49 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: fish: Multiple vulnerabilities Date: December 28, 2014 Bugs: #509044 ID: 201412-49 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in fish, the worst of which could result in local privilege escalation or remote arbitrary code execution. Background ========= fish is the Friendly Interactive SHell. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-shells/fish < 2.1.1 > = 2.1.1 Description ========== Multiple vulnerabilities have been discovered in fish. Please review the CVE identifiers referenced below for details. Impact ===== A local attacker may be able to gain escalated privileges or overwrite arbitrary files. Furthermore, a remote attacker may be able to execute arbitrary code. Workaround ========= There is no known workaround at this time. Resolution ========= All fish users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-shells/fish-2.1.1" References ========= [ 1 ] CVE-2014-2905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2905 [ 2 ] CVE-2014-2906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2906 [ 3 ] CVE-2014-2914 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2914 [ 4 ] CVE-2014-3219 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3219 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201412-49 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Uncover significant vulnerabilities in the fish shell impacting Gentoo, leading to possible local privilege elevation and remote code exploitation.. fish Security, Gentoo Advisory, High Severity Issues, Code Execution, Privilege Escalation. . LinuxSecurity.com Team

Calendar 2 Dec 28, 2014 Gentoo
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here