Alerts This Week
Warning Icon 1 700
Alerts This Week
Warning Icon 1 700

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 23: Critical Flex Update for Buffer Overflow Issue

Change type for num_to_read from yy_size_t to int.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-8d79ade826 2016-12-09 19:11:08.399542 -------------------------------------------------------------------------------- Name : flex Product : Fedora 23 Version : 2.6.0 Release : 2.fc23 URL : Summary : A tool for creating scanners (text pattern recognizers) Description : The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The executable searches through its input for occurrences of the regular expressions. When a match is found, it executes the corresponding C code. Flex was designed to work with both Yacc and Bison, and is used by many programs as part of their build process. You should install flex if you are going to use your system for application development. -------------------------------------------------------------------------------- Update Information: Change type for num_to_read from yy_size_t to int. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360743 - CVE-2016-6354 flex: buffer overflow in generated code (yy_get_next_buffer) https://bugzilla.redhat.com/show_bug.cgi?id=1360743 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade flex' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The software component has been revised to fix a critical memory overflow vulnerability. Please install the update immediately to strengthen overall system protection.. Fedora Update, Flex Update, Buffer Overflow Fix, Application Development. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 10, 2016 Critical Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicesecurity update

Debian Jessie DSA-3653-2 Critical: Flex Buffer Overflow Fix

It was reported that the update for flex as released in DSA-3653-1 did not completely address CVE-2016-6354 as intended due to problems in the patch handling and regenerated files during the build. Additionally a regression was introduced, causing new warnings when compiling flex . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3653-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso September 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : flex CVE ID : CVE-2016-6354 Debian Bug : 832768 835542 It was reported that the update for flex as released in DSA-3653-1 did not completely address CVE-2016-6354 as intended due to problems in the patch handling and regenerated files during the build. Additionally a regression was introduced, causing new warnings when compiling flex generated code. Updated packages are now available to address these problems. For reference, the relevant part of the original advisory text follows. Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer() function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. For the stable distribution (jessie), this problem has been fixed in version 2.5.39-8+deb8u2. We recommend that you upgrade your flex packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Debian Security Advisory DSA-3654-1 notifies users of a crucial update to the libpng library addressing a severe vulnerability and its effects on system integrity. Debian Security Advisory, Flex Security Update,Buffer Overflow, Critical Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 04, 2016 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Debian 9 DSA-4567-2 Critical: Flex Buffer Overflow Risk

Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer() function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3653-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : flex CVE ID : CVE-2016-6354 Debian Bug : 832768 Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer() function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. bogofilter will be rebuild against the updated flex in a followup update. Further affected applications should be reported at the bug referenced above. For the stable distribution (jessie), this problem has been fixed in version 2.5.39-8+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 2.6.1-1. For the unstable distribution (sid), this problem has been fixed in version 2.6.1-1. We recommend that you upgrade your flex packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian has issued a patch for flex to address a critical buffer overflow vulnerability that could enable unauthorized code execution. Users should apply this update immediately to enhance security and prevent potential exploits.. Debian Security Advisory,FLEX Update,Buffer Overflow Fix,Denial Of Service. . Severity: Critical.LinuxSecurity.com Team

Calendar 2 Aug 25, 2016 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian 3.1 DSA 1020-1 Critical: Flex Buffer Overflow Threat

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1020-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : flex Vulnerability : buffer overflow Problem-Type : local Debian-specific: no CVE ID : CVE-2006-0459 Chris Moore discovered that flex, a scanner generator, generates code, which allocates insufficient memory, if the grammar contains REJECT statements or trailing context rules. This may lead to a buffer overflow and the execution of arbitrary code. If you use code, which is derived from a vulnerable lex grammar in an untrusted environment you need to regenerate your scanner with the fixed version of flex. The old stable distribution (woody) is not affected by this problem. For the stable distribution (sarge) this problem has been fixed in version 2.5.31-31sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.5.33-1. We recommend that you upgrade your flex package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 658 c8b6a0ea37517968898791efb5a7b4e6 Size/MD5 checksum: 232063 06e7055de06929ee8333c98cb83e060a Size/MD5 checksum: 8548027c81a69800245bae33070c46b4e3ab61 Architecture independent components: Size/MD5 checksum: 141472 61b73b16eee05b2726b69389702816c8 Alpha architecture: Size/MD5 checksum: 277052 dc2ffe52ee80557c37f106694394013e AMD64 architecture: Size/MD5 checksum: 269466 8f1dbdf97472966b6ccd0e2f48155315 ARM architecture: Size/MD5 checksum: 265434 b6b385e746d090ead980d2d5b00ce660 Intel IA-32 architecture: Size/MD5 checksum: 257982 2042d8b6d1e44afecc6ef482ebd7ed5b Intel IA-64 architecture: Size/MD5 checksum: 373648 cf4a355a392906d35b4c6517b1af4da3 HP Precision architecture: Size/MD5 checksum: 269346 33d0851b9b55a8a5ca02662e7eabc4b5 Motorola 680x0 architecture: Size/MD5 checksum: 249344 90d10c0c21d102a2c884f7f255324e6a Big endian MIPS architecture: Size/MD5 checksum: 269530 16b2e02bdc974b5429c5bbca25c68257 Little endian MIPS architecture: Size/MD5 checksum: 268294 b9ea1fbf8d7f90420a38d60d888419b5 PowerPC architecture: Size/MD5 checksum: 341390 5acfa6e366ba01bace247bf4f919c51b IBM S/390 architecture: Size/MD5 checksum: 266372 7397af4c7d966de84e60503c7d1955a0 Sun Sparc architecture: Size/MD5 checksum: 339300 74c5fff73315873fe893d84497ac308a These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Flex toolkit enhanced to resolve memory overflow vulnerabilities. Confirm safe code compilation in your Ubuntu setup immediately.. Debian Flex Patch, Buffer Overflow Fix, Debian Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 27, 2006 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here