Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 42 FontForge Critical Remote Code Execution CVE-2025-15270

Resolves: CVE-2025-15270. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3dbd8c4b89 2026-03-27 00:49:16.797769+00:00 -------------------------------------------------------------------------------- Name : fontforge Product : Fedora 42 Version : 20230101 Release : 19.fc42 URL : https://fontforge.org/ Summary : Outline and bitmap font editor Description : FontForge (former PfaEdit) is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. -------------------------------------------------------------------------------- Update Information: Resolves: CVE-2025-15270 -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 18 2026 Parag Nemade - 20230101-19 - Resolves: CVE-2025-15270 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2426579 - CVE-2025-15270 fontforge: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2426579 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3dbd8c4b89' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to FontForge on Fedora 42 addresses critical remote code execution issue in font file parsing.. FontForge, Fedora 42, remote code execution, security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 27, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 41: FontForge Important Memory Leak Issue CVE-2025-50949

CVE-2025-50949. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-cb6d4788a8 2025-11-06 02:59:41.186030+00:00 -------------------------------------------------------------------------------- Name : fontforge Product : Fedora 41 Version : 20230101 Release : 16.fc41 URL : https://fontforge.org/ Summary : Outline and bitmap font editor Description : FontForge (former PfaEdit) is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. -------------------------------------------------------------------------------- Update Information: CVE-2025-50949 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 28 2025 Parag Nemade - 20230101-16 - Move to use %autosetup macro so that we will not forget to apply patches * Mon Oct 27 2025 Parag Nemade - 20230101-15 - Resolves: CVE-2025-50949 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2406131 - CVE-2025-50949 fontforge: Fontforge memory leak [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2406131 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cb6d4788a8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announcemailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . FontForge updated for Fedora 41 addresses a memory leak issue as per advisory FEDORA-2025-cb6d4788a8 details.. Fedora FontForge Update Memory Leak CVE-2025-50949. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 06, 2025 Important Fedora
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuecritical

Debian: DSA-5641-1 Critical: Fontforge Shell Injection Issues

It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files. For the oldstable distribution (bullseye), these problems have been fixed . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5641-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso March 19, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fontforge CVE ID : CVE-2024-25081 CVE-2024-25082 Debian Bug : 1064967 It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files. For the oldstable distribution (bullseye), these problems have been fixed in version 1:20201107~dfsg-4+deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 1:20230101~dfsg-1.1~deb12u1. We recommend that you upgrade your fontforge packages. For the detailed security status of fontforge please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/fontforge Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Attention all users: The Fontforge security update DSA-5641-1 addresses critical shell injection vulnerabilities within Debian's font editing software. Please ensure to upgrade immediately!. Debian, Fontforge, Shell Injection, Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 19, 2024 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian DSA-3958-1 Critical FontForge DoS Threat Details

It was discovered that FontForge, a font editor, did not correctly validate its input. An attacker could use this flaw by tricking a user into opening a maliciously crafted OpenType font file, thus causing a denial-of-service via application crash, or execution of arbitrary . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3958-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Sebastien Delafond August 29, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fontforge CVE ID : CVE-2017-11568 CVE-2017-11569 CVE-2017-11571 CVE-2017-11572 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577 Debian Bug : 869614 It was discovered that FontForge, a font editor, did not correctly validate its input. An attacker could use this flaw by tricking a user into opening a maliciously crafted OpenType font file, thus causing a denial-of-service via application crash, or execution of arbitrary code. For the oldstable distribution (jessie), these problems have been fixed in version 20120731.b-5+deb8u1. For the stable distribution (stretch), these problems have been fixed in version 1:20161005~dfsg-4+deb9u1. We recommend that you upgrade your fontforge packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-3960-1 concerns vulnerabilities in GnuPG, aimed at mitigating data exposure and integrity issues.. FontForge Security Update, Debian Advisory, Input Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 29, 2017 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here