Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (3)

Important (3)

Dovecot (141)

debian (8034)

denial of service (18299)

important (27751)

information leak (1384)

security advisory (114945)

critical (18622)

gsasl (5)

security update (9017)

SuSE (3977)

Fedora (2)

Oracle (1)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -3 articles for you...

217

security advisorysecurity updatecritical threat

Oracle Linux 8 ELSA-2022-0177 Critical Threat: Gegl04 Security Fix

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-0177 https://linux.oracle.com/errata/ELSA-2022-0177.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: gegl04-0.4.4-6.el8_5.2.i686.rpm gegl04-0.4.4-6.el8_5.2.x86_64.rpm gegl04-devel-0.4.4-6.el8_5.2.i686.rpm gegl04-devel-0.4.4-6.el8_5.2.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/gegl04-0.4.4-6.el8_5.2.src.rpm Related CVEs: CVE-2021-45463 Description of changes: [0.4.4-6.2] - spec bump because of build pipeline issues [0.4.4-6.1] - Fix CVE-2021-45463 (#2035423) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Update ELSA-2022-0180 modifies geck03 to mitigate CVE-2021-45678 for x86_64 architectures.. Oracle Linux, ELSA-2022-0177, gegl04 update, security patch. . Severity: Critical. LinuxSecurity.com Team

Jan 19, 2022 •Critical Oracle

security advisoryRed Hatsecurity fix

Red Hat 8.2 RHSA-2022:0184-01 Important: gegl04 Shell Issue

An update for gegl04 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: gegl04 security update Advisory ID: RHSA-2022:0184-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0184 Issue date: 2022-01-19 CVE Names: CVE-2021-45463 ==================================================================== 1. Summary: An update for gegl04 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.2) - ppc64le, x86_64 Red Hat Enterprise Linux AppStream EUS (v. 8.2) - ppc64le, x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.2): Source: gegl04-0.4.4-6.el8_2.1.src.rpm ppc64le: gegl04-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm x86_64: gegl04-0.4.4-6.el8_2.1.i686.rpm gegl04-0.4.4-6.el8_2.1.x86_64.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_2.1.i686.rpm gegl04-debugsource-0.4.4-6.el8_2.1.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.2): ppc64le: gegl04-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-devel-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm x86_64: gegl04-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_2.1.i686.rpm gegl04-debugsource-0.4.4-6.el8_2.1.x86_64.rpm gegl04-devel-0.4.4-6.el8_2.1.i686.rpm gegl04-devel-0.4.4-6.el8_2.1.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-45463 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYegFoNzjgjWX9erEAQg3dhAAlmSoZX8SticIWah2N2iSK57wz6Naq5/R IZPZvpfyG4xSB/IJN0rSZrNvRsP4weQbvze1uSwWj7vb6TMzC7oUDejneUdNCInC CKn/fCKbP9ljPUw/aAXxc+55NtgnO/pi0D85lc3rugHmyCHli8Adp1xUybrfTAuO WoXQNVNGoqjLIlihIGn/y7Np2vCK/L6LJ07w0BZoEb20gZqq3TUXAfSba9L80uht ZsnE85Ics/m+IUzoOaSgJBYW8Wy97LT5foRdwlnxeT3zTxpKzPr2aa+M8cuAShB0 Yc/Xb/jbCzrJq26Mlb4FQjxYM/wBtz4+9JkwWPYTZrwIJg3fxMFYc8rdhSwWrINz DseCeLncGZzt2K9CJ+ak/F+/vsU5CAVaXNOGR6HxEX3QyV8fZp7EPAwFOd/+nSHV TmdgfbX23Wdn6hh4q7SsZCfXQIaaZWnFfosFsdKaVE3tzN2hGtF8DLZW7CwJ2DGB THs0SA8nefQgux6cQ/xuuOEF1BVwlLtTTm2UDavJfezCfJJTcKtCcTC9redXmmAW VZSN4CjzrKs+2jOp9sSfj4URu2pJXo03Sq3Nzzm8Qpwpcd4p7uJN6G151uT74AC0 H11EWKFVBIoMCTEU5fYqfCx0RynVB7Ac9kZKR9x2kfJUuIh6PZZs+rYagu6/GUDo JT3GqetQPLU=UwAJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Fortify your Ubuntu environment by implementing the critical libjpeg turbo update that rectifies image handling weaknesses.. Red Hat Security, GEGL Framework, Enterprise Linux Update, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Jan 19, 2022 •Important Red Hat

security advisoryRed Hat Enterpriseimportant update

Red Hat: RHSA-2022:0178 Critical: gegl04 Shell Vulnerability Update

An update for gegl04 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: gegl04 security update Advisory ID: RHSA-2022:0178-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0178 Issue date: 2022-01-19 CVE Names: CVE-2021-45463 ==================================================================== 1. Summary: An update for gegl04 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.4) - ppc64le, x86_64 Red Hat Enterprise Linux AppStream EUS (v.8.4) - ppc64le, x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.8.4): Source: gegl04-0.4.4-6.el8_4.1.src.rpm ppc64le: gegl04-0.4.4-6.el8_4.1.ppc64le.rpm gegl04-debuginfo-0.4.4-6.el8_4.1.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_4.1.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_4.1.ppc64le.rpm x86_64: gegl04-0.4.4-6.el8_4.1.i686.rpm gegl04-0.4.4-6.el8_4.1.x86_64.rpm gegl04-debuginfo-0.4.4-6.el8_4.1.i686.rpm gegl04-debuginfo-0.4.4-6.el8_4.1.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_4.1.i686.rpm gegl04-debugsource-0.4.4-6.el8_4.1.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_4.1.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_4.1.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.4): ppc64le: gegl04-debuginfo-0.4.4-6.el8_4.1.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_4.1.ppc64le.rpm gegl04-devel-0.4.4-6.el8_4.1.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_4.1.ppc64le.rpm x86_64: gegl04-debuginfo-0.4.4-6.el8_4.1.i686.rpm gegl04-debuginfo-0.4.4-6.el8_4.1.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_4.1.i686.rpm gegl04-debugsource-0.4.4-6.el8_4.1.x86_64.rpm gegl04-devel-0.4.4-6.el8_4.1.i686.rpm gegl04-devel-0.4.4-6.el8_4.1.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_4.1.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-45463 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYegFbNzjgjWX9erEAQi0LQ/+KapC1EXi+mef4abubYSEB7+q+CIpyUf4 +GOBMEqfb9AbsFCWlsKEeMDqImsEf0xyINfvuiIQbiJFco+QvA6e9slOgIOGi4qh 8J7xngoiS+2T80D0wv7jOq/QSbWluM5/mPG384WEzMFrtZhjIkzITjGunnEhv4W+ zpO4t0UpxZYXoqMgMrf3PF81ab8hNWNytOdYBwya+corPPzO5T/7pZ/TSeL6BYVE 6J5uxCiVeNJhz5ntRJugDPpll2WbY2BHgt9WNpLWBqXaZOUFIaqd+wAlWLNUGYB0 8OwbcUXMgYMnv0Y/AzngEZW3/m+WGR8BApEjV7Yh8AocNSBea8YGfwEYo9jDZnFH Or2ZIsH00EDsdDLHyf7CwiKrQiHcZjA4M2Yo8BzyC0f2GpvN7mgNnobSOUfzszgj GLgpa01OHvJdBgX6z6dXMgYxwJu1yhXHGYEhPxyhP/7sAzAzo1a+YwvPg1ysP0UE oUO+cMN7/risCZgzfy4o4gqMMdfi4OLLEmTaLSKULJ0Vcodu5dUrL/eFdifM1xoe ZeAbBEzfBQso8yzSNdCvNTQAJ9rOVPSwpD4635Q6dsZrbRB1IKfRxccg04qxnSYN 67wU/khj5clSfji0bS27EqTvZUzgvUV/oY42JOPnKPC48nDPu5YW4yvNe5AFIuNv b7j6NyXagVk=aGmB -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical patch released for gegl04 on Red Hat Enterprise Linux 8.4 Extended Support. Protect your environment!. gegl04 Update, Red Hat Security, Linux Update, Extended Support, Shell Fix. . Severity: Important. LinuxSecurity.com Team

Jan 19, 2022 •Important Red Hat

security advisoryRed Hat Enterprise Linuximportant update

Red Hat Enterprise Linux 8: RHSA-2022-0177-02 Important: Shell Expansion

An update for gegl04 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: gegl04 security update Advisory ID: RHSA-2022:0177-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0177 Issue date: 2022-01-19 CVE Names: CVE-2021-45463 ==================================================================== 1. Summary: An update for gegl04 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - ppc64le, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - ppc64le, x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: gegl04-0.4.4-6.el8_5.2.src.rpm ppc64le: gegl04-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm x86_64: gegl04-0.4.4-6.el8_5.2.i686.rpm gegl04-0.4.4-6.el8_5.2.x86_64.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_5.2.i686.rpm gegl04-debugsource-0.4.4-6.el8_5.2.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): ppc64le: gegl04-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-devel-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm x86_64: gegl04-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_5.2.i686.rpm gegl04-debugsource-0.4.4-6.el8_5.2.x86_64.rpm gegl04-devel-0.4.4-6.el8_5.2.i686.rpm gegl04-devel-0.4.4-6.el8_5.2.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-45463 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYegFVdzjgjWX9erEAQgekQ//cMQEZVSjqDw+upgNa5YJ0hBOCojOAv2K f9S7qRP505rSA9hyqL139RuvrPqsjWFq4dYjpEPcyG5ASzY6FY3g3WQD6dVjGh2k cZekOV0zCNVFPAZhcXyqOd39FmnpOQNyOXPIQ0nqHLQKdidebvEOn8Jqi/upin0W 9X5tUDimVZdbkGXuk+uRojnU4iu2jt75ahrIAemPzDUfIFZFDJwMf3qI2A7/b6iz 006CXD6zoe9eXLLQj+BrWyCP3Rt/0fv1EqDPSP14h1kaThOWG/uY4B51J69oLhZG THIo5bI+KC+Zs0KNNcE5lMyB2j+ReuNDZSYScwnYUEAKaxtysJUOhFd/6DJ4ZqZ2 pdl1kw3pv2OjZpaj9bp8cGnVHUcDpFkxczdzFc9ULvNk3w1511ZQ7bLBEbP3nmxF 9i7rS7dK13tV7ieKuEHLD1rYafY+ZMkihG7MHRKSz+clJ7xB6Ps2JK95FsfVANsu qHJrtePUaT3Mq+5DM66N+OHO2zBY+ieyhS4iCoTxCXd7bVIwp+7fEeCudAlHYURl V/TJKN3y7raGJRObyC1I6etJbXt/QW6dsgMPdzJgFnGRDcv7xSoX6YU1hC31yPJx OF7aFDLgVey4WzrzaYbdcnm8lhFXsrZ2zv7M74IZQL93cbyWkZ6kBozzvzm3RdGB aE+G2r/qMo0=lKsf -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical security patch released for gegl04 in Red Hat Enterprise Linux 8, resolving shell expansion vulnerabilities found in the software.. Red Hat, gegl04, security update. . Severity: Important. LinuxSecurity.com Team

Jan 19, 2022 •Important Red Hat

security advisoryfedoraupdate

Fedora: 34 FEDORA-2022-5b5a738d7a Critical: gegl04 Shell Expansion

Security fix for CVE-2021-45463. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-5b5a738d7a 2022-01-13 00:59:17.610300 --------------------------------------------------------------------------------Name : gegl04 Product : Fedora 34 Version : 0.4.34 Release : 1.fc34 URL : https://www.gegl.org/ Summary : Graph based image processing framework Description : GEGL (Generic Graphics Library) is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2021-45463 --------------------------------------------------------------------------------ChangeLog: * Tue Jan 4 2022 Josef Ridky - 0.4.34-1 - New upstream release 0.4.34 - Fix CVE-2021-45463 --------------------------------------------------------------------------------References: [ 1 ] Bug #2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname https://bugzilla.redhat.com/show_bug.cgi?id=2035383 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-5b5a738d7a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send anemail to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Important announcement for Fedora 34 regarding a security patch for gegl04, aimed at safeguarding against manipulated pathname vulnerabilities.. Fedora Update, Security Fix, gegl04, Shell Expansion, Open Source. . Severity: Critical. LinuxSecurity.com Team

Jan 12, 2022 •Critical Fedora

security advisorycritical issueFedora

Fedora 35 GEGL04 Critical Shell Expansion Advisory: FEDORA-2022-a1c5b18362

Security fix for CVE-2021-45463. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-a1c5b18362 2022-01-08 01:18:41.488553 --------------------------------------------------------------------------------Name : gegl04 Product : Fedora 35 Version : 0.4.34 Release : 1.fc35 URL : https://www.gegl.org/ Summary : Graph based image processing framework Description : GEGL (Generic Graphics Library) is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2021-45463 --------------------------------------------------------------------------------ChangeLog: * Tue Jan 4 2022 Josef Ridky - 0.4.34-1 - New upstream release 0.4.34 - Fix CVE-2021-45463 --------------------------------------------------------------------------------References: [ 1 ] Bug #2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname https://bugzilla.redhat.com/show_bug.cgi?id=2035383 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-a1c5b18362' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send anemail to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . A security update for Fedora 35 has resolved a significant shell expansion vulnerability affecting the operation of gegl04, which is essential for image editing capabilities.. Fedora 35 Update,Gimp Processing,GEGL Installation,Security Advisory,Software Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Jan 07, 2022 •Critical Fedora

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Oracle Linux 8 ELSA-2022-0177 Critical Threat: Gegl04 Security Fix

Red Hat 8.2 RHSA-2022:0184-01 Important: gegl04 Shell Issue

Red Hat: RHSA-2022:0178 Critical: gegl04 Shell Vulnerability Update

Red Hat Enterprise Linux 8: RHSA-2022-0177-02 Important: Shell Expansion

Fedora: 34 FEDORA-2022-5b5a738d7a Critical: gegl04 Shell Expansion

Fedora 35 GEGL04 Critical Shell Expansion Advisory: FEDORA-2022-a1c5b18362

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!