Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooremote attack

Gentoo: GLSA-202301-14 Normal: Fetchmail Security Flaw Exposed

Multiple vulnerabilities have been discovered in getmail, allowing remote attackers to obtain sensitive information.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-50 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: getmail: Information disclosure Date: December 28, 2014 Bugs: #524684 ID: 201412-50 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in getmail, allowing remote attackers to obtain sensitive information. Background ========= getmail is a POP3 mail retriever with reliable Maildir and mbox delivery. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/getmail < 4.46.0 > = 4.46.0 Description ========== Multiple vulnerabilities have been discovered in getmail. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could cause a man-in-the-middle attack via multiple vectors to obtain sensitive information. Workaround ========= There is no known workaround at this time. Resolution ========= All getmail users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-mail/getmail-4.46.0" References ========= [ 1 ] CVE-2014-7273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7273 [ 2 ] CVE-2014-7274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7274 [ 3 ] CVE-2014-7275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7275 Availability =========== This GLSA and any updates to itare available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201412-50 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Numerous weaknesses identified in getmail could enable remote attackers to gain access to confidential data. Users are advised to update their software.. getmail Security Advisory, Information Disclosure, Remote Access Threats, Upgrade Getmail, Gentoo Security. . LinuxSecurity.com Team

Calendar 2 Dec 28, 2014 Gentoo
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorymoderateslackware

Slackware 10.0: SSA:2004-278-01 Moderate: Getmail Local Exploit Risk

New getmail packages are available for Slackware 9.1, 10.0 and -current to fix a security issue. If getmail is used as root to deliver to user owned files or directories, it can be made to overwrite system files. More details about this issue may be found in the Common . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] getmail (SSA:2004-278-01) New getmail packages are available for Slackware 9.1, 10.0 and -current to fix a security issue. If getmail is used as root to deliver to user owned files or directories, it can be made to overwrite system files. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CAN-2004-880 https://www.cve.org/CVERecord?id=CAN-2004-881 Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ patches/packages/getmail-4.2.0-noarch-1.tgz: Upgraded to getmaii-4.2.0. Earlier versions contained a local security flaw when used in an insecure fashion (surprise, running something as root that writes to user-controlled files or directories could allow the old symlink attack to clobber system files! :-) From the getmail CHANGELOG: This vulnerability is not exploitable if the administrator does not deliver mail to the maildirs/mbox files of untrusted local users, or if getmail is configured to use an external unprivileged MDA. This vulnerability is not remotely exploitable. Most users would not use getmail in such as way as to be vulnerable to this flaw, but if your site does this package closes the hole. I'd also recommend not using getmail like this. Either run it as the user that owns the target mailbox, or deliver through an external MDA. (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/getmail-3.2.5-noarch-1.tgz Updated package forSlackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/getmail-4.2.0-noarch-1.tgz Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 9.1 package: d31d3b88d33488fc55061ea154e31457 getmail-3.2.5-noarch-1.tgz Slackware 10.0 package: 47b5454e061919f2d2128a16fca3a037 getmail-4.2.0-noarch-1.tgz Slackware -current package: 65f55bffa3f5fb5158f5f5efb590671a getmail-4.2.0-noarch-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg getmail-4.2.0-noarch-1.tgz +-----+ . Recent getmail updates for Slackware tackle important vulnerabilities such as unauthorized file modifications – vital for ensuring system integrity.. Slackware, Getmail Update, Security Package, Attack Prevention. . LinuxSecurity.com Team

Calendar 2 Oct 04, 2004 Slackware
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA 553-1 Critical: Getmail Symlink Issue Exploit

A security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root.. -------------------------------------------------------------------------- Debian Security Advisory DSA 553-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze September 27th, 2004 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : getmail Vulnerability : symlink vulnerability Problem-Type : local Debian-specific: no CVE ID : CAN-2004-0880 CAN-2004-0881 Debian Bug : 272561 A security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root. For the stable distribution (woody) this problem has been fixed in version 2.3.7-2. For the unstable distribution (sid) this problem has been fixed in version 3.2.5-1. We recommend that you upgrade your getmail package. Upgrade Instructions -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 583 6263f8d2d75ec3eb21dd302e0b9d6729 Size/MD5 checksum: 2645 ff40d8f72744bfec8a963ece950e0bcd Size/MD5 checksum: 70944 4eef6be77a4cbe1a86eef75affd31b05 Architecture independentcomponents: Size/MD5 checksum: 74388 f2b9e79b1ddd8ef8bf719d4e1894f051 These files will probably be moved into the stable distribution on its next update. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . A pivotal symbolic link flaw identified in fetchmail allows attackers to reach confidential data; it is advised to perform updates to mitigate risks.. Getmail Local Risk, Debian Upgrade, Symlink Security Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 27, 2004 Critical Debian
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryGentoogetmail

Gentoo Linux 200409-32 High Risk: getmail Filesystem Overwrite

getmail contains a vulnerability that could potentially allow any local user to create or overwrite files in any directory on the system. This flaw can be escalated further and possibly lead to a complete system compromise. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200409-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: getmail: Filesystem overwrite vulnerability Date: September 23, 2004 Bugs: #64643 ID: 200409-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= getmail contains a vulnerability that could potentially allow any local user to create or overwrite files in any directory on the system. This flaw can be escalated further and possibly lead to a complete system compromise. Background ========= getmail is a reliable fetchmail replacement that supports Maildir, Mboxrd and external MDA delivery. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/getmail < 4.2.0 > = 4.2.0 Description ========== David Watson discovered a vulnerability in getmail when it is configured to run as root and deliver mail to the maildirs/mbox files of untrusted local users. A malicious local user can then exploit a race condition, or a similar symlink attack, and potentially cause getmail to create or overwrite files in any directory on the system. Impact ===== An untrusted local user could potentially create or overwrite files in any directory on the system. This vulnerability may also be exploited to have arbitrary commandsexecuted as root. Workaround ========= Do not run getmail as a privileged user; or, in version 4, use an external MDA with explicitly configured user and group privileges. Resolution ========= All getmail users should upgrade to the latest version: # emerge sync # emerge -pv "> =net-mail/getmail-4.2.0" # emerge "> =net-mail/getmail-4.2.0" References ========= [ 1 ] getmail ChangeLog [ 2 ] getmail Mailing List Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200409-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/1.0/ . An important getmail warning for Gentoo highlights a serious risk of directory overwrite vulnerability that threatens the system's integrity.. getmail vulnerability, filesystem overwrite, Gentoo Linux. . LinuxSecurity.com Team

Calendar 2 Sep 23, 2004 Gentoo
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here