Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
100
security advisorysecurity issueimportantSUSE: 2023:393-1 Important: bci/ruby Container Security Update
The container bci/ruby was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/ruby ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:393-1 Container Tags : bci/ruby:2 , bci/ruby:2-33.16 , bci/ruby:2.5 , bci/ruby:2.5-33.16 , bci/ruby:latest Container Release : 33.16 Severity : important Type : security References : 1207990 1207991 1207992 1208027 1208028 CVE-2023-22490 CVE-2023-23914 CVE-2023-23915 CVE-2023-23916 CVE-2023-23946 ----------------------------------------------------------------- The container bci/ruby was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:429-1 Released: Wed Feb 15 17:41:22 2023 Summary: Security update for curl Type: security Severity: important References: 1207990,1207991,1207992,CVE-2023-23914,CVE-2023-23915,CVE-2023-23916 This update for curl fixes the following issues: - CVE-2023-23914: Fixed HSTS ignored on multiple requests (bsc#1207990). - CVE-2023-23915: Fixed HSTS amnesia with --parallel (bsc#1207991). - CVE-2023-23916: Fixed HTTP multi-header compression denial of service (bsc#1207992). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:430-1 Released: Wed Feb 15 17:42:25 2023 Summary: Security update for git Type: security Severity: important References: 1208027,1208028,CVE-2023-22490,CVE-2023-23946 This update for git fixes the following issues: - CVE-2023-22490: Fixed incorrectly usable local clone optimization even when using a non-local transport (bsc#1208027). - CVE-2023-23946: Fixed issue where a path outside the working tree can be overwritten as the user who is running 'git apply' (bsc#1208028). The following package changes have been done: - libcurl4-7.79.1-150400.5.15.1 updated -curl-7.79.1-150400.5.15.1 updated - git-core-2.35.3-150300.10.24.1 updated - container:sles15-image-15.0.0-27.14.35 updated . SUSE Container Security Announcement for bci/ruby featuring essential security improvements for curl and git provided in patch format.. SUSE Container Update, Security Patches, BCI-Ruby Update, Curl Security Fix, Git Security Update. . Severity: Important. LinuxSecurity.com Team
Feb 17, 2023
•Important
SuSE
100
security advisorymoderate severitycontainer updateSUSE: 2022:2943-1 Moderate: Bci/Golang Container Update
The container bci/golang was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/golang ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2943-1 Container Tags : bci/golang:1.18 , bci/golang:1.18-18.23 Container Release : 18.23 Severity : moderate Type : security References : 1204455 1204456 CVE-2022-39253 CVE-2022-39260 ----------------------------------------------------------------- The container bci/golang was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3931-1 Released: Thu Nov 10 11:26:01 2022 Summary: Security update for git Type: security Severity: moderate References: 1204455,1204456,CVE-2022-39253,CVE-2022-39260 This update for git fixes the following issues: - CVE-2022-39260: Fixed overflow in split_cmdline() (bsc#1204456). - CVE-2022-39253: Fixed dereference issue with symbolic links via the `--local` clone mechanism (bsc#1204455). The following package changes have been done: - git-core-2.35.3-150300.10.18.1 updated . The latest bci/golang container updates feature critical enhancements aimed at improving security, specifically addressing moderate severity vulnerabilities related to git configuration.. bci Golang Security Update, Container Update Advisory, SUSE Security Fix. . LinuxSecurity.com Team
Nov 11, 2022
SuSE
100
security advisorysecurity updateimportantSUSE: 2022:1665-1 Important: bci/nodejs Security Update Advisory
The container bci/nodejs was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/nodejs ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1665-1 Container Tags : bci/node:16 , bci/node:16-8.23 , bci/node:latest , bci/nodejs:16 , bci/nodejs:16-8.23 , bci/nodejs:latest Container Release : 8.23 Severity : important Type : security References : 1196490 1199132 1201431 CVE-2022-23308 CVE-2022-29187 CVE-2022-29824 ----------------------------------------------------------------- The container bci/nodejs was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2550-1 Released: Tue Jul 26 14:00:21 2022 Summary: Security update for git Type: security Severity: important References: 1201431,CVE-2022-29187 This update for git fixes the following issues: - CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree (bsc#1201431). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2552-1 Released: Tue Jul 26 14:55:40 2022 Summary: Security update for libxml2 Type: security Severity: important References: 1196490,1199132,CVE-2022-23308,CVE-2022-29824 This update for libxml2 fixes the following issues: Update to 2.9.14: - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132). Update to version 2.9.13: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes. (bsc#1196490) The following package changes have been done: - libxml2-2-2.9.14-150400.5.7.1 updated - git-core-2.35.3-150300.10.15.1 updated - container:sles15-image-15.0.0-27.11.5 updated . The SUSE Container Update Advisory highlights important security updates for the bci/nodejs package,providing critical patches for vulnerabilities in git and libxml2, ensuring security.. bci/nodejs Security Update, Important Patches, Container Advisory. . Severity: Important. LinuxSecurity.com Team
Jul 27, 2022
•Important
SuSE
99
security advisorysecurity issuecode executionSlackware: 2022-104-01 Critical: Git Code Execution Issue
New git packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] git (SSA:2022-104-01) New git packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/git-2.35.3-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue where a Git worktree created by another user might be able to execute arbitrary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-24765 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 14.0: Updated package for Slackware x86_64 14.0: Updated package for Slackware 14.1: Updated package for Slackware x86_64 14.1: Updated package for Slackware 14.2: Updated package for Slackware x86_64 14.2: Updated package for Slackware 15.0: Updated package for Slackware x86_64 15.0: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 14.0 package: 6b17a4ecf0741281d1e279fcc54a80e3 git-2.30.4-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 39a11751fbbc5eaab6894a504962aaff git-2.30.4-x86_64-1_slack14.0.txz Slackware 14.1 package: ce59b30a1e570c22f42b712f8c413150 git-2.30.4-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 0b7e13d6531e82cc5b9f10d5e6e75d22 git-2.30.4-x86_64-1_slack14.1.txz Slackware 14.2 package: c882324d443fb463b2e4d71a766eaa31 git-2.30.4-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 4191b49059a6ca1819901b7f151e66f1 git-2.30.4-x86_64-1_slack14.2.txz Slackware 15.0 package: d269fef1e5e6525357aa8fd09e518109 git-2.35.3-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 780cf61ba865d4358cf9956360781a09 git-2.35.3-x86_64-1_slack15.0.txz Slackware -current package: 363c631c7a142afdc290039639f5d31f d/git-2.35.3-i586-1.txz Slackware x86_64 -current package: 5f0a6807cdf459b5d9418ea4412e7c2a d/git-2.35.3-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg git-2.35.3-i586-1_slack15.0.txz +-----+ . Several updated git packages for Slackware address a significant code execution vulnerability affecting numerous versions, bolstering security measures.. Slackware Security, Git Update, Code Execution Fix. . Severity: Critical. LinuxSecurity.com Team
Apr 14, 2022
•Critical
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!