Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatered hat

Red Hat Enterprise Linux 8: RHSA-2021:4339 Moderate Grilo Security Fix

An update for grilo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: grilo security update Advisory ID: RHSA-2021:4339-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4339 Issue date: 2021-11-09 CVE Names: CVE-2021-39365 ==================================================================== 1. Summary: An update for grilo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fix(es): * grilo: missing TLS certificate verification (CVE-2021-39365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes describedin this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1997161 - CVE-2021-39365 grilo: missing TLS certificate verification 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: grilo-0.3.6-3.el8.src.rpm aarch64: grilo-0.3.6-3.el8.aarch64.rpm grilo-debuginfo-0.3.6-3.el8.aarch64.rpm grilo-debugsource-0.3.6-3.el8.aarch64.rpm ppc64le: grilo-0.3.6-3.el8.ppc64le.rpm grilo-debuginfo-0.3.6-3.el8.ppc64le.rpm grilo-debugsource-0.3.6-3.el8.ppc64le.rpm s390x: grilo-0.3.6-3.el8.s390x.rpm grilo-debuginfo-0.3.6-3.el8.s390x.rpm grilo-debugsource-0.3.6-3.el8.s390x.rpm x86_64: grilo-0.3.6-3.el8.i686.rpm grilo-0.3.6-3.el8.x86_64.rpm grilo-debuginfo-0.3.6-3.el8.i686.rpm grilo-debuginfo-0.3.6-3.el8.x86_64.rpm grilo-debugsource-0.3.6-3.el8.i686.rpm grilo-debugsource-0.3.6-3.el8.x86_64.rpm Red Hat Enterprise Linux CRB (v. 8): aarch64: grilo-debuginfo-0.3.6-3.el8.aarch64.rpm grilo-debugsource-0.3.6-3.el8.aarch64.rpm grilo-devel-0.3.6-3.el8.aarch64.rpm ppc64le: grilo-debuginfo-0.3.6-3.el8.ppc64le.rpm grilo-debugsource-0.3.6-3.el8.ppc64le.rpm grilo-devel-0.3.6-3.el8.ppc64le.rpm s390x: grilo-debuginfo-0.3.6-3.el8.s390x.rpm grilo-debugsource-0.3.6-3.el8.s390x.rpm grilo-devel-0.3.6-3.el8.s390x.rpm x86_64: grilo-debuginfo-0.3.6-3.el8.i686.rpm grilo-debuginfo-0.3.6-3.el8.x86_64.rpm grilo-debugsource-0.3.6-3.el8.i686.rpm grilo-debugsource-0.3.6-3.el8.x86_64.rpm grilo-devel-0.3.6-3.el8.i686.rpm grilo-devel-0.3.6-3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-39365 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.5_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYreSdzjgjWX9erEAQgUXQ/+MsNTidXA+HtyPhoDThqfob2SJF9D9hfK 7cymiEB53tTwXjJgdrncME31jpY14k5R21s1JjEoJ3QXzm7ydZej+pnkAa/5p6lV sspvrjO84b6ZLSZdERs2+N7tshhJ2T7jbJvfjIEkS/tqbEd4thXn5LmW7vRtnYvS Am/EolFKANB7veuBjHEPC3DRh9LMF2KLDP31BHVAZoIvJroT69hZRklmrFXY0tp4 oAFGI6w/om9m1U6S5lGzSS1vrRulxG3dzetmv3UEG5cUQhfHOZYD47+3F37eucKT 4Lq/LfJsXNJvbwkKdoqPc3QnqWF0aQAjox4V9x9N3u9KE0nJEB65nA6c/TanSAZG 7xdMMBM7nVv5+C30YNdVes6XwZzKq62Omao/NlgKRwPbUFFoXkRVVtkCv0oBKtFG x/3ffYHxgLBjpLj48UbWCY1VWNIJMhguStaOpSNSwjh4BchnloNN9n/fWP8s3Q0c 1sJWlrFXd8lnv4qIN/E+WVHWl9F2NGJFOCEDImXpBzKcF156otsP1M3XdFHeoBwF /QOn6ZaDo0h5Z+Jv+tVR1ZG8Av6LyXn0boCxlKc/Vb3ef43fyOo25IUnx7Gkjyh6 +nPibbce2Y/usDL64u9qtdhygqWvWvdFNFRLb+odJKkYzy2ebO8/WoikWN45E6Ef o0Z6RUP+brw=7sM2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . This article details a significant security update for RHEL 8 regarding a grilo vulnerability. An essential remedy for the lack of TLS validation is part of this update.. Red Hat Updates, Grilo Security, Enterprise Linux Security, TLS Threat Fix. . LinuxSecurity.com Team

Calendar 2 Nov 09, 2021 Red Hat
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatecritical

Mageia: 2021-0472 Critical: Grilo TLS Certificate Verification Issue

Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks. . MGASA-2021-0472 - Updated grilo packages fix security vulnerability Publication date: 13 Oct 2021 URL: https://advisories.mageia.org/MGASA-2021-0472.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-39365 Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks. References: - https://bugs.mageia.org/show_bug.cgi?id=29423 - https://lists.debian.org/debian-security-announce/2021/msg00148.html - https://ubuntu.com/security/notices/USN-5055-1 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/BHNVKGOZ7O6L44VYMLWYH5RN63ALIRV2/ - https://www.cve.org/CVERecord?id=CVE-2021-39365 SRPMS: - 8/core/grilo-0.3.14-1.mga8 . Mageia 2021-0451 introduces a boost for OpenSSL, reinforcing SSL/TLS handshake protocols to thwart potential interception threats.. Mageia Security Update, Grilo Framework, Network Protection. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 13, 2021 Critical Mageia
Banner 4 1028x280 1708121825 1771600306
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportant updatecertificate issue

openSUSE Leap 15.2: 2021:1312-1 Important: TLS Certificate Issue

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for grilo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1312-1 Rating: important References: #1189839 Cross-References: CVE-2021-39365 CVSS scores: CVE-2021-39365 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification (bsc#1189839). This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1312=1 Package List: - openSUSE Leap 15.2 (noarch): grilo-lang-0.3.12-lp152.2.3.1 - openSUSE Leap 15.2 (x86_64): grilo-debuginfo-0.3.12-lp152.2.3.1 grilo-debugsource-0.3.12-lp152.2.3.1 grilo-devel-0.3.12-lp152.2.3.1 grilo-tools-0.3.12-lp152.2.3.1 grilo-tools-debuginfo-0.3.12-lp152.2.3.1 libgrilo-0_3-0-0.3.12-lp152.2.3.1 libgrilo-0_3-0-debuginfo-0.3.12-lp152.2.3.1 libgrlnet-0_3-0-0.3.12-lp152.2.3.1 libgrlnet-0_3-0-debuginfo-0.3.12-lp152.2.3.1 libgrlpls-0_3-0-0.3.12-lp152.2.3.1 libgrlpls-0_3-0-debuginfo-0.3.12-lp152.2.3.1 typelib-1_0-Grl-0_3-0.3.12-lp152.2.3.1 typelib-1_0-GrlNet-0_3-0.3.12-lp152.2.3.1 typelib-1_0-GrlPls-0_3-0.3.12-lp152.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-39365.html https://bugzilla.suse.com/1189839 . A significant patch forgrilo addresses a TLS certificate problem, enhancing system security on openSUSE Leap 15.2.. openSUSE Grilo Update TLS Certificate. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 28, 2021 Important OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity fixcritical threat

openSUSE Leap 15.3: 2021:3194-1 Important Grilo TLS Certificate Issue

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for grilo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:3194-1 Rating: important References: #1189839 Cross-References: CVE-2021-39365 CVSS scores: CVE-2021-39365 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification (bsc#1189839). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-3194=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): grilo-debuginfo-0.3.12-3.3.1 grilo-debugsource-0.3.12-3.3.1 grilo-devel-0.3.12-3.3.1 grilo-tools-0.3.12-3.3.1 grilo-tools-debuginfo-0.3.12-3.3.1 libgrilo-0_3-0-0.3.12-3.3.1 libgrilo-0_3-0-debuginfo-0.3.12-3.3.1 libgrlnet-0_3-0-0.3.12-3.3.1 libgrlnet-0_3-0-debuginfo-0.3.12-3.3.1 libgrlpls-0_3-0-0.3.12-3.3.1 libgrlpls-0_3-0-debuginfo-0.3.12-3.3.1 typelib-1_0-Grl-0_3-0.3.12-3.3.1 typelib-1_0-GrlNet-0_3-0.3.12-3.3.1 typelib-1_0-GrlPls-0_3-0.3.12-3.3.1 - openSUSE Leap 15.3 (noarch): grilo-lang-0.3.12-3.3.1 References: https://www.suse.com/security/cve/CVE-2021-39365.html https://bugzilla.suse.com/1189839 . A significant patch for Fedora resolves lapses in SSL validation within grilo, carrying crucial security risks for its users.. openSUSE Security Update, GriloTLS Fix, Security Patch Instructions, CVE-2021-39365. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 23, 2021 Important OpenSUSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorynetwork securitysecurity fix

SUSE: 2021:3194-1 Important: TLS Verification Issue Fix for Grilo

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for grilo ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3194-1 Rating: important References: #1189839 Cross-References: CVE-2021-39365 CVSS scores: CVE-2021-39365 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: SUSE Linux Enterprise Workstation Extension 15-SP3 SUSE Linux Enterprise Workstation Extension 15-SP2 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 SUSE Linux Enterprise Module for Desktop Applications 15-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification (bsc#1189839). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15-SP3: zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2021-3194=1 - SUSE Linux Enterprise Workstation Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2021-3194=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-3194=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP2: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP2-2021-3194=1 Package List: - SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64): grilo-debuginfo-0.3.12-3.3.1 grilo-debugsource-0.3.12-3.3.1 grilo-tools-0.3.12-3.3.1 grilo-tools-debuginfo-0.3.12-3.3.1 -SUSE Linux Enterprise Workstation Extension 15-SP3 (noarch): grilo-lang-0.3.12-3.3.1 - SUSE Linux Enterprise Workstation Extension 15-SP2 (x86_64): grilo-debuginfo-0.3.12-3.3.1 grilo-debugsource-0.3.12-3.3.1 grilo-tools-0.3.12-3.3.1 grilo-tools-debuginfo-0.3.12-3.3.1 - SUSE Linux Enterprise Workstation Extension 15-SP2 (noarch): grilo-lang-0.3.12-3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64): grilo-debuginfo-0.3.12-3.3.1 grilo-debugsource-0.3.12-3.3.1 grilo-devel-0.3.12-3.3.1 libgrilo-0_3-0-0.3.12-3.3.1 libgrilo-0_3-0-debuginfo-0.3.12-3.3.1 libgrlnet-0_3-0-0.3.12-3.3.1 libgrlnet-0_3-0-debuginfo-0.3.12-3.3.1 libgrlpls-0_3-0-0.3.12-3.3.1 libgrlpls-0_3-0-debuginfo-0.3.12-3.3.1 typelib-1_0-Grl-0_3-0.3.12-3.3.1 typelib-1_0-GrlNet-0_3-0.3.12-3.3.1 typelib-1_0-GrlPls-0_3-0.3.12-3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (aarch64 ppc64le s390x x86_64): grilo-debuginfo-0.3.12-3.3.1 grilo-debugsource-0.3.12-3.3.1 grilo-devel-0.3.12-3.3.1 libgrilo-0_3-0-0.3.12-3.3.1 libgrilo-0_3-0-debuginfo-0.3.12-3.3.1 libgrlnet-0_3-0-0.3.12-3.3.1 libgrlnet-0_3-0-debuginfo-0.3.12-3.3.1 libgrlpls-0_3-0-0.3.12-3.3.1 libgrlpls-0_3-0-debuginfo-0.3.12-3.3.1 typelib-1_0-Grl-0_3-0.3.12-3.3.1 typelib-1_0-GrlNet-0_3-0.3.12-3.3.1 typelib-1_0-GrlPls-0_3-0.3.12-3.3.1 References: https://www.suse.com/security/cve/CVE-2021-39365.html https://bugzilla.suse.com/1189839 . Patch released for SUSE Linux rectifying severe vulnerability in grilo, confirming that TLS certificate authentication remains secure.. SUSE Linux Update, Grilo Security Fix, TLS Verification Issue, Security Advisory, SUSE Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 23, 2021 Important SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalDebian

Debian 9: DLA-2762-1 Critical: Grilo TLS Certificate Issue

An issue has been found in grilo, a framework for discovering and browsing media. Due to missing TLS certificate verification, users are vulnerable to network MITM attacks. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2762-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz September 22, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : grilo Version : 0.3.2-2+deb9u1 CVE ID : CVE-2021-39365 An issue has been found in grilo, a framework for discovering and browsing media. Due to missing TLS certificate verification, users are vulnerable to network MITM attacks. For Debian 9 stretch, this problem has been fixed in version 0.3.2-2+deb9u1. We recommend that you upgrade your grilo packages. For the detailed security status of grilo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/grilo Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Inadequate TLS certificate validation in Grilo puts users at risk of possible MITM threats. Upgrade advised.. Debian LTS, Grilo Security, TLS Exploit, Network Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 21, 2021 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalubuntu

Ubuntu 21.04 USN-5055-1 Critical: Grilo MITM Attack Risk

grilo could be made to allow MITM attacks.. =========================================================================Ubuntu Security Notice USN-5055-1 August 30, 2021 grilo vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: grilo could be made to allow MITM attacks. Software Description: - grilo: Framework for discovering and browsing media - GObject introspect Details: Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issue to MITM attacks. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: libgrilo-0.3-0 0.3.13-1ubuntu0.1 Ubuntu 20.04 LTS: libgrilo-0.3-0 0.3.12-1ubuntu0.1 Ubuntu 18.04 LTS: libgrilo-0.3-0 0.3.4-1ubuntu0.1 Ubuntu 16.04 ESM: libgrilo-0.2-1 0.2.15-1ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5055-1 CVE-2021-39365 Package Information: https://launchpad.net/ubuntu/+source/grilo/0.3.13-1ubuntu0.1 https://launchpad.net/ubuntu/+source/grilo/0.3.12-1ubuntu0.1 https://launchpad.net/ubuntu/+source/grilo/0.3.4-1ubuntu0.1 . A significant vulnerability has been identified in Ubuntu's grilo affecting various editions. It's crucial to update promptly to protect against possible MITM exploits.. Grilo Framework, Ubuntu Security, TLS Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 30, 2021 Critical Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorymoderatedebian

Debian: DSA-4964-1 Moderate: Grilo TLS Certificate Issue - MITM Risk

Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4964-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia August 27, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : grilo CVE ID : CVE-2021-39365 Debian Bug : 992971 Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving usersvulnerable to network MITM attacks. For the oldstable distribution (buster), this problem has been fixed in version 0.3.7-1+deb10u1. For the stable distribution (bullseye), this problem has been fixed in version 0.3.13-1+deb11u1. We recommend that you upgrade your grilo packages. For the detailed security status of grilo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/grilo Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance Grilo to address TLS certificate validation problems that may lead to possible MITM threats within Debian environments.. Grilo Framework, TLS Verification, MAN-IN-THE-MIDDLE, Debian Security, Security Update. . LinuxSecurity.com Team

Calendar 2 Aug 27, 2021 Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here