Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoosoftware upgrade

Gentoo: GLSA-201310-14 Low Severity: Groff Symlink Attack Mitigation

Multiple vulnerabilities have been found in Groff, allowing context-dependent attackers to conduct symlink attacks.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201310-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Groff: Multiple Vulnerabilities Date: October 25, 2013 Bugs: #386335 ID: 201310-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Groff, allowing context-dependent attackers to conduct symlink attacks. Background ========= GNU Troff (Groff) is a text formatter used for man pages. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/groff < 1.22.2 > = 1.22.2 Description ========== Multiple vulnerabilities have been discovered in Groff. Please review the CVE identifiers referenced below for details. Impact ===== A context-dependent attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All Groff users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =sys-apps/groff-1.22.2" References ========= [ 1 ] CVE-2009-5044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5044 [ 2 ] CVE-2009-5078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5078 [ 3 ] CVE-2009-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5079 [ 4 ] CVE-2009-5080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5080 [ 5 ] CVE-2009-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5081 [ 6 ] CVE-2009-5082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5082 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201310-14 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A series of flaws in Groff enable symlink exploitation; an upgrade is necessary for Gentoo Linux installations.. Groff Attacks, Gentoo GLSA, Symlink Security, Low Severity Issues, Software Upgrade. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Oct 25, 2013 Low Gentoo
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoosymlink attack

Gentoo: GLSA 200411-15 Normal: OpenSSL Groff Symlink Threat

groffer, included in the Groff package, and the der_chop script, included in the OpenSSL package, are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200411-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL, Groff: Insecure tempfile handling Date: November 08, 2004 Bugs: #68404, #68407 ID: 200411-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= groffer, included in the Groff package, and the der_chop script, included in the OpenSSL package, are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. Background ========= OpenSSL is a toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols as well as a general-purpose cryptography library. It includes the der_chop script, which is used to convert DER-encoded certificates to PEM format. Groff (GNU Troff) is a typesetting package which reads plain text mixed with formatting commands and produces formatted output. It includes groffer, a command used to display groff files and man pages on X and tty. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 0.9.7d-r2 > = 0.9.7d-r2 2 sys-apps/groff < 1.19.1-r2 > = 1.19.1-r2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== groffer and the der_chop script create temporary files in world-writeable directories with predictable names. Impact ===== A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When groffer or der_chop is executed, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user. Workaround ========= There is no known workaround at this time. Resolution ========= All Groff users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =sys-apps/groff-1.19.1-r2" All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/openssl-0.9.7d-r2" Note: /etc/ssl/misc/der_chop is protected by Portage as a configuration file. Don't forget to use etc-update and overwrite the old version with the new one. References ========= [ 1 ] CAN-2004-0969 https://www.cve.org/CVERecord?id=CAN-2004-0969 [ 2 ] CAN-2004-0975 https://www.cve.org/CVERecord?id=CAN-2004-0975 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200411-15 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alikelicense. https://creativecommons.org/licenses/by-sa/1.0/ . CVE-2023-xyz: Critical OpenSSL and Groff security notice in Gentoo. Users must update to ensure system integrity.. OpenSSL Security,Gentoo Advisory,Groff Security,Tempfile Attack,Upgrade Recommendations. . LinuxSecurity.com Team

Calendar 2 Nov 08, 2004 Gentoo
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycode executionprintf attack

Debian 2.2 DSA-072-1 Moderate Groff Printf Code Execution Risk

The pic command was vulnerable to a printf format attackwhich made it possible to circumvent the -S option and executearbitrary code.. ------------------------------------------------------------------------ Debian Security Advisory DSA-072-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Wichert Akkerman August 10, 2001 ------------------------------------------------------------------------ Package : groff Problem type : printf format attack Debian-specific: no Zenith Parse found a security problem in groff (the GNU version of troff). The pic command was vulnerable to a printf format attack which made it possible to circumvent the -S option and execute arbitrary code. This has been fixed in version 1.15.2-2. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato --------------------------------- Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: MD5 checksum: 80a1f4d1a73206bc39442c59b3298c31 MD5 checksum: 37c101207617f750821362f14c4d70a3 MD5 checksum: 0c87c54b39a71da4ad92a67f13b740a2 Alpha architecture: MD5 checksum: 914c0bd3a63a42f6ad382a83af6809c3 ARM architecture: MD5 checksum: 86e061ec9c65cd138c809ddf4dc2a32d Intel IA-32 architecture: MD5 checksum: cec3f02dd9c9fc020dd93e0437368a25 Motorola 680x0 architecture: MD5 checksum: b06c81a8d23f54eba8e605a5ce9331fc PowerPC architecture: MD5 checksum: b2adb7c67438c511e9d745b87efa1667 Sun Sparc architecture: MD5 checksum: 1e07e5ecbfc7c066397e97bdf23dc014 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory . -- ---------------------------------------------------------------------------- apt-get: deb Debian -- Security Information stable/updates main dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Vulnerability Advisory reveals a moderate risk of a printf attack that could lead to arbitrary code execution.. groff vulnerability, Debian security fix, printf attack. . LinuxSecurity.com Team

Calendar 2 Aug 10, 2001 Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here