Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (4)

Important (1)

Dovecot (141)

debian (8034)

denial of service (18299)

important (27751)

information leak (1384)

security advisory (114945)

critical (18622)

gsasl (5)

security update (9017)

SuSE (3977)

Debian (1)

Fedora (2)

Gentoo (1)

Ubuntu (1)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -3 articles for you...

security advisorygentoocode execution

Gentoo GLSA-202506-05 high: GTK+ 3 search path code execution threat

A vulnerability has been discovered in Gtk+, which can lead to arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202506-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: GTK+ 3: Search path vulnerability Date: June 12, 2025 Bugs: #949825 ID: 202506-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in Gtk+, which can lead to arbitrary code execution. Background ========== GTK+ (GIMP Toolkit +) is a toolkit for creating graphical user interfaces. Affected packages ================= Package Vulnerable Unaffected ------------- ------------ ------------ x11-libs/gtk+ < 3.24.48 > = 3.24.48 Description =========== A vulnerability has been discovered in GTK+ 3. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifier for details. Workaround ========== There is no known workaround at this time. Resolution ========== All GTK+ 3 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =x11-libs/gtk+-3.24.48" References ========== [ 1 ] CVE-2024-6655 https://nvd.nist.gov/vuln/detail/CVE-2024-6655 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202506-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright2025 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . A vulnerability in GTK+ 3 could permit the execution of arbitrary code; it is advisable to update to maintain security.. GTK+ Search Path, Gentoo Security, High Severity Advisory, Code Execution Threat. . LinuxSecurity.com Team

Jun 12, 2025 Gentoo

security advisorymoderatefedora

Fedora 40: 2024-157a12bc2e Critical: Cinnamon Security Patch

Update to 3.24.43. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-145e88df1c 2024-07-20 02:25:12.283416 -------------------------------------------------------------------------------- Name : gtk3 Product : Fedora 40 Version : 3.24.43 Release : 1.fc40 URL : https://gtk.org Summary : GTK+ graphical user interface library Description : GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a complete set of widgets, GTK+ is suitable for projects ranging from small one-off tools to complete application suites. This package contains version 3 of GTK+. -------------------------------------------------------------------------------- Update Information: Update to 3.24.43 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 11 2024 nmontero - 3.24.43-1 - Update to 3.24.43 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-145e88df1c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 40's GTK+ GUI toolkit has been revamped to address urgent security vulnerabilities. Update for improved reliability.. GTK Update, Fedora Software, Security Patch, Graphical Library, Update Notification. . Severity: Critical. LinuxSecurity.com Team

Jul 20, 2024 •Critical Fedora

security advisoryfedoraupdate

Fedora 39: 2024-ee43b83290 Critical: WebKitGTK 2.44.0 Security Advisory

Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF. Improved vblank synchronization when rendering. Removed key event reinjection in GTK4 to make keyboard shortcuts work in web. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ee43b83290 2024-03-22 01:15:00.283857 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 39 Version : 2.44.0 Release : 2.fc39 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF. Improved vblank synchronization when rendering. Removed key event reinjection in GTK4 to make keyboard shortcuts work in web sites. Fix gamepads detection by correctly handling focused window in GTK4. CVE-2024-23263, CVE-2024-23280, CVE-2024-23284 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 17 2024 Michael Catanzaro - 2.44.0-2 - Fix i686 build * Sat Mar 16 2024 Michael Catanzaro - 2.44.0-1 - Upgrade to WebKitGTK 2.44.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ee43b83290' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora Release Alert for webkitgtk 2.44.0 highlights enhancements in accessibility features and rendering capabilities.. Fedora Update, WebKitGTK, Security Advisory, GTK4, Accessibility. . Severity: Critical. LinuxSecurity.com Team

Mar 22, 2024 •Critical Fedora

security advisorybuffer overflowremote access

RedHat: RHSA-2020-4187-01 Important: Spice Buffer Overflow Threat

An update for spice and spice-gtk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: spice and spice-gtk security update Advisory ID: RHSA-2020:4187-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4187 Issue date: 2020-10-06 CVE Names: CVE-2020-14355 ==================================================================== 1. Summary: An update for spice and spice-gtk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple Protocol for Independent Computing Environments (SPICE) clients. Both VirtualMachine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Security Fix(es): * spice: multiple buffer overflow vulnerabilities in QUIC decoding code (CVE-2020-14355) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All applications using SPICE (most notably all QEMU-KVM instances using the SPICE console) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1868435 - CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: spice-0.14.0-9.el7_9.1.src.rpm spice-gtk-0.35-5.el7_9.1.src.rpm x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-glib-0.35-5.el7_9.1.i686.rpm spice-glib-0.35-5.el7_9.1.x86_64.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-0.35-5.el7_9.1.i686.rpm spice-gtk3-0.35-5.el7_9.1.x86_64.rpm spice-server-0.14.0-9.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-glib-devel-0.35-5.el7_9.1.i686.rpm spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): Source: spice-0.14.0-9.el7_9.1.src.rpm x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-server-0.14.0-9.el7_9.1.x86_64.rpm spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: spice-0.14.0-9.el7_9.1.src.rpm spice-gtk-0.35-5.el7_9.1.src.rpm s390x: spice-glib-0.35-5.el7_9.1.s390.rpm spice-glib-0.35-5.el7_9.1.s390x.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.s390.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.s390x.rpm spice-gtk3-0.35-5.el7_9.1.s390.rpm spice-gtk3-0.35-5.el7_9.1.s390x.rpm x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-glib-0.35-5.el7_9.1.i686.rpm spice-glib-0.35-5.el7_9.1.x86_64.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-0.35-5.el7_9.1.i686.rpm spice-gtk3-0.35-5.el7_9.1.x86_64.rpm spice-server-0.14.0-9.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): Source: spice-gtk-0.35-5.el7_9.1.src.rpm ppc64le: spice-glib-0.35-5.el7_9.1.ppc64le.rpm spice-glib-devel-0.35-5.el7_9.1.ppc64le.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.ppc64le.rpm spice-gtk-tools-0.35-5.el7_9.1.ppc64le.rpm spice-gtk3-0.35-5.el7_9.1.ppc64le.rpm spice-gtk3-devel-0.35-5.el7_9.1.ppc64le.rpm spice-gtk3-vala-0.35-5.el7_9.1.ppc64le.rpm s390x: spice-glib-devel-0.35-5.el7_9.1.s390.rpm spice-glib-devel-0.35-5.el7_9.1.s390x.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.s390.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.s390x.rpm spice-gtk-tools-0.35-5.el7_9.1.s390x.rpm spice-gtk3-devel-0.35-5.el7_9.1.s390.rpm spice-gtk3-devel-0.35-5.el7_9.1.s390x.rpm spice-gtk3-vala-0.35-5.el7_9.1.s390x.rpm x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-glib-devel-0.35-5.el7_9.1.i686.rpm spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: spice-0.14.0-9.el7_9.1.src.rpm spice-gtk-0.35-5.el7_9.1.src.rpm x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-glib-0.35-5.el7_9.1.i686.rpm spice-glib-0.35-5.el7_9.1.x86_64.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-0.35-5.el7_9.1.i686.rpm spice-gtk3-0.35-5.el7_9.1.x86_64.rpm spice-server-0.14.0-9.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.7): x86_64: spice-debuginfo-0.14.0-9.el7_9.1.x86_64.rpm spice-glib-devel-0.35-5.el7_9.1.i686.rpm spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.i686.rpm spice-gtk-debuginfo-0.35-5.el7_9.1.x86_64.rpm spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-14355 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3zNh9zjgjWX9erEAQiv2xAAgS+Or5UIhX+jDqVyv6dQrHdyqd6+K0Cx LFZo06ySpDBv/jAcgukTCR4oTlxFONuEKk1mxntR2PTVBUTdne/CI0GVK447wU8v R/KWk9eSWz/EPr7JYqEG6dcy4FmnxPquFzstPjXLyDnZZm9yXeXfi2oZXOIq0dnc ZueOx6Kbsdrj/WThzVqh/TirXVh0q/t69cigBrfbZuldIZi0KEe333WWRpRy7e+s kBwWAvmW1LS7B5EZ78jY4lrryg63cVLkFFigNxSvpKQ3WAdGmpuXynxhExUoQ9Je zDQAAj/RwRj8/VPM56J0VKlRXU/z8GRN25BXSKbOBs78Eym1Htk2dvTs7A4YL1Mt rvptGLzi5+TIJRU80Ud1GcjrZN1ecvTWbiwoGeMWaOLEC4pU8y0D+oeC/cJD3Nor oIN2UdfGKgMg5jNTilxUGqD9nWt8tTNv7pp+DHoSPIV3O4DD43+vREZrcgh43OxH CCSHy+sD1lNjcu3sQ9heKhcI6c+HAHRTJbAfh73V7dbEMaak/CDJSSf76xVw2pL9 P4cuGPEFO0B9feCseHVnvZItP41loE8RNNw4vJ0fxcW7LLLl9/1QQxczhfjMrYMi MbK+Jol4w9jX/X+Pc6okDzS0lmgyFmSyHTbrTzGrfZ9coAQ4xpkBGFmEZi+x9oFl d0fVcVxPjLY=mos9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial Red Hat patch addresses significant buffer overflow issues in spice and spice-gtk applications. Discover more details here.. spice update, redhat security, spice gtk, remote display, buffer overflow. . Severity: Important. LinuxSecurity.com Team

Oct 06, 2020 •Important Red Hat

172

security advisoryupdatebuffer overflow

Ubuntu 6.06 LTS USN-390-3 Critical: Evince-Gtk Buffer Overflow

USN-390-2 fixed vulnerabilities in evince. This update provides the corresponding update for evince-gtk.. =========================================================== Ubuntu Security Notice USN-390-3 December 06, 2006 evince-gtk vulnerability CVE-2006-5864 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: evince-gtk 0.5.2-0ubuntu2.1 Ubuntu 6.10: evince-gtk 0.5.2-0ubuntu4.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-390-2 fixed vulnerabilities in evince. This update provides the corresponding update for evince-gtk. Original advisory details: A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user's privileges. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 22511 0cf118d6918268ba4f53c9b21c2e4abc Size/MD5: 893 6bd5d56c1d26042f0882ad1c8f35d8c4 Size/MD5: 1362513 5020afb1768d89c251ad8c2a233d9fcf amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 311524 9afc1a61adb192c0c115bcc8231008c1 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 282212 15a8292c95bed93d2af5d4917172ca8c powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 299064 510f7b8c93b8a8a65f71cae17176cd59 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 287254 f75088c1015e44cf7ed2633340d0d24f Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 22622 194a824da15c50fe472762f960f2b9fb Size/MD5: 893 24d9a86b4a012fd133ee37b538e9156c Size/MD5: 1362513 5020afb1768d89c251ad8c2a233d9fcf amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 305732 af144ed0736a7ef77aba67ef9cbbeaae i386 architecture (x86 compatible Intel/AMD) Size/MD5: 286362 21f58e429f79a605fa2bff0c36a7cbb6 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 293918 c9e00c6154cddae33bd8c99afbace8fd sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 282784 596cfcc780feac5016866a46375cbc42 . The recent Evince-gtk upgrade resolves a serious buffer overflow vulnerability in Ubuntu, boosting the overall security of the system. Ensure your protection today.. Evince Gtk Security, Ubuntu Patches, Buffer Overflow Fix. . Severity: Critical. LinuxSecurity.com Team

Dec 06, 2006 •Critical Ubuntu

security advisorybuffer overflowremote exploit

Debian: DSA-074-1 Critical: wmaker Remote Exploit Buffer Overflow

The code that handles titles in the window list menu didnot check the length of the title when copying it to a buffer.. ------------------------------------------------------------------------ Debian Security Advisory DSA-074-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Wichert Akkerman August 12, 2001 ------------------------------------------------------------------------ Package : wmaker Problem type : buffer overflow Debian-specific: no Alban Hertroys found a buffer overflow in Window Maker (a popular window manager for X). The code that handles titles in the window list menu did not check the length of the title when copying it to a buffer. Since applications will set the title using untrusted data (for example web browsers will set the title of their window to the title of the web-page being shown) this could be exploited remotely. This has been fixed in version 0.61.1-4.1 of the Debian package, and upstream version 0.65.1. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato --------------------------------- Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: MD5 checksum: 3038244891749b522ffafdd5a47c7f49 MD5 checksum: 3c0779b1145facb7b747cc1229763f88 MD5 checksum: ed92ef5b52dbde235e6b9fcf1ff2a29a Alpha architecture: MD5 checksum: bc9933a05f8cdb4b56c0333218445895 MD5 checksum: e17eeb375f21fd4328ee936c39d717eb MD5 checksum: 3c0f585d2b91c3f8c53ca13a54f4c2aa MD5 checksum: a642754abddce4c6783c412c1dcdeead MD5 checksum: 9b49e0e76a89364fb38ed39d8f92a35f MD5 checksum: 32d409ca1f97ffcfd5f0149ac582f286 ARM architecture: MD5 checksum: f58911ef570c42a457328e6f3a454dab MD5 checksum: aee517ccfdc8a7a82acfd6afb8f49be7 MD5 checksum: 68d9d6b1bf5431ecf76786dffae9271c MD5 checksum: fc1b5ad7299c420410a3a5c7dc709df9 MD5 checksum: be6e2bdf5668f4c6f1bd6576a7343d3e MD5 checksum: a5eb7a8ad9ec708e97758564e328bcc2 Intel IA-32 architecture: MD5 checksum: c0a2fd1c43ad010b7e44a2d9b304080a MD5 checksum: 57cc734cee2211a96b9a611844b2222f MD5 checksum: 8b206c90890d7cdeee4f3f793fb0ca9a MD5 checksum: ad998176696e919af113c59a959f301b MD5 checksum: 4736cd5c428c72325f1896a62e14d8c2 MD5 checksum: b1a4d4c2489582e5dce8ab62f76ba343 Motorola 680x0 architecture: MD5 checksum: c5b8847e5714564543bd0a8f1bc48194 MD5 checksum: 29de728ae7a3f74d24a76c2e66eefaf6 MD5 checksum: 14b33fe41884d688783bef6eab8fd6f7 MD5 checksum: 543bd9e9650fddbb3f4dcc9a1c77574f MD5 checksum: 7b5ab0a6589686f401889facd1652384 MD5 checksum: 96f089aeb1ff5f68f6f6351ab56e1a22 PowerPC architecture: MD5 checksum: e5eb8f54476b6f7825b674f59c5178d6 MD5 checksum: b1d9301b8d940c56db3b109dbf90a919 MD5 checksum: e838fc1523aded3b3579178aac1ac371 MD5 checksum: 40439c0a37869a3af76cfe0ff67749cf MD5 checksum: 35e8e93bc4e2ccacfee57e9d34109365 MD5 checksum: 5b897aa65e02da99a9fadab007b72b79 Sun Sparc architecture: MD5 checksum: 67327e4837e615ecc11aaf299cd021d7 MD5 checksum: 6cb2dd71640f8dc7504aacd7d6aed008 MD5 checksum: 02b5ddb9dbb345a2e51894a6b536b342 MD5 checksum: f6dade2112ad2ed0e309db43718e65de MD5 checksum: 45980b7e4ad1eb2d4fa2402180750328 MD5 checksum: 40493ced3e5343deecc560e6c3c633a4 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory . -- ---------------------------------------------------------------------------- apt-get: deb Debian -- Security Information stable/updatesmain dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Uncover a critical vulnerability in the wmaker software that enables distant attackers to manipulate the system. Find out the steps to remediate this issue.. Debian Security, Buffer Overflow, Critical Threat. . Severity: Critical. LinuxSecurity.com Team

Aug 12, 2001 •Critical Debian

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Gentoo GLSA-202506-05 high: GTK+ 3 search path code execution threat

Fedora 40: 2024-157a12bc2e Critical: Cinnamon Security Patch

Fedora 39: 2024-ee43b83290 Critical: WebKitGTK 2.44.0 Security Advisory

RedHat: RHSA-2020-4187-01 Important: Spice Buffer Overflow Threat

Ubuntu 6.06 LTS USN-390-3 Critical: Evince-Gtk Buffer Overflow

Debian: DSA-074-1 Critical: wmaker Remote Exploit Buffer Overflow

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!