Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
89
security advisoryfedorahardeningFedora 41: FEDORA-2025-809971541d important: udisks2 hardening
Harden temporary private mounts (#2373301). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-809971541d 2025-06-25 01:42:08.365139+00:00 -------------------------------------------------------------------------------- Name : udisks2 Product : Fedora 41 Version : 2.10.1 Release : 7.fc41 URL : https://github.com/storaged-project/udisks Summary : Disk Manager Description : The Udisks project provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies. -------------------------------------------------------------------------------- Update Information: Harden temporary private mounts (#2373301) -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 19 2025 Tomas Bzatek - 2.10.1-7 - Harden temporary private mounts (#2373301) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-809971541d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 25, 2025
•Important
Fedora
100
security advisorybuffer overflowsoftware updateSUSE: 2025:0632-1 important: postgresql14 invalid input hardening
* bsc#1237093 Cross-References: * CVE-2025-1094 . # Security update for postgresql14 Announcement ID: SUSE-SU-2025:0632-1 Release Date: 2025-02-21T14:11:05Z Rating: important References: * bsc#1237093 Cross-References: * CVE-2025-1094 CVSS scores: * CVE-2025-1094 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1094 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1094 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.17: * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly- encoded input strings (bsc#1237093). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patchSUSE-SLE-Product-HPC-15-SP3-LTSS-2025-632=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-632=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-632=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-632=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-632=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-632=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-632=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-632=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-632=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-632=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-632=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-632=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-632=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 *postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 *postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-14.17-150200.5.55.1 * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-llvmjit-devel-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-llvmjit-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql14-plperl-14.17-150200.5.55.1 *postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Linux Enterprise Server for SAP Applications 15SP5 (ppc64le x86_64) * postgresql14-llvmjit-14.17-150200.5.55.1 * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-llvmjit-devel-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-llvmjit-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 *postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 *postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Manager Server 4.3 (noarch) * postgresql14-docs-14.17-150200.5.55.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql14-plperl-14.17-150200.5.55.1 * postgresql14-server-devel-14.17-150200.5.55.1 * postgresql14-pltcl-14.17-150200.5.55.1 * postgresql14-server-14.17-150200.5.55.1 * postgresql14-plperl-debuginfo-14.17-150200.5.55.1 * postgresql14-plpython-14.17-150200.5.55.1 * postgresql14-debuginfo-14.17-150200.5.55.1 * postgresql14-server-debuginfo-14.17-150200.5.55.1 * postgresql14-14.17-150200.5.55.1 * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1 * postgresql14-devel-14.17-150200.5.55.1 * postgresql14-plpython-debuginfo-14.17-150200.5.55.1 * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1 * postgresql14-contrib-14.17-150200.5.55.1 * postgresql14-contrib-debuginfo-14.17-150200.5.55.1 * postgresql14-debugsource-14.17-150200.5.55.1 * postgresql14-devel-debuginfo-14.17-150200.5.55.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql14-docs-14.17-150200.5.55.1 ## References: * https://www.suse.com/security/cve/CVE-2025-1094.html * https://bugzilla.suse.com/show_bug.cgi?id=1237093 . Important security enhancement for postgresql14 resolves problems related to improperly encoded input strings and fixes potential security flaws.. postgresql14 Security Advisory,SUSE Update,Security Management,PostgreSQL Patch. . Severity: Important. LinuxSecurity.com Team
Feb 21, 2025
•Important
SuSE
100
security advisorymoderatehardeningSUSE: 2021:1560-1 Moderate: Drbd-Utils Position Independent Hardening
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for drbd-utils ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1560-1 Rating: moderate References: #1185132 Affected Products: SUSE Linux Enterprise High Availability 15-SP1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for drbd-utils fixes the following issues: - Hardening: Made all binaries position independent (bsc#1185132) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 15-SP1: zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2021-1560=1 Package List: - SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64): drbd-utils-9.6.0-6.15.1 drbd-utils-debuginfo-9.6.0-6.15.1 drbd-utils-debugsource-9.6.0-6.15.1 References: https://bugzilla.suse.com/1185132 . SUSE Security Patch for drbd-utils, categorized as moderate risk, focusing on enhancing security through the implementation of position-independent binaries.. SUSE Security Update, Drbd-Utils Update, Position Independent Binaries, HA Security Fixes. . LinuxSecurity.com Team
May 11, 2021
SuSE
100
security advisorymoderatesecurity updateSUSE: 2021:1559-1 Moderate: Drbd-Utils Update for Hardening
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for drbd-utils ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1559-1 Rating: moderate References: #1185132 Affected Products: SUSE Linux Enterprise High Availability 15 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for drbd-utils fixes the following issues: - Hardening: Made all binaries position independent (bsc#1185132) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 15: zypper in -t patch SUSE-SLE-Product-HA-15-2021-1559=1 Package List: - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64): drbd-utils-9.6.0-3.15.1 drbd-utils-debuginfo-9.6.0-3.15.1 drbd-utils-debugsource-9.6.0-3.15.1 References: https://bugzilla.suse.com/1185132 . Enhancement release for drbd-utils in openSUSE to mitigate vulnerabilities for better defense mechanisms.. SUSE Linux, drbd-utils, security updates, hardening methods. . LinuxSecurity.com Team
May 11, 2021
SuSE
89
security advisoryupdatecriticalCritical ISDN Enhancements in Fedora 33 with libpri 1.6.0-9 Release
Build with hardening flags enabled; also, add -doc subpackage, fix .so version symlinking, make -devel dependency on main package strict (arched), and other minor improvements.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-2f1ef40a96 2020-12-13 02:07:36.430554 --------------------------------------------------------------------------------Name : libpri Product : Fedora 33 Version : 1.6.0 Release : 9.fc33 URL : https://www.asterisk.org/ Summary : An implementation of Primary Rate ISDN Description : libpri is a C implementation of the Primary Rate ISDN specification. It was based on the Bellcore specification SR-NWT-002343 for National ISDN. As of May 12, 2001, it has been tested work to with NI-2, Nortel DMS-100, and Lucent 5E Custom protocols on switches from Nortel and Lucent. --------------------------------------------------------------------------------Update Information: Build with hardening flags enabled; also, add -doc subpackage, fix .so version symlinking, make -devel dependency on main package strict (arched), and other minor improvements. --------------------------------------------------------------------------------ChangeLog: * Thu Dec 3 2020 Benjamin A. Beasley - 1.6.0-9 - Reformat whitespace - Convert URLs from HTTP to HTTPS - Add BR on make for https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot - Use macros to reduce repetition throughout - Use modern macros (license, make_build/make_install) - Make -devel dependency on main package strict (arched) - Add -doc subpackage with finite state machine pseudocode - Fix so version symlinking - Add patch from Debian for upstream issue PRI-186 (libpri fails to build with GCC 10) - Honor system rpm configuration build flags, including hardening flags - Run some tests * Sat Aug 1 2020 Fedora Release Engineering - 1.6.0-8 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 28 2020 Fedora Release Engineering - 1.6.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jan 29 2020 Fedora Release Engineering - 1.6.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-2f1ef40a96' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 12, 2020
•Critical
Fedora
172
security advisoryhardeningkernelUbuntu 16.04 LTS: USN-4007-2 Critical: Linux Kernel ASLR Bypass
A system hardening measure could be bypassed.. =========================================================================Ubuntu Security Notice USN-4007-2 June 04, 2019 linux-aws-hwe, linux-hwe, linux-oracle vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: A system hardening measure could be bypassed. Software Description: - linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems - linux-hwe: Linux hardware enablement (HWE) kernel - linux-oracle: Linux kernel for Oracle Cloud systems Details: USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization (ASLR) in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardening measure, this update disables a.out support. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.15.0-1014-oracle 4.15.0-1014.16~16.04.1 linux-image-4.15.0-1040-aws 4.15.0-1040.42~16.04.1 linux-image-4.15.0-51-generic 4.15.0-51.55~16.04.1 linux-image-4.15.0-51-generic-lpae 4.15.0-51.55~16.04.1 linux-image-4.15.0-51-lowlatency 4.15.0-51.55~16.04.1 linux-image-aws-hwe 4.15.0.1040.40 linux-image-generic-hwe-16.04 4.15.0.51.72 linux-image-generic-lpae-hwe-16.04 4.15.0.51.72 linux-image-lowlatency-hwe-16.04 4.15.0.51.72 linux-image-oem 4.15.0.51.72 linux-image-oracle 4.15.0.1014.8 linux-image-virtual-hwe-16.04 4.15.0.51.72 After a standard system update you need to reboot your computer tomake all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4007-2 https://ubuntu.com/security/notices/USN-4007-1 CVE-2019-11191 Package Information: https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1040.42~16.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-51.55~16.04.1 https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1014.16~16.04.1 . Ubuntu 16.04 LTS advisory covering kernel hardening and necessary updates for critical security issues.. Ubuntu Kernel Updates, Linux HWE Security, ASLR Bypass, System Hardening. . Severity: Critical. LinuxSecurity.com Team
Jun 04, 2019
•Critical
Ubuntu
89
security advisorysoftware updateFedoraFedora 23 Wildmagic5 Security Update: Improved Hardening
wildmagic5-5.13-12.fc23 - Rebuild with -fPIC - Hardened builds on
Nov 13, 2015
•Important
Fedora
89
security advisoryFedorahardeningFedora 21: Icecat Security Update Notification - Enhanced Privacy Features
icecat-38.3.0-10.fc23 - Rebuild with RPM_LD_FLAGS - Activated hardened_build icecat-38.3.0-10.fc22 - Rebuild with RPM_LD_FLAGS - Activated hardened_build icecat-38.3.0-10.fc21 - Rebuild with RPM_LD_FLAGS - Activated hardened_build. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-d0e48b2eb1 2015-11-09 20:14:23.881187 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 21 Version : 38.3.0 Release : 10.fc21 URL : Summary : GNU version of Firefox browser Description : GNUZilla Icecat is a fully-free fork of Mozilla Firefox. Four extensions are included to this version of IceCat: * LibreJS 6.0.10.20150620 GNU LibreJS aims to address the JavaScript problem described in Richard Stallman''s article The JavaScript Trap. * SpyBlock 2.6.9.0 Blocks privacy trackers while in normal browsing mode, and all third party requests when in private browsing mode. Based on Adblock Plus. * AboutIceCat 1.0 Adds a custom "about:icecat" homepage with links to information about the free software and privacy features in IceCat, and check-boxes to enable and disable the ones more prone to break websites. * HTML5-video-everywhere 0.3.3 Uses the native video player to play embedded videos from different sources -------------------------------------------------------------------------------- Update Information: icecat-38.3.0-10.fc23 - Rebuild with RPM_LD_FLAGS - Activated hardened_build icecat-38.3.0-10.fc22 - Rebuild with RPM_LD_FLAGS - Activated hardened_build icecat-38.3.0-10.fc21 - Rebuild with RPM_LD_FLAGS - Activated hardened_build -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c ''yum update icecat'' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora ProjectGPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Nov 10, 2015
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!