Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticalremote attacker

Mageia 8 MGASA-2022-0289 Critical Apache-WSGI Header Issue

It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations (CVE-2022-2255). . MGASA-2022-0289 - Updated apache-mod_wsgi packages fix security vulnerability Publication date: 20 Aug 2022 URL: https://advisories.mageia.org/MGASA-2022-0289.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-2255 It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations (CVE-2022-2255). References: - https://bugs.mageia.org/show_bug.cgi?id=30711 - https://ubuntu.com/security/notices/USN-5551-1 - https://www.cve.org/CVERecord?id=CVE-2022-2255 SRPMS: - 8/core/apache-mod_wsgi-4.6.8-4.1.mga8 . A recent patch for apache-mod_wsgi addresses vulnerabilities that could allow remote adversaries to leverage header flaws in Mageia 8.. apache-mod_wsgi,mageia,security update,header issue,remote access. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 20, 2022 Critical Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalsoftware update

Fedora 33: FEDORA-2020-1c549262f1 Critical: Php-Symfony4 Header Issue

**Version 4.4.13** (2020-09-02) * security **CVE-2020-15094** Remove headers with internal meaning from HttpClient responses (mpdude) * bug #38024 [Console] Fix undefined index for inconsistent command name definition (chalasr) * bug #38023 [DI] fix inlining of non-shared services (nicolas-grekas) * bug #38020 [PhpUnitBridge] swallow deprecations (xabbuh) * bug #38010 [Cache] Psr16Cache. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-1c549262f1 2020-09-25 16:31:57.892213 --------------------------------------------------------------------------------Name : php-symfony4 Product : Fedora 33 Version : 4.4.13 Release : 1.fc33 URL : https://symfony.com Summary : Symfony PHP framework (version 4) Description : Symfony PHP framework (version 4). NOTE: Does not require PHPUnit bridge. --------------------------------------------------------------------------------Update Information: **Version 4.4.13** (2020-09-02) * security **CVE-2020-15094** Remove headers with internal meaning from HttpClient responses (mpdude) * bug #38024 [Console] Fix undefined index for inconsistent command name definition (chalasr) * bug #38023 [DI] fix inlining of non-shared services (nicolas-grekas) * bug #38020 [PhpUnitBridge] swallow deprecations (xabbuh) * bug #38010 [Cache] Psr16Cache does not handle Proxy cache items (alex-dev) * bug #37937 [Serializer] fixed fix encoding of cache keys with anonymous classes (michaelzangerle) ----**Version 4.4.12** (2020-08-31) * bug #37966 [HttpClient][MockHttpClient][DX] Throw when the response factory callable does not return a valid response (fancyweb) * bug #37971 [PropertyInfo] Backport support for typed properties (PHP 7.4) (dunglas) * bug #37970 [PhpUnitBridge] Polyfill new phpunit 9.1 assertions (phpfour) * bug #37960 [PhpUnit] Add polyfill for assertMatchesRegularExpression() (dunglas) * bug #37949 [Yaml] fix more numeric cases changing in PHP8 (xabbuh) * bug #37921 [Yaml] account for is_numeric() behavior changes in PHP 8 (xabbuh) * bug #37912 [ExpressionLanguage] fix passing arguments to call_user_func_array() on PHP 8 (xabbuh) * bug #37907 [Messenger] stop using the deprecated schema synchronizer API (xabbuh) * bug #37900 [Mailer] Fixed mandrill api header structure (wulff) * bug #37888 [Mailer] Reorder headers used to determine Sender (cvmiert) * bug #37872 [Sendgrid-Mailer] Fixed envelope recipients on sendgridApiTransport (arendjantetteroo) * bug #37860 [Serializer][ClassDiscriminatorMapping] Fix getMappedObjectType() when a discriminator child extends another one (fancyweb) * bug #37853 [Validator] ensure that the validator is a mock object for backwards-compatibility (xabbuh) * bug #36340 [Serializer] Fix configuration of the cache key (dunglas) * bug #36810 [Messenger] Do not stack retry stamp (jderusse) * bug #37849 [FrameworkBundle] Add missing mailer transports in xsd (l-vo) * bug #37586 [ErrorHandler][DebugClassLoader] Add mixed and static return types support (fancyweb) * bug #37845 [Serializer] Fix variadic support when using type hints (fabpot) * bug #37841 [VarDumper] Backport handler lock when using VAR_DUMPER_FORMAT (ogizanagi) * bug #37725 [Form] Fix Guess phpdoc return type (franmomu) * bug #37771 Use PHPUnit 9.3 on php 8 (derrabus) * bug #36140 [Validator] Add BC layer for notInRangeMessage when min and max are set (l-vo) * bug #35843 [Validator] Add target guards for Composite nested constraints (ogizanagi) * bug #37803 Fix for issue #37681 (Rav) * bug #37744 [Yaml] Fix for #36624; Allow PHP constant as first key in block (jnye) * bug #37767 [Form] fix mapping errors from unmapped forms (xabbuh) * bug #37731 [Console] Table: support cells with newlines after a cell with colspan > = 2 (GMTA) * bug #37791 Fix redis connect with empty password (alexander-schranz) * bug #37790 Fix deprecated libxml_disable_entity_loader (fabpot) * bug #37763 Fix deprecatedlibxml_disable_entity_loader (jderusse) * bug #37774 [Console] Make sure we pass a numeric array of arguments to call_user_func_array() (derrabus) * bug #37729 [FrameworkBundle] fail properly when the required service is not defined (xabbuh) * bug #37701 [Serializer] Fix that it will never reach DOMNode (TNAJanssen) * bug #37671 [Cache] fix saving no-expiry items with ArrayAdapter (philipp-kolesnikov) * bug #37102 [WebProfilerBundle] Fix error with custom function and web profiler routing tab (JakeFr) * bug #37560 [Finder] Fix GitIgnore parser when dealing with (sub)directories and take order of lines into account (Jeroeny) * bug #37700 [VarDumper] Improve previous fix on light array coloration (l-vo) * bug #37705 [Mailer] Added the missing reset tag to mailer.logger_message_listener (vudaltsov) * bug #37697 [Messenger] reduce column length for MySQL 5.6 compatibility (xabbuh) --------------------------------------------------------------------------------ChangeLog: * Wed Sep 2 2020 Remi Collet - 4.4.13-1 - update to 4.4.13 * Mon Aug 31 2020 Remi Collet - 4.4.12-1 - update to 4.4.12 - allow doctrine/dbal 3.0 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-1c549262f1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 33 has rolled out a crucial update for php-symfony4, addressing multiple critical vulnerabilities. Prompt application of this update is recommended.. php symfony security, Fedora security patch, Symfony updates, header issues fix, php-symfony4 critical update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 25, 2020 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here