Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
219
security advisorybuffer overflowimportantRocky Linux 8 RLSA-2026-6446 Significant Buffer Flaw in libjpeg-turbo Found
Important: libpng12 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6445", "synopsis": "Important: libpng12 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libpng12.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libpng12 package provides libpng 1.2, which is the previous version of the libpng library for manipulating PNG (Portable Network Graphics) image format files. This version should be used in case that it is not possible to use the current version of libpng.\n\nSecurity Fix(es):\n\n* libpng: LIBPNG has a heap buffer overflow in png_set_quantize (CVE-2026-25646)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2438542", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2438542", "description": ""}], "cves": [{"name": "CVE-2026-25646", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25646", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "cvss3BaseScore": "7.0", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-04-09T06:02:21.819616Z", "rpms": {"Rocky Linux 8": {"nvras": ["libpng12-0:1.2.57-6.el8_10.aarch64.rpm", "libpng12-0:1.2.57-6.el8_10.i686.rpm", "libpng12-0:1.2.57-6.el8_10.src.rpm", "libpng12-0:1.2.57-6.el8_10.x86_64.rpm", "libpng12-debuginfo-0:1.2.57-6.el8_10.aarch64.rpm", "libpng12-debuginfo-0:1.2.57-6.el8_10.i686.rpm", "libpng12-debuginfo-0:1.2.57-6.el8_10.x86_64.rpm", "libpng12-debugsource-0:1.2.57-6.el8_10.aarch64.rpm", "libpng12-debugsource-0:1.2.57-6.el8_10.i686.rpm", "libpng12-debugsource-0:1.2.57-6.el8_10.x86_64.rpm"]}},"rebootSuggested": false, "buildReferences": []}. An important security update for Rocky Linux addressing a buffer overflow in libpng12 to enhance system safety.. Rocky Linux libpng12 security update buffer overflow important. . Severity: Important. LinuxSecurity.com Team
Apr 09, 2026
•Important
Rocky Linux
202
security advisoryimportantlibsoupopenSUSE Leap 15.4: libsoup Important Heap Use-After-Free CVE-2025-12105
An update that solves two vulnerabilities can now be installed.. # Security update for libsoup Announcement ID: SUSE-SU-2025:4514-1 Release Date: 2025-12-23T15:00:01Z Rating: important References: * bsc#1241238 * bsc#1252555 Cross-References: * CVE-2025-12105 * CVE-2025-32911 CVSS scores: * CVE-2025-12105 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-12105 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-12105 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32911 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32911 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves two vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-12105: Fixed heap use-after-free in message queue handling during HTTP/2 read completion (bsc#1252555) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_updateor "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4514=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4514=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4514=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4514=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-4514=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4514=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4514=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4514=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4514=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4514=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4514=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4514=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4(ppc64le x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Manager Proxy 4.3 LTS (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Manager Server 4.3 LTS (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 *typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * openSUSE Leap 15.4 (x86_64) * libsoup-3_0-0-32bit-debuginfo-3.0.4-150400.3.21.1 * libsoup-3_0-0-32bit-3.0.4-150400.3.21.1 * libsoup-devel-32bit-3.0.4-150400.3.21.1 * openSUSE Leap 15.4 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup-3_0-0-64bit-debuginfo-3.0.4-150400.3.21.1 * libsoup-devel-64bit-3.0.4-150400.3.21.1 * libsoup-3_0-0-64bit-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 *typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * libsoup-lang-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-3.0.4-150400.3.21.1 * libsoup-devel-3.0.4-150400.3.21.1 * libsoup-debugsource-3.0.4-150400.3.21.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.21.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * libsoup-lang-3.0.4-150400.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12105.html * https://www.suse.com/security/cve/CVE-2025-32911.html * https://bugzilla.suse.com/show_bug.cgi?id=1241238 * https://bugzilla.suse.com/show_bug.cgi?id=1252555 . Update available for critical libsoup vulnerabilities in openSUSE. Immediate installation recommended for security.. openSUSE updates libsoup vulnerabilities security patch. . Severity: Important. LinuxSecurity.com Team
Dec 23, 2025
•Important
OpenSUSE
203
security advisorybuffer overflowsoftware updateMageia: Critical Alert 2025-0169 - Cimg Heap Buffer Overflow Issue
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimg_library::CImg ::_load_analyze. (CVE-2024-26540) References: . MGASA-2025-0169 - Updated cimg packages fix security vulnerability Publication date: 28 May 2025 URL: https://advisories.mageia.org/MGASA-2025-0169.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-26540 A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimg_library::CImg ::_load_analyze. (CVE-2024-26540) References: - https://bugs.mageia.org/show_bug.cgi?id=34214 - https://ubuntu.com/security/notices/USN-7437-1 - https://www.cve.org/CVERecord?id=CVE-2024-26540 SRPMS: - 9/core/cimg-3.2.5-1.1.mga9 . The latest cimg updates address the heap overflow vulnerability found in Mageia. Essential security measures are detailed within.. cimg security, buffer overflow fix, Mageia advisory, heap overflow, software updates. . Severity: Critical. LinuxSecurity.com Team
May 28, 2025
•Critical
Mageia
203
security advisorysoftware updategraphics softwareMageia 9: 2025-0148 Critical Fix for GraphicsMagick Buffer Issue
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. (CVE-2025-32460) References: . MGASA-2025-0148 - Updated graphicsmagick packages fix security vulnerabilities Publication date: 05 May 2025 URL: https://advisories.mageia.org/MGASA-2025-0148.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-32460 GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. (CVE-2025-32460) References: - https://bugs.mageia.org/show_bug.cgi?id=34218 - - https://lists.debian.org/debian-security-announce/2025/msg00067.html - https://lists.suse.com/pipermail/sle-updates/2025-April/039065.html - https://www.cve.org/CVERecord?id=CVE-2025-32460 SRPMS: - 9/core/graphicsmagick-1.3.40-1.2.mga9 - 9/tainted/graphicsmagick-1.3.40-1.2.mga9.tainted . GraphicsMagick is experiencing a buffer over-read vulnerability in Mageia for version 9; a patch has been released to address this problem.. Mageia update, GraphicsMagick patch, buffer over-read, security fix, security advisory. . Severity: Critical. LinuxSecurity.com Team
May 05, 2025
•Critical
Mageia
203
security advisoryinteger overflowpopplerMageia: 2019-0277 High: Libpng Memory Corruption Vulnerability Mitigation
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, . MGASA-2019-0276 - Updated poppler packages fix security vulnerabilities Publication date: 15 Sep 2019 URL: https://advisories.mageia.org/MGASA-2019-0276.html Type: security Affected Mageia releases: 6, 7 CVE: CVE-2019-9959, CVE-2019-10871 The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. (CVE-2019-9959) An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. (CVE-2019-10871) References: - https://bugs.mageia.org/show_bug.cgi?id=25432 - https://access.redhat.com/errata/RHSA-2019:2713 - https://www.cve.org/CVERecord?id=CVE-2019-9959 - https://www.cve.org/CVERecord?id=CVE-2019-10871 SRPMS: - 7/core/poppler-0.74.0-3.2.mga7 - 6/core/poppler-0.52.0-3.14.mga6 . The recent update MGASA-2022-0361 for OpenSSH resolves critical security issues, mitigating potential risks associated with buffer overflow attacks.. Poppler Security Update, Mageia Advisory, Integer Overflow Attack. . LinuxSecurity.com Team
Sep 15, 2019
Mageia
202
security advisorymoderatefile disclosureopenSUSE: 2019:1795-1 Moderate: ImageMagick Buffer Over-read Patch
An update that solves one vulnerability and has one errata is now available.. openSUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1795-1 Rating: moderate References: #1138425 #1138464 Cross-References: CVE-2019-11597 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage() (bsc#1138464). - Fixed a file content disclosure via SVG and WMF decoding (bsc#1138425). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-1795=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1795=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): ImageMagick-7.0.7.34-lp151.7.6.1 ImageMagick-config-7-SUSE-7.0.7.34-lp151.7.6.1 ImageMagick-config-7-upstream-7.0.7.34-lp151.7.6.1 ImageMagick-debuginfo-7.0.7.34-lp151.7.6.1 ImageMagick-debugsource-7.0.7.34-lp151.7.6.1 ImageMagick-devel-7.0.7.34-lp151.7.6.1 ImageMagick-extra-7.0.7.34-lp151.7.6.1 ImageMagick-extra-debuginfo-7.0.7.34-lp151.7.6.1 libMagick++-7_Q16HDRI4-7.0.7.34-lp151.7.6.1 libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-lp151.7.6.1 libMagick++-devel-7.0.7.34-lp151.7.6.1 libMagickCore-7_Q16HDRI6-7.0.7.34-lp151.7.6.1 libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-lp151.7.6.1 libMagickWand-7_Q16HDRI6-7.0.7.34-lp151.7.6.1 libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-lp151.7.6.1 perl-PerlMagick-7.0.7.34-lp151.7.6.1 perl-PerlMagick-debuginfo-7.0.7.34-lp151.7.6.1 - openSUSE Leap 15.1 (noarch): ImageMagick-doc-7.0.7.34-lp151.7.6.1 - openSUSE Leap 15.1 (x86_64): ImageMagick-devel-32bit-7.0.7.34-lp151.7.6.1 libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp151.7.6.1 libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-lp151.7.6.1 libMagick++-devel-32bit-7.0.7.34-lp151.7.6.1 libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.6.1 libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-lp151.7.6.1 libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.6.1 libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-lp151.7.6.1 - openSUSE Leap 15.0 (i586 x86_64): ImageMagick-7.0.7.34-lp150.2.35.1 ImageMagick-config-7-SUSE-7.0.7.34-lp150.2.35.1 ImageMagick-config-7-upstream-7.0.7.34-lp150.2.35.1 ImageMagick-debuginfo-7.0.7.34-lp150.2.35.1 ImageMagick-debugsource-7.0.7.34-lp150.2.35.1 ImageMagick-devel-7.0.7.34-lp150.2.35.1 ImageMagick-extra-7.0.7.34-lp150.2.35.1 ImageMagick-extra-debuginfo-7.0.7.34-lp150.2.35.1 libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.35.1 libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-lp150.2.35.1 libMagick++-devel-7.0.7.34-lp150.2.35.1 libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.35.1 libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-lp150.2.35.1 libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.35.1 libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-lp150.2.35.1 perl-PerlMagick-7.0.7.34-lp150.2.35.1 perl-PerlMagick-debuginfo-7.0.7.34-lp150.2.35.1 - openSUSE Leap 15.0 (noarch): ImageMagick-doc-7.0.7.34-lp150.2.35.1 - openSUSE Leap 15.0 (x86_64): ImageMagick-devel-32bit-7.0.7.34-lp150.2.35.1 libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.35.1 libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-lp150.2.35.1 libMagick++-devel-32bit-7.0.7.34-lp150.2.35.1 libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.35.1 libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-lp150.2.35.1 libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.35.1 libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-lp150.2.35.1 References: https://www.suse.com/security/cve/CVE-2019-11597.html https://bugzilla.suse.com/1138425 https://bugzilla.suse.com/1138464 -- . A recent update for ImageMagick has been released, targeting security vulnerabilities on openSUSE Leap 15.0 and 15.1 systems, applying fixes classified as having a moderate severity level.. ImageMagick Update, openSUSE Security, Buffer Over-read Fix, File Disclosure Resolution. . LinuxSecurity.com Team
Jul 23, 2019
OpenSUSE
89
security advisorysoftware updateFedoraFedora 25: Advisory for GStreamer-Plugins-Good FLX Plugin Security Issue
Disable insecure FLX plugin (rhbz#1397441). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-dcde4f3cd2 2016-12-09 19:11:38.664789 -------------------------------------------------------------------------------- Name : gstreamer-plugins-good Product : Fedora 25 Version : 0.10.31 Release : 17.fc25 URL : https://gstreamer.freedesktop.org/ Summary : GStreamer plug-ins with good code and licensing Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plug-ins. GStreamer Good Plug-ins is a collection of well-supported plug-ins of good quality and under the LGPL license. -------------------------------------------------------------------------------- Update Information: Disable insecure FLX plugin (rhbz#1397441) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397441 - CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder https://bugzilla.redhat.com/show_bug.cgi?id=1397441 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gstreamer-plugins-good' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 09, 2016
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!